Support Analyst Counter Threat Unit (CTU)

Company Overview:
Lean Tech is a rapidly expanding organization situated in Medellín, Colombia. We pride ourselves on possessing one of the most influential networks within software development and IT services for the entertainment, financial, and logistics sectors. Our corporate projections offer a multitude of opportunities for professionals to elevate their careers and experience substantial growth. Joining our team means engaging with expansive engineering teams across Latin America and the United States, contributing to cutting-edge developments in multiple industries.
Position Title: Support Analyst Counter ThreatWhat you will be doing:The Threat Intelligence (TI) Support Analyst is a fast-paced technical consulting role that serves as the first interaction for teammates and many customers with the Counter Threat Unit and Secureworks when they seek assistance related to threat intelligence.
The candidate will monitor several communication channels, triage requests for intelligence (RFIs), address customer emails and coordinate the scheduling of calls to discuss service delivery events, such as threat landscape presentations.
For each inbound request, this role will triage, categorize, coordinate if needed,
and ultimately fulfill the RFI. This is primarily done by conducting research and analysis to enrich indicators with TI using both Open Source intelligence (OSINT) and CTU all-source intelligence.
Excellent communication and collaboration skills are imperative as customer requests frequently require expertise from other internal teams and candidates will be expected to synthesize multiple inputs into concise, coherent, comprehensive customer responses. Additionally, analysts in this role will evaluate each response to determine if core response would benefit larger customer-base and should be crafted into a TI product, and thus experience completing the intelligence analysis lifecycle is strongly desired. This position does not require travel. Leverage internal, commercial, and open-source tools and data sources to analyze, enrich and synthesize indicators of compromise and/or other intelligence artifacts to provide meaningful and actionable intelligence. Analyze raw data sets and extract relevant insight to form high quality TI responses. Perform proactive all-source research to identify and characterize new threats to the customer base and draft related TI products, where appropriate. Maintain a broad understanding and knowledge of the latest offensive and defensive Tactics, Techniques and Procedures (TTPs) as well as overall Threat Landscape trends. Collaborate internally and externally, and develop, enhance and produce Secureworks TI products. Own and execute ongoing projects such as customer threat landscape presentations. Identify intelligence collection gaps and communicate findings and collection requirements. Initiate, propose, and update processes and standard TI operating procedures for efficient and effective response to TI and IR RFIs. Take ownership of, triage, and update tracking systems for TI requests. Gather contextual information from multiple sources to establish a TI request course of action or respond to a standard request for information related to the TI-Support service line. Meet service level agreements regarding initial response time and customer notification as necessary. Provide internal stakeholders the necessary information for decision support and situational awareness on service request intake activities. Route RFIs to the proper service delivery team with the appropriate level of urgency and communication channel in a professional and courteous manner with an emphasis on customer satisfaction; assess and escalate to the next level as needed. Knowledge, Skills, and Abilities: Understanding and experience with the intelligence analysis lifecycle, including but not limited to:• Conducting all-source intelligence research• Mining internal and external databases/repositories• Pivoting research focus on TI indicators of interest• Developing assessments with evidential basis• Translating findings into client responses and/or threat intelligence reports Fundamental knowledge in most of the following areas:• Familiarity with advanced search engine functionality and search query customization.• Unix, Linux, Windows, and OSX operating systems• Exploits, vulnerabilities, intrusion vectors, and malware• Host forensics, network forensics, and malware analysis techniques• Network traffic analysis, endpoint activity analysis, and log analysis techniques• Understanding of enterprise cyber incident management and response processes• Understanding of enterprise cybersecurity controls and failure modes Excellent technical communication skills (oral and written) including experience briefing executive managementExcellent organization and resource management skills Excellent capability to prioritize multiple and concurrent urgent tasksExcellent customer service skills and ability to quickly establish technical credibility and rapport with customersTeam player with the ability to work autonomously in a fast-paced, dynamic environmentPassionate about information security and service excellence Desired Experience/Training:Professional degree relevant to cybersecurity or intelligence analysis or equivalent work experience within a technical information security- related role such as Security Operations, Incident Response, or Threat Intelligence analysisProfessional certifications such as GCTI, GCIA, GCIH, GREM, CISSP, CISM, or similar cybersecurity technical certifications are a plusDevOps methods and ITIL framework knowledge are a plus Join Lean Tech and contribute to shaping the data landscape within a dynamic and growing organization. Your skills will be honed, and your contributions will play a vital role in our continued success. Lean Tech is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.