Senior Cyber Analyst – Threat Intelligence

Maersk

  • Maidenhead, Berkshire
  • Permanent
  • Full-time
  • 7 days ago
About usWith over 100,000 employees across 130 countries A.P. Moller - Maersk is a global leader in logistics services and can offer you the opportunity to grow and evolve in a truly diverse workplace. A.P. Moller - Maersk is an integrated container logistics company working to connect and simplify its customers’ supply chains. With simple end-to-end offering of products and digital services, seamless customer engagement and a superior end-to-end delivery network, Maersk enables its customers to trade and grow by transporting goods anywhere - all over the world.What We offerTo work at Maersk is to work with the world. You’ll learn from – and collaborate with – skilled professionals who literally move the world, every day. With a supportive environment to develop your skills, you’ll gain access to world-class learning programmes to accelerate your career goals. And you’ll find yourself welcome in our diverse and inclusive culture, where you are valued for who you are and rewarded for what you bring. For this and many other of our roles, we can offer the flexibility of hybrid working, alongside industry leading benefits such as pension and family health/dental insurances as standard.What you’ll be doing:You will conduct the collection, analysis and dissemination of threat intelligence and provide knowledge and expertise to the relevant stakeholders within Maersk. Cyber Threat Intelligence is a key part of Maersk’s Cyber Operations department and is responsible for the identification and reporting of cyber threats targeting Maersk entities.Responsibilities:
  • Deputise for the Head of CTI where required.
  • Produce and update threat actor profiles, detailing their motivations, capabilities, and infrastructure to enhance understanding of potential adversaries.
  • Conduct intrusion analysis to support incident response and to develop in-depth understanding of threats targeting the organisation.
  • Responsible for updating and maintaining an enterprise TTP framework to track coverage across the organisation.
  • Responsible for creating, reviewing and updating CTI processes and documentation, as well as upskilling other team members.
  • Responsible for identifying areas and gaps for continuous improvement and ensuring stakeholders adopt a threat-led approach.
  • Accountable for the effective collection, analysis, and dissemination of intelligence reports.
  • Determine, prioritise and monitor a set of internal and external sources for threat data.
  • Prioritise, validate and correlate threat data to obtain actionable information on existing and emerging threats to Maersk.
  • Responsible for the configuration and use of the chosen threat intelligence platforms (TIPs).
  • Produce and disseminate strategic, operational, and tactical threat intelligence reports periodically and urgently to relevant stakeholders in the enterprise.
  • Conduct tactical investigations into key indicators and TTPs sourced from TIPs and Incident Response activities.
  • Regularly review and update Priority Intelligence Requirements (PIRs) according to changes in the business and/or threat landscape.
  • Apply and maintain an in-depth knowledge of principal cyber security threat actors through open-source and social media monitoring, and attendance at seminars and industry events where possible.
  • Provide finished intelligence products to key stakeholders.
  • Lead collaboration activities with teams across the Cyber organisation to provide threat intelligence that furthers organisational understanding of potential adversaries and attack vectors, providing a foundation for building logging and monitoring strategies with CTI at the core.
  • Identify, prioritise, and communicate threats related to newly identified vulnerabilities that pose a threat to Maersk.
  • Define and enhance threat intelligence capabilities by developing processes where automation has the potential to improve efficiency.
  • Supporting security incident management and delivering briefings to senior management.
  • Ensure threat intelligence is actively used to drive improvements and remediation plans by participating in operational and change projects.
  • Scope and respond to Requests for Information (RFIs) from Maersk stakeholders.
To succeed in this role, we believe that you can offer:Professional qualifications:
  • Professional training in threat intelligence or cyber security analysis.
  • Open-source intelligence and formal intelligence qualifications are favourable.
  • Qualifications such as CEH, SANS, CRTIA, OSCP or equivalent are desirable.
Technical skills & knowledge:
  • High proficiency in using threat intelligence platforms (e.g. MISP), security tools, and SIEM solutions.
  • Extensive and demonstratable experience in collection, analysis, production, and dissemination of intelligence.
  • Strong technical understanding of networking, internet protocols and information security.
  • Experience using the Cyber Kill Chain, Mitre ATT&CK Framework and Diamond Model.
  • Advanced knowledge of the cyber threat landscape and conversant in the tactics, techniques and procedures used by cyber adversaries.
  • Experienced in supporting security breaches, security incident management and delivering briefings to senior management.
  • Knowledge of standard methods / systems for analysis and prioritisation of vulnerabilities e.g. CVE, CVSS.
  • Knowledge and understanding of key political, operational and security risk issues in the maritime, transport and logistics sector is preferable.
  • Advanced expertise in analysing the intersection of political and geopolitical developments with cyber security threat vectors and policymaking.
  • Knowledge of threats to Cloud-based systems, and incident response in a Cloud environment.
Experience:
  • At least four years previous experience operating in a cyber threat intelligence function or similar.
  • Experience in other cyber security fields such as DFIR, threat hunting, or security engineering is highly desirable but not essential.
  • Experience conducting intrusion analysis and contextualising key indicators using a combination of open-source and proprietary tools.
  • Experience in developing and maintaining threat intelligence.
  • Experience in direction and subsequent collection of intelligence from several sources of information.
  • Familiarity with one or more Threat Intelligence Platforms.
  • Experience with automation in a security operations context is desirable but not essential.
Are you ready to be part of something transformational at Maersk and join a team that’s setting a new standard in cybersecurity? If so, we would love to hear from you!Maersk is committed to a diverse and inclusive workplace, and we embrace different styles of thinking. Maersk is an equal opportunities employer and welcomes applicants without regard to race, colour, gender, sex, age, religion, creed, national origin, ancestry, citizenship, marital status, sexual orientation, physical or mental disability, medical condition, pregnancy or parental leave, veteran status, gender identity, genetic information, or any other characteristic protected by applicable law. We will consider qualified applicants with criminal histories in a manner consistent with all legal requirements.We are happy to support your need for any adjustments during the application and hiring process. If you need special assistance or an accommodation to use our website, apply for a position, or to perform a job, please contact us by emailing .

Maersk