Infosec - Threat Intelligence Analyst

Elastic is a free and open search company that powers enterprise search, observability, and security solutions built on one technology stack that can be deployed anywhere. From finding documents to monitoring infrastructure to hunting for threats, Elastic makes data usable in real-time and at scale. Thousands of organizations worldwide, including Barclays, Cisco, eBay, Fairfax, ING, Goldman Sachs, Microsoft, The Mayo Clinic, NASA, The New York Times, Wikipedia, and Verizon, use Elastic to power mission-critical systems. Founded in 2012, Elastic is a distributed company with Elasticians around the globe. Learn more at elastic.co.

The threat landscape is constantly evolving. Elastic needs to continually evolve and adapt to this changing landscape. The threat intelligence program at Elastic is a force multiplier in how we achieve this objective by providing relevant, useful and actionable data to partners and decision makers to lead changes in our environment, enabling Elastic to better prepare for and respond to threats.

As a Threat Intelligence Analyst you are responsible for contributing to an intelligence program that enables partners and peers to be better prepared to protect and defend our environment. You'll research, analyze, and report on cyber incidents and events that are relevant to Elastic, including those that may impact our products, services, and customers. We look to you to analyze and evaluate potential cyber threats against Elastic and to collaborate with other analysts in order to deliver threat intelligence.

What You Will Be Doing:

• Deliver threat intelligence products to enable intelligence driven detection and response through an understanding of the threat environment
• Create written and verbal intelligence products in a timely manner for partners using both open source and proprietary intelligence sources
• Communicate and collaborate with threat intelligence vendors, partners, and sharing groups
• Support all phases of the incident response and detection life cycle, specifically as it pertains to applying cyber threat intelligence to improve threat detection techniques, visibility, and event analysis
• Provide additional context for alerts and cases to support incident responders
• Use internally generated data (cases, alerts, customer inquiries, etc…) to provide trend analysis and reporting
• Collaborate with internal teams to help improve the overall security posture of Elastic based on threat intelligence

What You Bring Along:

• Contributed to a threat intelligence program in a complex, distributed, global environment. Cloud experience a plus
• Written and delivered threat intelligence reports for stakeholders
• Used threat intelligence management platforms for management and distribution of IOC/IOAs
• Used common frameworks for threat intelligence (Diamond model, MITRE ATT&CK, Cyber Kill Chain, etc…)
• Analyzed trends in both external and internal data sets to create intelligence products that provide value at the tactical, operational and strategic levels

Bonus Points:

• Excel/Google Sheets.
• Experience with the Elastic Stack

Additional Information - We Take Care of Our People

As a distributed company, diversity drives our identity. Whether you’re looking to launch a new career or grow an existing one, Elastic is the type of company where you can balance great work with great life. Your age is only a number. It doesn’t matter if you’re just out of college or your children are; we need you for what you can do.

We strive to have parity of benefits across regions and while regulations differ from place to place, we believe taking care of our people is the right thing to do.

• Competitive pay based on the work you do here and not your previous salary
• Health coverage for you and your family in many locations
• Ability to craft your calendar with flexible locations and schedules for many roles
• Generous number of vacation days each year
• Double your charitable giving - We match up to $1500 (or local currency equivalent)
• Up to 40 hours each year to use toward volunteer projects you love
• Embracing parenthood with minimum of 16 weeks of parental leave

Different people approach problems differently. We need that. Elastic is committed to diversity as well as inclusion. We are an equal opportunity employer and committed to the principles of affirmative action. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status or any other basis protected by federal, state or local law, ordinance or regulation. If you require any reasonable accessibility support, please complete our Candidate Accessibility Request Form. 

Applicants have rights under Federal Employment Laws, view posters linked below: Family and Medical Leave Act (FMLA) Poster; Equal Employment Opportunity (EEO) Poster; and Employee Polygraph Protection Act (EPPA) Poster.

Please see here for our Privacy Statement.