Incident Response Engineer

When you join Trend, you become part of a unique and diverse global family and
you get to work towards a world safe for exchanging digital information.
Job Title: Threat Intel Analyst
Location: Cairo, Egypt
Preferred certifications: GCIH, GCTI
Travel: Seldom
Description:
The Trend Micro Threat Intel Analyst (TIA) would be a member of the Managed
XDR (MDR) service supporting overall cyber threat analysis effort. The TIA
must have experience in intrusion detection and response, firewall
architecture, and emerging technologies. They must possess an expert grasp on
security vulnerabilities and malicious actor tactics, techniques, and
procedures (TTP) to better evaluate the effectiveness of layered defenses and
provide insight threat campaigns and distribution of malware. The TIA will
work with the Trend Micro Managed XDR team to describe possible association to
threat actors, existing or new threat campaigns, and relationship of
indicators of compromise (IOCs).
Responsibilities:
* Conduct threat intelligence activities to support the Trend Micro Managed XDR team, and collaborate with other threat research teams within Trend Micro.
* Collect, analyze and interpret qualitative and quantitative, technical and non-technical data to perform intelligence analysis.
* Conduct security research using internal and external sources, including but not limited to: cyber security web sites, forums, social media and traditional sources to support research processes.
* Perform open source intelligence (OSINT) collection and analysis, identifying the most relevant and immediate cyber threats, malicious code, suspicious domains, and security vulnerabilities.
* Perform malware analysis either through reverse engineering, black-box analysis or similar methods.
* Add threat intelligence enrichment and support investigation of suspected security incidents, including operating with malware and indicators of compromise (IOCs).
* Analyze and correlate incident data to develop a preliminary root cause and corresponding remediation strategy.
* Produce assessments on cyber threats and attacks that are of interest to Trend Micro.
* Work on projects that are relevant to Trend Micro, revolving around threat research and analysis.
* Provide subject matter expertise on cyber threats to support current analytical operations and initiatives.
* Provide timely, comprehensive, and accurate deliverables to key stakeholders in both written and verbal communications.
Qualifications:
* At least a bachelor's degree in a related field, with ‎2-‎3 years in a full-time security position related to Information Security Operations, preferably in a position involving threat detection and incident response.
* Had worked within SOC operations, or have been a member of teams participating in incident response, digital forensics, threat research or similar cyber experience.
* Had previous experience working with relevant subject matter experts to process, analyze and remediate threats through the use of endpoint protection products or endpoint detection and response suites, and related technology, such as EDR, anti-virus, anti-malware, IPS/IDS, and anti-phishing.
* Excellent understanding of cyber security frameworks, such as the Diamond Model of Intrusion Analysis, MITRE ATTA&CK framework, and utilize these frameworks to implement threat modelling in support of Threat Intelligence activities.
* Experienced in analyzing malware, hacking tools, threat actor tactics, techniques and procedures (TTPs) to characterize threat actor's technical methods for accomplishing their goals.
* Experienced in performing malware analysis either through reverse engineering, black-box analysis or similar methods.
* Strong working knowledge of security relevant data, including networking protocols, ports and common services, and application layer protocols (e.g., HTTP, DNS, FTP, SMTP, etc.).
* Working knowledge of privilege escalation persistence, lateral movement techniques developed by threat actors.
* Had prior experience with working with SIEM technology, open source intelligence (OSINT) tools, as well as threat intelligence platforms.
* Had prior experience in writing, editing and preparation of threat research materials, or had prior exposure to writing articles relevant to threat research
* Possess strong understanding of technical issues within IT environments, or environments that focused on research and development
* Excellent capabilities with documentation including writing technical write-ups
* Ability to provide insights to research and innovation
* Exceptional ability to communicate verbally and in writing; ability to work as a team member within a global team environment.
* Strong organizational and time-management skills, with flexibility in time and availability
Trend Micro strive to build an environment of equity and inclusion, which
reflects diverse points of view. We welcome, value, promote, and celebrate
diversity - the very experiences and attributes that make us who we are,
including but not limited to race, ethnicity, nationality, gender, gender
identification, sexual orientation, level of ability, age, religion, veteran
status, socio-economic status, and political philosophy
We embrace change, empower people, and encourage innovation. Join Trend Micro
and Thrive with us.