Cyber Threat Intelligence Analyst - Emirati Talent

Job Purpose

The primary function of this role is to monitor the ENOC environment on a 24/7 basis and conduct intelligence gathering to identify, monitor, assess, and counter threats posed by cyber threat actors against ENOC IT/OT assets. Additionally, the role involves performing advanced threat modeling of cybersecurity incidents and escalating issues to the Cyber Intelligence Center Manager as per established policies, processes, and procedures.

Principal Accountabilities

Operational

• Follow response procedures and other CIC related SOPs based on incident impact analysis and predetermined response actions. Manage communication of policies & guidelines and monitor CIC operations' compliance with cybersecurity policies & guidelines.
• Identify cyber threats, trends, and new developments by analyzing raw intelligence and data.
• Track developments in technology and cyber threat environments to ensure they are addressed in cybersecurity strategy plans and architecture.
• Monitor the external threat environment for emerging threats and advise relevant stakeholders on appropriate actions.
• Monitor security vulnerability information from vendors and third parties.
• Establish a taxonomy of indicators of compromise (IOCs) and share this with other security units, including the Security Operations Center (CIC).
• Analyze data related to ENOC's cybersecurity posture, focusing on indicators of compromise such as malware, implants, and backdoors indicating adversaries.
• Produce quality intelligence reports for management and teams.
• Apply analytic tradecraft consistently to gathered intelligence and investigate, document, and report on cybersecurity issues and trends.
• Identify and monitor Tactics, Techniques, and Procedures (TTPs) used by cyber threat actors through data analysis.
• Identify intelligence gaps and request information to fill these gaps.
• Provide actionable cyber intelligence through reports, briefings, and presentations.
• Make predictions about future activities of cyber threat actors based on existing knowledge.
• Recognize threats effectively by conducting research and data analysis using internal and external tools.
• Collaborate with security analysts and senior analysts for feedback on suspicious activities.
• Support and develop content for SIEM and other security technologies used by CIC.
• Develop and implement new correlation rules and use-cases in SIEM, enhancing monitoring and detection capabilities, including integrating SIEM with other tools via scripting.
• Be on-call 24/7 to respond to cybersecurity emergencies.

Education

• Bachelor’s degree in Computer Science, Engineering, or Business.
• Professional certifications: CISSP, GCTI, GCFA, GNFA.

Experience

• Minimum of 7+ years in information security or related technology fields.
• At least 4+ years of relevant experience.
• Experience across multiple industries (e.g., Energy, Utilities, Retail, Government) is preferred.
• Experience in cybersecurity threat monitoring and incident handling.
• OT security operations center experience is advantageous.