Intelligence Analyst, Google Threat Intelligence Delivery

Minimum qualifications:

• Bachelor's degree or equivalent practical experience.
• 3 years of experience in a customer-facing role in cyber intelligence and cyber operations.
• Experience working with security operations functions such as SOC tier 1/2, Hunt teams, executive managers, Chief Information Security Officer (CISO).
• Experience working in a government or military environment, developing cyber threat intelligence for network, host and log analysis, to enable the detection and response to cyber threats.
• Experience analyzing Indicators of Compromise (IOCs) including sandbox output.
  
  

Preferred qualifications:

• Experience in SOC operations, threat hunting, detection engineering and SOC workflow optimization.
• Experience conducting/supporting incident response and investigations within enterprise environments.
• Experience with network Intrusion Detection System (IDS) monitoring, Endpoint Detection and Response (EDR) solutions, SIEM, Security Orchestration, Automation, and Response (SOAR) integration, managing, contributing CTI into threat intelligence platform.
• Understanding of core cyber security concepts, common enterprise IT infrastructure components, operating system internals and networking.
• Eligible to obtain security clearance in Israel as this can be a client requirement.
  
  

About The Job

Google Threat Intelligence Group's Intel Delivery, through the Special Interest Group (SIG) Israel team, delivers its key service known as Advanced Intelligence Access (AIA).

In this role, being onsite and embedded with a customer several days per week, you will leverage Google's cyber threat intelligence to enable network defenders and customer Cyber Threat Intelligence (CTI) teams to defend against the threats they face. You will be supporting the customer's CTI defensive mission, helping their Security Operations Center (SOC), threat hunters, detection engineers, and CTI analysts counter threats by translating intelligence into actionable hunt methodologies across the customer's systems and data, while guiding and empowering SOC personnel to better understand and operationalize intelligence for their own hunting efforts, ultimately enabling the safe and secure running of their networks and operations.

Part of Google Cloud, Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response services. Mandiant's cybersecurity expertise has earned the trust of security professionals and company executives around the world. Our unique combination of renowned frontline experience responding to some of the most complex breaches, nation-state grade threat intelligence, machine intelligence, and the industry's best security validation ensures that Mandiant knows more about today's advanced threats than anyone.

Responsibilities

• Build an understanding of the customers CTI requirements. Identify their needs and opportunities for deployment of CTI within their operations to have the greatest defensive impact.
• Track, research and contribute CTI analysis within Google Threat Intelligence, of customer's priority threat concerns.
• Enable customer SOC analysts and Hunt teams to deploy and leverage Google's CTI.
• Generate CTI and perform analysis of customer data, taking their bespoke sources to identify threat activity, or to build and automate investigative workflows.
• Support the integration of CTI into customer's security processes and technologies, including Security Information and Event Management (SIEM) and Threat Intelligence Platform (TIP) systems. Write intelligence reporting against customer requirements, appropriate for their intelligence analysts or executive readers.
  
  

Google is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. See also Google's EEO Policy and EEO is the Law. If you have a disability or special need that requires accommodation, please let us know by completing our Accommodations for Applicants form .