Sme-cti

CTI & Brand Protection (Shadowmap)
- Collect, analyze, and evaluate information from various sources to identify and understand potential cyber threats, including indicators of compromise (IOCs), tactics, techniques, and procedures (TTPs), and emerging vulnerabilities.
- Conduct in-depth research and analysis of threat actors, campaigns, and their motivations, providing insights into their methodologies, capabilities, and intent.
- Collaborate with internal teams and external partners to gather and validate intelligence, ensuring accuracy, relevance, and timeliness of threat information.
- Design, implement, and manage the infrastructure and tools necessary for effective cyber threat intelligence collection, analysis, and dissemination.
- Develop and maintain automated systems for threat data ingestion, enrichment, and correlation, leveraging APIs, threat feeds, and open-source intelligence (OSINT) sources.
- Implement and optimize threat intelligence platforms, such as threat intelligence management systems (TMS), threat intelligence platforms (TIP), and security information and event management (SIEM) solutions.
- Collaborate with the incident response team to provide timely and accurate threat intelligence during security incidents, aiding in containment, eradication, and recovery efforts.
- Contribute to the creation and refinement of threat hunting methodologies to proactively identify and neutralize threats.
- Produce concise and actionable threat intelligence reports, briefings, and presentations for various stakeholders, including executive leadership, technical teams, and external partners.
- Stay abreast of the latest cyber threat trends, attack vectors, and evolving techniques through industry forums, conferences, and professional networks.
- Share knowledge and expertise within the organization through training sessions, workshops, and technical documentation.
- Develop and execute comprehensive brand protection strategies to prevent and mitigate risks related to counterfeiting, trademark infringement, and unauthorized use of our brand assets.
- Conduct regular assessments to identify vulnerabilities and emerging threats to our brand, analyzing market trends, competitor activities, and customer feedback.
- Collaborate with cross-functional teams, including legal, marketing, and product development, to align brand protection efforts with overall business goals.
- Implement and maintain online brand monitoring tools and services to identify instances of brand abuse, counterfeit products, unauthorized resellers, and trademark infringements.
- Monitor online marketplaces, social media platforms, websites, and digital advertising channels for unauthorized use of our brand and intellectual property.
- Take proactive measures to enforce our brand rights, such as issuing takedown notices, cease-and-desist letters, and collaborating with legal authorities when necessary.
- Conduct investigations and intelligence gathering to identify the sources, networks, and individuals involved in brand abuse activities.
- Collect and analyze evidence to build cases against counterfeiters, infringers, and unauthorized sellers, supporting legal actions and law enforcement engagement.
- Stay updated on emerging trends and tactics used by infringers, leveraging market intelligence and collaborating with industry partners to strengthen brand protection measures.
- Prepare regular reports and metrics on brand protection activities, highlighting key findings, enforcement actions, and the effectiveness of brand protection initiatives.
- Utilize data and analytics to identify trends, patterns, and areas of improvement, making recommendations for enhancing brand protection strategies.

Qualifications:

- Bachelor's degree in computer science, Information Security, or a related field (or equivalent experience).
- Proven experience as a SIEM Platform Administrator or similar role.
- In-depth knowledge of SIEM concepts, architecture, and best practices.
- Proficiency in managing and administering leading SIEM platforms, such as Splunk, ArcSight, or QRadar.
- Strong understanding of network protocols, security technologies, and log formats.
- Experience with incident detection and response methodologies.
- Familiarity with scripting languages (e.g., Python, PowerShell) for automation and data manipulation.
- Excellent analytical and problem-solving skills.
- Strong communication and collaboration abilities.
- Relevant certifications (e.g., Splunk Certified Administrator, CISSP) are a plus.