AVEVA is a global leader in industrial software. Our cutting-edge solutions are used by thousands of enterprises to deliver the essentials of life – such as energy, infrastructure, chemicals and minerals – safely, efficiently and more sustainably.
We’re the first software business in the world to have our sustainability targets validated by the SBTi, and we’ve been recognized for the transparency and ambition of our commitment to diversity, equity, and inclusion. We’ve also recently been named as one of the world’s most innovative companies.
If you’re a curious and collaborative person who wants to make a big impact through technology, then we want to hear from you! Find out more at AVEVA Careers.
For more information about our privacy policy and how to manage cookies, visit our Privacy Policy.
Organization/department: Cyber Threat Intelligence & Hunting, Global Security Operations, AVEVA Security
Reports to: Cyber Threat Intelligence Manager
Job Overview
The Cyber Security Threat Intelligence Analyst is a member of the AVEVA Security team and works closely with the other members of the team to operationally maintain a comprehensive information security program. This includes analysis of security events, validating threat intelligence sources and feeds, prioritise, rate, and provide advisory that are related to AVEVA. He/she works with the Cyber Threat Intelligence Manager and wider AVEVA Digital Security team and communicates with AVEVA staff to re-enforce security awareness and compliance.
Roles and Responsibilities
Primary Duties
Improve and facilitate the comprehensive framework and procedures for managing Cyber Threat Intelligence services throughout the entire organization, with a focus on enhancing collaboration and communication.
Gather, validate, prioritize, and analyze a wide range of emerging cyber threat intelligence from diverse sources, including open-source, commercial, external, internal, and private, to assess its relevance, impact, and severity for AVEVA.
Work with internal security teams, security programs and 3rd party to provide data driven insights into existing and emerging threats.
Leverage threat intelligence to improve the prioritization of preventative controls and mitigations to improve defences of AVEVA.
Deliver relevant and actionable intelligence to teams and leadership across AVEVA to improve AVEVA ability to detect threats in AVEVA environment.
Support response to internal incidents by managing intelligence collected during investigations and building a common understanding of threat activities.
Proactively identifying, Investigating, and provide support on hunting potential attacks and security risks on AVEVA networks and systems using various platforms and threat feeds.
Creating and maintaining information security operations process, procedure, and checklist documentation, such as Cyber Threat Intelligence Process and playbook.
Support incident response activity from Cyber Threat Intelligence perspective throughout AVEVA defined Security Incident Response phases and framework such as NIST.
Reports to Cyber Threat Intelligence Manager concerning security events, incident trends, residual risk, vulnerabilities, and other security exposures, including misuse of information assets and noncompliance.
Works with the AVEVA’s wider business unit teams and any required partners/business functions such as R&D to resolve security events, incidents, and service requests from cyber security threat intelligence perspective.
Ensures compliance of security processes and procedures and supports service-level agreements (SLAs) to ensure that services quality is managed and maintained.
Contributes through security advisories, blogs, and other communication channels on current and emerging security threats to AVEVA assets and people via the security awareness programme.
Operate threat intelligence reporting Service against defined schedule and agreed reporting templates.
Be available to provide reactive support to critical security incidents outside standard business hours as part of a ROTA.
Additional Duties
Under the guidance of Cyber Threat Intelligence Manager
Assist with control improvements to identify control weaknesses and contributes to threat advisories.
Participates in security investigations and compliance reviews, as requested by internal or external team.
Maintain awareness of applicable regulatory standards, upstream risks, and industry leading security practices.
Provide feedback and recommendations on existing and new security tools and techniques for the improvement of analysis, incident investigation and security controls.
Qualifications/Experience
Educational Qualifications
Minimum of five years information and cyber security experience as Cyber Threat intelligence Security Analyst or Cyber Security Threat Hunting.
Bachelor's degree in information systems or equivalent work experience in relevant information and cyber security domain.
Security certification from a recognised organisation such as ISC2, CompTIA, ECCouncil, SANS Institute is as advantage.
Technology standard certification such as from Cisco, VMware, Microsoft is an advantage.
Technical Competency and Experience
Experience producing actionable intelligence report with validated, prioritized severity and with proper impacts assessment on Indicator of Attacks (IOAs) together with Indicator of Compromises (IoCs).
Experience producing intelligence products or reporting within the cyber security, geopolitical, or any other security domains.
Good understanding of cyber threat attack vectors, cyber threat landscape, cyber threat profile and cyber threat intelligence framework such as MITRE ATT&CK and how they are used, and methods to detect and mitigate them.
Good technical knowledge of Microsoft Operating Systems. Knowledge and experience of Linux and Macintosh.
Technical knowledge of:
Cyber Security Threat Intelligence
Cyber Security Threat Intelligence solutions
Cyber Security Threat Hunting
Network traffic and protocol of security events from network devices, firewalls, intrusion detection and prevention systems
Endpoint Detection and Response controls
Endpoint protection and anti-malware controls
Identity and access management (IAM) concept
Email and phishing protection solutions
Experience in scripting, query languages and automation languages such as Powershell, Python, SPL, KQL, OSQuery, YARA, and SIGMA as an advantage.
Experience in integrating Security Information and Event Management (SIEM) with Managed Threat Intelligence Platform as an advantage.
Knowledge and understanding of information risk concepts and principles, as a means of relating business needs to security controls.
Knowledge and experience in developing and documenting security processes and plans.
Experience with common information security management frameworks, such as MITRE ATTACK, International Organization for Standardization (ISO) 2700x and the ITIL, COBIT and National Institute of Standards and Technology (NIST) or Center for Internet Security (CIS) frameworks.
Occupational Personality
Strong analytical thinking skills with strong written and verbal communication and a good attention to detail.
Ability to work both independently and collaboratively as a team member, be curious and to ask questions.
Ability to interact with AVEVA's personnel at all levels and across all business units and organizations, and to understand business objectives and values.
A strong internal client focus, with the ability to manage expectations appropriately, to provide a superior internal client experience and build long-term relationships.
Passionate about security, with a keenness to develop own skills and knowledge outside of working environment.
Confident in recording and presenting key findings and conclusions to different levels of the business.
AVEVA requires all successful applicants to undergo and pass a comprehensive background check before they start employment. Background checks will be conducted in accordance with local laws and may, subject to those laws, include proof of educational attainment, employment history verification, proof of work authorization, criminal records, identity verification, credit check. Certain positions dealing with sensitive and/or third party personal data may involve additional background check criteria.
AVEVA is an Equal Opportunity Employer. We are committed to being an exemplary employer with an inclusive culture, developing a workplace environment where all our employees are treated with dignity and respect. We value diversity and the expertise that people from different backgrounds bring to our business.
Come and join AVEVA to create the transformative technology that enables our customers to engineer a better world.