Role Proficiency:

Provide support across SIEM or EDR technologies for global customers and ensure that the platforms are functioning as expected. Conduct checks and perform basic triage for global customers under minimal supervision and guidance of senior team members.

Outcomes:

Conduct Health checks for a single or multiple platform types following guidance. Escalate issues observed. Forward to a senior team member for review to ensure proper visibility of issues before they become incidents. Where appropriate assist with service requests for platform types such as access requests to ensure optimal delivery for internal and external stakeholders. Participate in maintenance activities to help with improving understanding of the architecture of platforms supported as well as self awareness building proficiency for supported toolsets. Develop skills around the cyber security methodologies and requirements for the various platform technologies which are being supported providing efficient customer service Follow relevant in-life processes tracking any escalation pipelines and pathways required to ensure consistency of application provided to the customer.

Measures of Outcomes:

Percent of Adherence to processes and methodologiesa.Percent of adherence to SLAs for in life ticketing processesb.Percent of adherence to workflows and the completeness of audit trails for any activities Productivity score maintaineda.Number of issues identified early to pinpoint problems with delivering tasks or workload.b.Number of issues with effective evidence provided for escalations during triage. Number of relevant skill related training and development activities undertaken; evidenced by certification.

Outputs Expected:

Platform Health Monitoring:

Support Service Requests and first level Incident support Proactive identification of issues
with behavioural analysis/patterns identified. Conduct daily and regular occurring service tasks with minimal supervision to ensure daily operation of the platform supported.

Customer Focus:

Ensure customer specific processes are being followed and adhered to at all times Undertake mandatory and proactive learning and development opportunities.

Skill Examples:

Good communication skills Ability to work as part of a team Ability to understand basic computing technologies. Aptitude in working with a/multiple SIEM or EDR technologies Capable in working as part of a shift Ability to work with querying data and the role of a SIEM/EDR Ability to demonstrate analytical skills working across multiple technologies and customers.

Knowledge Examples:

Knowledge Examples

Knowledge of Security Operations and Incident Management Knowledge of IT Infrastructure and basic networking concepts Knowledge of a query language / regular expressions Understanding of ISMS Desirable: Certifications in IT infrastructure / SIEM / EDR / Ethical Hacking

Additional Comments:

CyberProof is part of the UST Global family. Some of the world’s largest enterprises trust us to create and maintain secure digital ecosystems using our comprehensive cyber security platform and mitigation services. We are looking for a Cyber Threat Intelligence Analyst to join our growing CTI team. As a CTI Analyst, you will be responsible for delivering threat intelligence services to multiple customers across various industries. You will analyze, interpret, and disseminate actionable intelligence to help customers enhance their security posture against advanced threats. This is a dynamic role that combines technical expertise, analytical skills, and customer interaction to provide impactful, tailored intelligence. Main Tasks and Responsibilities: • Serve as the primary point of contact for assigned customers for CTI services. • Deliver tailored threat intelligence reports, briefings, and recommendations based on customer-specific requirements and risk profiles. • Monitor, analyze, and interpret data from open sources, dark web forums, and proprietary feeds to identify threats relevant to customers. • Track adversary tactics, techniques, and procedures (TTPs) and assess their relevance to customers’ environments. • Collaborate with internal teams (SOC, Vulnerability Management, Incident Response, and Threat Hunting) to enrich intelligence with contextual data. • Assist in incident investigations by providing threat actor attribution, IOC enrichment, and TTP analysis. • Develop and recommend mitigation strategies and preventative measures for ongoing threats. • Continuously refine intelligence methodologies and workflows to improve service delivery. Key Requirements: • 3+ years of experience in Cyber Threat Intelligence, Threat Hunting, or a related cybersecurity role. • Prior experience in an MSSP or a multi-tenant environment is preferred. • Deep understanding of cyber threats and threat actor tactics, techniques, and procedures (TTPs). • Strong knowledge of threat intelligence frameworks (e.g., MITRE ATT&CK, Diamond Model, Kill Chain). • Proficiency in analyzing malware, phishing campaigns, and threat actor behavior. • Experience with tools like OpenCTI, ThreatConnect, or similar platforms. • Familiarity with SIEM and SOAR platforms. • Knowledge of enterprise IT infrastructure, including networks, OS, databases, and web applications. • Excellent analytical and problem-solving skills. • Strong written and verbal communication skills to deliver technical insights to technical and non-technical stakeholders. • Customer-centric mindset with the ability to manage multiple accounts effectively. • Industry certifications such as GCTI, CTIA, CISSP, or CEH are a plus.