CTI Engineer

As Cyber Threat Intelligence Engineer you support the organization in building the data fusion and analytics technology, based on EclecticIQ Platform, required to connect intelligence communities and suppliers to the Fusion Center. You will further support threat analysts technically with malware or investigative related research. You’re an engineer AND researcher at heart.

==

EclecticIQ is an applied cyber intelligence technology provider, enabling enterprise security programs and governments to bootstrap a threat intelligence practice. Empowering analysts to take back control of their threat reality and mitigate exposure accordingly.

EclecticIQ’s mission is to restore balance in the fight against cyber adversaries. Its flagship product EclecticIQ Threat Intelligence Platform enables operationalization of security information exchange, empowers collaborative analyst workflow and ensures timely integration of cyber threat intelligence detection, prevention and response capabilities. EclecticIQ is a privately held company headquartered in Amsterdam the Netherlands, and holds an office in London. Awarded the 2015 EU IPACSO Cyber Security Award and partner of the NATO NCI Agency Security Incubator.

EclecticIQ is launching EclecticIQ Fusion Center which will support enterprise and government customers in ensuring fusion, triage, qualification, analysis and appropriate dissemination of intelligence.

==

Duties and responsibilities

• Technical intelligence analysis and investigative support for threat analysts in the fusion center
• Design, development and implementation of Python scripts in support of collection and intelligence feed integration into the fusion center
• Design and development of STIX templates

Experience, knowledge and skills

• Minimum of 5 years of experience in one or more of the following roles: Senior Engineer, Intelligence Engineer, Technical Intelligence Analyst, Security Researcher, Cyber Threat Researcher, Cyber Crime investigations, Malware analyst, Information Security
• Knowledge of data models and taxonomies related to Cyber Threat Intelligence such as TLP, IODEF, STIX, etc.
• Experience in building or contributing to production-ready complex software systems
• Strong understanding of core IT concepts – networking, popular protocols such as - DNS, HTTP/S, SSH, FTP, etc, firewalls, routers, Information security, etc.
• Understanding of online operational security methods and Information Security best practices
• Proficient and demonstrated experience using the Python programming language
• Experience creating ad-hoc Python-based utilities and tools to do technical analysis, collections, and processing of data
• Ability to apply out of the box thinking to address technically challenging collection and research objectives
• Understanding of computer intrusions, malicious code, threats to banking, money laundering / fraud / eCrime, and other criminal activity
• Preferably ability to reverse engineer malware or other malicious data specific to cyber-crime activity
• Solid level of understanding and experience with other programming or scripting languages (C/C++,Java, PERL,  etc)
• Preferably understanding of technical skill areas such as, digital forensics or digital media exploitation, network architecture, systems architecture, intelligence collection