Technical Skills and Experience:
- Strong background in Cyber Threat Intelligence (CTI), ideally 5 years or more in threat intel roles.
- Hands-on experience with Recorded Future or similar threat intelligence platforms.
- Familiarity with Microsoft E5 security stack (Defender, Sentinel) and how to enrich detections with threat intel.
- Familiarity with Azure cloud security.
- Knowledge of SIEM/SOAR integration and automation workflows.
- Proficiency in threat actor profiling, TTP analysis (MITRE ATT&CK framework), and IOC management.
- Experience with dark web monitoring, OSINT collections, and malware analysis basics.
- Understanding of incident response workflows to ensure CTI outputs are actionable for L1/L2 teams.
- Know how to do threat hunting and knowledgeable in use case management or creation of detection rule.
- Experience with security incident response.
