Vulnerability Analyst

Overview

Vulnerability Analysts aid in the identification, assessment, and communication of new and emergent threats in the cybersecurity landscape, specifically vulnerability intelligence and detections. As a Vulnerability Analyst, you will be expected to familiarize yourself with high-impact and critical vulnerabilities, proofs-of-concept, and reports of in-the-wild exploitation, producing and reviewing intelligence summaries accessible to Client's customers.

• Vulnerability Lead Identification and Analysis: You will be tasked with the prompt identification, analysis, and comprehensive assessment of emerging cybersecurity threats, specifically recently disclosed or exploited vulnerabilities.
• Subject Matter: Your technical prowess will be crucial in ensuring our preparedness for potential risks and understanding the implications of prompt and thorough analysis of high-impact vulnerabilities.
• Key Detail Identification: During research, identify and take note of infection chains, host and network IoCs, malware samples, threat actors, exposed vulnerable instances, publicly available proofs-of-concept, and MITRE ATT&CK tactics and techniques
• Author Insikt Notes: Write TTP Instances detailing identified vulnerability leads. TTP Instances include a combination of information from open-source reporting and your own analysis (i.e. code review). Each TTP Instance should comprehensively address the nature of the threat, its potential impact, suggested mitigation strategies, and a succinct summary for quick referencing.
• Cadence and Quality: Write at least 2 TTP Instance notes daily with minimal grammatical or syntax errors. Plagiarism is not acceptable.
• Detection Engineering: Design and develop Nuclei templates for vulnerability scanning, ensuring these templates are tailored to detect new and emerging vulnerabilities efficiently. Cadence: Create at least 1 Nuclei template per month with assistance from our Senior Vulnerability Analyst. Delivery: Nuclei templates will be delivered alongside a TTP Instance.
• Information Security: Adhere to and implement quality and information security policies and carry out its processes and procedures accordingly.
• Protect client-supplied and generated-for-client information from unauthorized access, disclosure, modification, destruction, or interference.
• Carry out tasks as assigned and aligned with particular processes or activities related to information security.
• Report any potential or committed non-conformity, observation and/or security event or risks to your immediate superior.

• Strong written communication in English
• Demonstrable experience writing reports on technical subject matter (e.g. vulnerability exploits, malware infection chains, offensive security tools) in a clear, concise, and logical format
• Disciplined time management
• Self-starting, self-motivated, and thrive in a collaborative environment
• Ability to receive and apply constructive feedback from peers and leadership

• B.S. equivalent in computer science, information systems, or cyber intelligence
• 1 - 2 years of minimum professional experience in cybersecurity, with a focus on threat detection, penetration testing, or vulnerability assessment.
• A solid grasp of fundamental cybersecurity principles, attack trajectories, and techniques for vulnerability analysis.
• Demonstrable experience researching and analyzing new cyber threats.
• Practical experience using common threat intelligence analysis models such as MITRE ATT&CK, D3FEND, the Diamond Model, and the Cyber Kill Chain.
• Familiarity with and use of common cyber threat intelligence tools such as DomainTools, VirusTotal, Shodan, etc.
• Demonstrable experience in technical writing, showcasing an ability to translate complex technical concepts into engaging, reader-friendly content.
• Demonstrably strong writing ability, to be assessed via a writing sample
• A meticulous attention to detail, underscoring a commitment to accuracy and thoroughness in all aspects of work.
• Capable of functioning effectively within a team as well as independently.

• Experience creating Nuclei templates.
• Practical experience with network and web application penetration testing tools, such as Burp Suite, Nmap, Fiddler, ZAP, Metasploit, and Wireshark.
• Familiarity with scripting and programming languages such as YAML, Python, Golang, JavaScript, C, etc.
• Prior experience within a quick reaction or incident response team environment.
• Familiarity with malware detections, including YARA, Sigma, and Snort.