Back to All Jobs
Tbilisi, Georgia
5 days ago
Cybersecurity Consultant/Threat Intelligence (Short-Term Engagement, Tbilisi, Georgia)

Position Title:                                Cybersecurity Consultant/Threat Intelligence

Period of Performance:                  September 2024 to December 2024

Total Level of Effort:                     Up to 8 days

Program Background 

The Critical Infrastructure Digitalization and Resilience (CIDR) program is a five-year initiative managed by DAI Global LLC on behalf of the U.S. Agency for International Development (USAID)’s Bureau for Europe and Eurasia. CIDR focuses on enhancing cybersecurity resilience in the Western Balkans, Black Sea region, and South Caucasus, areas that have experienced increasingly diverse and sophisticated cyberattacks targeting sectors such as energy, telecommunications, and government services. 

CIDR collaborates with partner governments and key stakeholders to identify cybersecurity gaps, establish priorities, and develop actionable strategies to bolster cybersecurity across critical infrastructure and key institutions. 

Currently operating in Albania, Georgia, Kosovo, Moldova, Montenegro, North Macedonia, and Serbia, CIDR provides comprehensive development assistance. This includes assistance for cybersecurity education and workforce development, cybersecurity assessments, governance frameworks, and facilitating information sharing on cyber threats, attacks, and mitigation strategies. 

The overarching goal of CIDR is to elevate the cybersecurity standards of the region through country-led initiatives. By strengthening the defense mechanisms of critical infrastructure and key institutions, CIDR aims to ensure the continuity of essential services for citizens while enhancing overall resilience against cyber threats. 

OBJECTIVES (SCOPE)

This position's objective is to provide a Threat Intelligence Workshop tailored to the banking and finance sector, showing how to gather valuable insights based on analysis of contextual and situational risks. In today’s cyber security landscape, it isn't possible to prevent every attack. Today’s attackers have significant funding, are patient, sophisticated, and target vulnerabilities in people and processes as well as technologies. With organizations increasingly relying on digitized information and sharing vast amounts of data globally, they have become easier targets for many different forms of attack. As a result, every company’s day-to-day operation, data, and intellectual property are seriously at risk.  It is important to understand and prioritize cyber threat intelligence processes, and how they can be integrated into an organization’s security operations in a way that adds value. This workshop aims to introduce the in-depth concept of cyber threat intelligence to participants and provide them with the practical experience to gain cyber threat intelligence skills that are required to make security teams better, threat hunting more accurate, incident response more effective, and organizations more aware of the evolving cyber threat landscape.

The consultant will Conduct an introductory session on threat Intelligence fundamentals, showing practical examples of different tools and methodologies used in the threat intelligence lifecycle.

The workshop will be developed and delivered to the employees involved in operational roles, risk management personnel, IT, Information security, cybersecurity and infrastructure support teams, and other relevant personnel of financial institutions and other stakeholders in the financial sector.

The workshop will be provided as an instructor-led session including group activities, case studies, and real-life scenarios relevant to the banking and finance sector. The consultant will prepare presentation slides and handouts, practical templates for Threat Intelligence.

TASKS (PERFORMANCE REQUIREMENTS)

Design and develop program and materials for at least 1 Day Workshop including interactive modules, tailored to the needs and knowledge levels of different participants, in consultation with the program team and the relevant stakeholders. Develop evaluation forms using the Program’s templates to measure the effectiveness of the workshop in consultation with the program team. The workshop evaluation forms must be reviewed and approved by the Program team before the workshop. The consultant will define learning objectives and workshop results in cooperation with key stakeholders.  The workshop will include, but is not limited to the following modules:
Threat Hunting: Develop techniques for gathering data from various sources to begin profiling and identifying malicious threat actors. Feature Extraction: Pinpoint distinctive static characteristics in binaries that facilitate their classification into specific categories of malicious threats. Behavior Analysis: Detect unique dynamic features in binaries that aid in categorizing them into particular malicious groups. Clustering and Correlation: Categorize malware based on extracted features and behaviors and link this information to gain insights into attack patterns and flows. Threat Actor Attribution: Identify the individuals or groups responsible for the malicious activities linked to identified clusters. Threat Tracking: Anticipate potential new attacks and detect emerging variants in a proactive manner. Operational Disruption: Dismantle organized crime operations and reduce their effectiveness.

Conduct workshop. Analyze feedback and prepare report on conducted workshop with recommendations on further steps. Provide expert advice and documented guidance to financial institutions to enhance capabilities regarding threat intelligence as required. Provide support in other capacity-building initiatives as assigned by the Country Director and Capacity Development Lead.  

DELIVERABLES

1.    Deliverable One: Program and materials for at least 1-day workshop including evaluation forms.

Required Delivery Date: The dates depend on when training takes place. Workshop program and materials need to be submitted at least 2 weeks before the event.

2.      Deliverable two: Activity report describing the event conducted including workshop materials, feedback analysis, signed list of participants for each session, and recommendations on further steps.  

Required Delivery Date: 4 working days after completion of the event.

3.    One-pager report on the status of tasks and upcoming deadlines.

Required Delivery Date: at the end of every month.

Qualification

Bachelor’s or higher degree in information technology, engineering, and cybersecurity or related field. At least ten years of experience working in the cybersecurity sector. Demonstrated experience in threat intelligence activities, including threat hunting, analysis, and incident response. In-depth understanding of threat intelligence concepts, including data collection, analysis, and integration into security operations. Experience in delivering workshops or training sessions to non-specialist audiences. Cybersecurity-related certifications or training preferred. (CISSP, Certified Ethical Hacker (CEH), Certified Threat Intelligence Analyst (CTIA), GIAC Cyber Threat Intelligence (GCTI). Excellent English language skills, verbal and written. Excellent presentation skills in English. Strong analytical and report writing skills, with the ability to provide actionable recommendations. Back Share Apply Now
Show More
Save & Apply Later Applying Later... Click to ApplyI AppliedDidn't Apply
Confirm your E-mail: Send Email
Apply for this job
Next Job »
All Jobs from DAI
1 DAI jobs in Tbilisi, GA 86 DAI jobs in
Next Job »
Search Jobs Dai Apply Later
Processing Unique Jobs for You: