Cyber Threat Intelligence Analyst
Veeva Systems
Veeva Systems is a mission-driven organization and pioneer in industry cloud, helping life sciences companies bring therapies to patients faster. As one of the fastest-growing SaaS companies in history, we surpassed $2B in revenue in our last fiscal year with extensive growth potential ahead.
At the heart of Veeva are our values: Do the Right Thing, Customer Success, Employee Success, and Speed. We're not just any public company – we made history in 2021 by becoming a (PBC), legally bound to balancing the interests of customers, employees, society, and investors.
As a company, we support your flexibility to work from home or in the office, so you can thrive in your ideal environment.
Join us in , committed to making a positive impact on its customers, employees, and communities.
The Role
This position is responsible for discovering, analyzing, and vetting relevant cyber threat information to produce detection and defensive mechanisms for the SOC. Additionally, the CTI Analyst will author reports to Senior Leadership and other stakeholders to maintain excellent company situational awareness of emerging threats relevant to Veeva. A repository of IOCs will be maintained to correlate attack patterns to further predict and defend against adversary personas. Finally, the CTI analyst will aid in the preparation and execution of proactive defense measures.What You'll DoLeverage a Collection Management Framework (CMF) that organizes all threat intelligence feeds, both internal and external, by indicators and data that can be ascertained as well as the methods in how data is collectedReport on potential areas of compromise and areas of concern through information provided by threat intelligence sourcesApply the indicator lifecycle (revealed, matured, utilized) to validate incoming indicators and determine relevance to VeevaDetect patterns of ongoing intrusion and intrusion attempts across Veeva and the industry to predict future IOCs and suggest implementationsUtilize CTI tools to detect/report on trends to drive decisions influencing defensive operationsReport actionable metrics related to adversarial behavior to drive prioritized defensive actionsSupport incident responders with relevant IOCs and historical data during ongoing investigationsAuthor intelligence reports that address intelligence requirements and RFIs from across the companySupport engineers in the preparation, design, and execution of threat hunt missionsResearch and analyze adversarial threat behaviors to prepare for emulation exercises to assess controlsRequirementsGood understanding of the Kill Chain and Diamond models, and means to merge themAbility to leverage MITRE ATT&CK in support of CTI reportingGood familiarity with some OSINT and proprietary CTI tools, examples as: DomainTools, MISP, YARA, ISAC/ISAO feeds, CyberChef, DataSploit, FireHOL, Maltego, Shodan, ThreatQuotient, Recorded Future Anomali, etcGood familiarity with modern threats, top delivery vectors, and methods of exploitationExperience in organizing, processing, analyzing, and vetting indicators using sorting/processing tools to maintain a current, relevant threat databaseExperience in leveraging existing threat intelligence to augment investigations during incident response2+ years experience in a cyber threat intelligence-related field, or 3+ years’ experience in a cybersecurity operations field1+ years experience in designing, executing, and prioritizing threat huntsStrong familiarity with different levels of CTI products (Strategic, Operational, Tactical/Technical)Good understanding of the different phases of the CTI lifecycle (Planning, Collection, Analysis, Production, and dissemination/feedback)Nice to HaveThreat Intelligence or Intrusion Detection-related certification, such as GCTI, GOSI, CTIA, GCDA, GCIA, CCTIA, CTIP, CPTIA, CRTIA, etcExperience in enriching data of the four atomic indicators (domains, strings, IP addresses, accounts) to deliver additional context to incident respondersSolid background in cloud security principlesExperience in creating and maintaining a prioritized list of critical assets and understanding the top threats against themExperience in threat emulation or use of deceptive technologiesPerks & BenefitsMedical, dental, vision, and basic life insuranceFlexible PTO and company paid holidaysRetirement programs1% charitable giving programCompensationBase pay: $75,000 - $145,000The salary range listed here has been provided to comply with local regulations and represents a potential base salary range for this role. Please note that actual salaries may vary within the range above or below, depending on experience and location. We look at compensation for each individual and base our offer on your unique qualifications, experience, and expected contributions. This position may also be eligible for other types of compensation in addition to base salary, such as variable bonus and/or stock bonus.#LI-RemoteUS
Veeva’s headquarters is located in the San Francisco Bay Area with offices in more than 15 countries around the world.
Veeva is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity or expression, religion, national origin or ancestry, age, disability, marital status, pregnancy, protected veteran status, protected genetic information, political affiliation, or any other characteristics protected by local laws, regulations, or ordinances. If you need assistance or accommodation due to a disability or special need when applying for a role or in our recruitment process, please contact us at .
At the heart of Veeva are our values: Do the Right Thing, Customer Success, Employee Success, and Speed. We're not just any public company – we made history in 2021 by becoming a (PBC), legally bound to balancing the interests of customers, employees, society, and investors.
As a company, we support your flexibility to work from home or in the office, so you can thrive in your ideal environment.
Join us in , committed to making a positive impact on its customers, employees, and communities.
The Role
This position is responsible for discovering, analyzing, and vetting relevant cyber threat information to produce detection and defensive mechanisms for the SOC. Additionally, the CTI Analyst will author reports to Senior Leadership and other stakeholders to maintain excellent company situational awareness of emerging threats relevant to Veeva. A repository of IOCs will be maintained to correlate attack patterns to further predict and defend against adversary personas. Finally, the CTI analyst will aid in the preparation and execution of proactive defense measures.What You'll DoLeverage a Collection Management Framework (CMF) that organizes all threat intelligence feeds, both internal and external, by indicators and data that can be ascertained as well as the methods in how data is collectedReport on potential areas of compromise and areas of concern through information provided by threat intelligence sourcesApply the indicator lifecycle (revealed, matured, utilized) to validate incoming indicators and determine relevance to VeevaDetect patterns of ongoing intrusion and intrusion attempts across Veeva and the industry to predict future IOCs and suggest implementationsUtilize CTI tools to detect/report on trends to drive decisions influencing defensive operationsReport actionable metrics related to adversarial behavior to drive prioritized defensive actionsSupport incident responders with relevant IOCs and historical data during ongoing investigationsAuthor intelligence reports that address intelligence requirements and RFIs from across the companySupport engineers in the preparation, design, and execution of threat hunt missionsResearch and analyze adversarial threat behaviors to prepare for emulation exercises to assess controlsRequirementsGood understanding of the Kill Chain and Diamond models, and means to merge themAbility to leverage MITRE ATT&CK in support of CTI reportingGood familiarity with some OSINT and proprietary CTI tools, examples as: DomainTools, MISP, YARA, ISAC/ISAO feeds, CyberChef, DataSploit, FireHOL, Maltego, Shodan, ThreatQuotient, Recorded Future Anomali, etcGood familiarity with modern threats, top delivery vectors, and methods of exploitationExperience in organizing, processing, analyzing, and vetting indicators using sorting/processing tools to maintain a current, relevant threat databaseExperience in leveraging existing threat intelligence to augment investigations during incident response2+ years experience in a cyber threat intelligence-related field, or 3+ years’ experience in a cybersecurity operations field1+ years experience in designing, executing, and prioritizing threat huntsStrong familiarity with different levels of CTI products (Strategic, Operational, Tactical/Technical)Good understanding of the different phases of the CTI lifecycle (Planning, Collection, Analysis, Production, and dissemination/feedback)Nice to HaveThreat Intelligence or Intrusion Detection-related certification, such as GCTI, GOSI, CTIA, GCDA, GCIA, CCTIA, CTIP, CPTIA, CRTIA, etcExperience in enriching data of the four atomic indicators (domains, strings, IP addresses, accounts) to deliver additional context to incident respondersSolid background in cloud security principlesExperience in creating and maintaining a prioritized list of critical assets and understanding the top threats against themExperience in threat emulation or use of deceptive technologiesPerks & BenefitsMedical, dental, vision, and basic life insuranceFlexible PTO and company paid holidaysRetirement programs1% charitable giving programCompensationBase pay: $75,000 - $145,000The salary range listed here has been provided to comply with local regulations and represents a potential base salary range for this role. Please note that actual salaries may vary within the range above or below, depending on experience and location. We look at compensation for each individual and base our offer on your unique qualifications, experience, and expected contributions. This position may also be eligible for other types of compensation in addition to base salary, such as variable bonus and/or stock bonus.#LI-RemoteUS
Veeva’s headquarters is located in the San Francisco Bay Area with offices in more than 15 countries around the world.
Veeva is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity or expression, religion, national origin or ancestry, age, disability, marital status, pregnancy, protected veteran status, protected genetic information, political affiliation, or any other characteristics protected by local laws, regulations, or ordinances. If you need assistance or accommodation due to a disability or special need when applying for a role or in our recruitment process, please contact us at .
Confirm your E-mail: Send Email
All Jobs from Veeva Systems