
Vulnerability Analyst
3 weeks ago
Vulnerability Analysts aid in the identification, assessment, and communication of new and emergent threats in the cybersecurity landscape, specifically vulnerability intelligence and detections. As a Vulnerability Analyst, you will be expected to familiarize yourself with high-impact and critical vulnerabilities, proofs-of-concept, and reports of in-the-wild exploitation, producing and reviewing intelligence summaries accessible to Client's customers.
Responsibilities- Vulnerability Lead Identification and Analysis: You will be tasked with the prompt identification, analysis, and comprehensive assessment of emerging cybersecurity threats, specifically recently disclosed or exploited vulnerabilities.
- Subject Matter: Your technical prowess will be crucial in ensuring our preparedness for potential risks and understanding the implications of prompt and thorough analysis of high-impact vulnerabilities.
- Key Detail Identification: During research, identify and take note of infection chains, host and network IoCs, malware samples, threat actors, exposed vulnerable instances, publicly available proofs-of-concept, and MITRE ATT&CK tactics and techniques
- Author Insikt Notes: Write TTP Instances detailing identified vulnerability leads. TTP Instances include a combination of information from open-source reporting and your own analysis (i.e. code review). Each TTP Instance should comprehensively address the nature of the threat, its potential impact, suggested mitigation strategies, and a succinct summary for quick referencing.
- Cadence and Quality: Write at least 2 TTP Instance notes daily and ensure authored TTP Instances have minimal grammatical or syntax errors; plagiarism is not acceptable.
- Detection Engineering: Design and develop Nuclei templates for vulnerability scanning, ensuring these templates are tailored to detect new and emerging vulnerabilities efficiently. Cadence: Create at least 1 Nuclei template per month with assistance from our Senior Vulnerability Analyst. Delivery: Nuclei templates will be delivered alongside a TTP Instance.
- Information Security: Adhere to and implement quality and information security policies and carry out its processes and procedures accordingly.
- Protect client-supplied and generated-for-client information from unauthorized access, disclosure, modification, destruction, or interference.
- Carry out tasks as assigned and aligned with particular processes or activities related to information security.
- Report any potential or committed non-conformity, observation and/or security event or risks to your immediate superior.
Required Skills
- Strong written communication in English
- Demonstrable experience writing reports on technical subject matter (e.g. vulnerability exploits, malware infection chains, offensive security tools) in a clear, concise, and logical format
- Disciplined time management
- Self-starting, self-motivated, and thrive in a collaborative environment
- Ability to receive and apply constructive feedback from peers and leadership
- B.S. equivalent in computer science, information systems, or cyber intelligence
- 1 - 2 years of minimum professional experience in cybersecurity, with a focus on threat detection, penetration testing, or vulnerability assessment.
- A solid grasp of fundamental cybersecurity principles, attack trajectories, and techniques for vulnerability analysis.
- Demonstrable experience researching and analyzing new cyber threats.
- Practical experience using common threat intelligence analysis models such as MITRE ATT&CK, D3FEND, the Diamond Model, and the Cyber Kill Chain.
- Familiarity with and use of common cyber threat intelligence tools such as DomainTools, VirusTotal, Shodan, etc.
- Demonstrable experience in technical writing, showcasing an ability to translate complex technical concepts into engaging, reader-friendly content.
- Demonstrably strong writing ability, to be assessed via a writing sample
- A meticulous attention to detail, underscoring a commitment to accuracy and thoroughness in all aspects of work.
- Capable of functioning effectively within a team as well as independently.
- Experience creating Nuclei templates.
- Practical experience with network and web application penetration testing tools, such as Burp Suite, Nmap, Fiddler, ZAP, Metasploit, and Wireshark.
- Familiarity with scripting and programming languages such as YAML, Python, Golang, JavaScript, C, etc.
- Prior experience within a quick reaction or incident response team environment.
- Familiarity with malware detections, including YARA, Sigma, and Snort.
-
Research Analyst
1 week ago
Pagadian, Zamboanga Peninsula, Philippines SMDigital Full timeResearch AnalystJob Summary:We are seeking a detail-oriented and highly resourceful Research Analyst to support a strategic initiative focused on sourcing and analyzing municipal and HOA data related to roofing infrastructure across South Florida. The goal is to build a comprehensive database of neighborhoods and properties with aging roofs, upcoming roofing...
-
Digital Asset Defender
1 week ago
Pagadian, Zamboanga Peninsula, Philippines beBeeCyberSecurity Full time ₱996,800 - ₱1,085,200Cyber Security SpecialistProtecting digital assets from cyber threats requires a strategic approach. Our organization needs a Cyber Security Analyst who can assess risks, develop effective security measures, and maintain vigilance against potential breaches.Key ResponsibilitiesThreat Identification and Analysis: Monitor system logs, network traffic, and...
-
Chief Security Strategist
1 week ago
Pagadian, Zamboanga Peninsula, Philippines beBeeSecurity Full time $80,000 - $110,000Job Opportunity: Security Analyst PositionOur organization is seeking a seasoned security professional to play a key role in enhancing our security offerings and capabilities. As a vital member of our team, the selected candidate will be responsible for advancing our security posture and ensuring compliance with industry standards.Key...
-
Cybersecurity Threat Analyst
1 week ago
Pagadian, Zamboanga Peninsula, Philippines beBeeSecurity Full time ₱1,080,000 - ₱1,440,000Job OverviewThis highly skilled role involves advanced security solutions to detect threats, provide escalation support, and manage incidents to resolution. Effective incident response requires real-time monitoring, thorough investigations, and collaborative team efforts.Key Responsibilities:Monitor and respond to security events using established processes...
-
Cybersecurity Incident Investigator
1 week ago
Pagadian, Zamboanga Peninsula, Philippines beBeeCybersecurity Full time ₱800,000 - ₱1,500,000Security Operations Center Analyst Job DescriptionThis role involves monitoring and investigating security incidents on the global network, endpoints, and cloud environments to ensure timely detection, escalation, and mitigation of security threats. The ideal candidate will have a strong understanding of security processes and tools, as well as excellent...