OpenText

Lead Threat Research Analyst

13 March 2024
Apply Now
Deadline date:
£87000 - £180000

Job Description

OPENTEXT 
OpenText is a global leader in information management, where innovation, creativity, and collaboration are the key components of our corporate culture. As a member of our team, you will have the opportunity to partner with the most highly regarded companies in the world, tackle complex issues, and contribute to projects that shape the future of digital transformation.

YOUR IMPACT

Do the phrases “mining for gold” or “thrill of the chase” pique your interest? If so, you could be the cybersecurity professional we need to search for threats and protect our clients against sensitive data theft.

As Threat Hunter, you will work closely with our senior threat researcher and partner with clients to investigate the threat leads on their system. You will help to extract data and remove the noise in order to

pinpoint the internal and external threats. Our client base is global and in nearly every industry.

 

 

WHAT THE ROLE OFFERS

● Work with behavioral analytics threat hunting technologies to analyze and identify threat patterns or indicators that can be used for threat detection on our platform.

● Follow the emerging threats and attack techniques by reading detailed analytics anomalies.

● Identify, analyze and define the attack path of advanced intrusions.

● Produce reports that can form the basis for new behavioural models.

● Maintain situational awareness of cyber activity by reviewing new anomalies and tracking attack campaigns through their attack cycle.

● Track threat actors, their tactics, techniques, and procedures (TTPs), and their associated Indicators of Compromise (IOCs) through the analytics.

● Follow the analytic results leveraging additional search techniques including Kibana and Athena.

 

 

WHAT YOU NEED TO SUCCEED

 

Understanding the cybersecurity landscape 

Strong knowledge of current and past malware methods, attack methodologies, and TTPs (Tactics, Techniques, Procedures)

Define client relationships and understand the critical assets in their environment to develop additional detection patterns. 

Experience with common industry EDR/SOAR/Anomaly detection solutions (FireEye, Carbon Black, Endgame, Falcon, etc.) 

Experience with the incident response process, including detecting advanced adversaries, log analysis using SIEM, and malware triage (Optional) 

Knowledge and experience working with the Cyber Kill Chain Model, MITER ATT&CK Matrix. (Optional) 

 

 

Knowledge of Operating Systems and Network Protocols 

An extensive knowledge of Operating System Internals (Windows, *nix, MacOS) / network security concepts and network protocols, netflow and web proxy. 

Scripting knowledge (PowerShell, Python, etc.)

 

Technical Writing and Reporting Skills

Experience preparing security reports and different technical documents

 

 

ONE LAST THING

OpenText is more than just a corporation; it’s a global community where trust is foundational, the bar is raised, and outcomes are owned. Make things work well with smart methods, clear communication, and always trying to do things better. It’s not just about regular work; you get to create new ideas and build good partnerships. Join a collaborative place where they appreciate good leadership, and your work makes a difference right away. Here, our purpose is to make projects great, and our mission is to help you grow in your career. It’s more than a usual job; it’s a way to leave your mark on big projects and be part of a team with a mission.

OpenText’s efforts to build an inclusive work environment go beyond simply complying with applicable laws. Our Employment Equity and Diversity Policy provides direction on maintaining a working environment that is inclusive of everyone, regardless of culture, national origin, race, color, gender, gender identification, sexual orientation, family status, age, veteran status, disability, religion, or other basis protected by applicable laws. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please contact us at [email protected].