Vulnerability Intelligence Analyst

Digital Shadows is fast growth company with offices in London, San Francisco, Dallas, Frankfurt and Singapore. Our mission is to protect organizations from external digital risks across the open, deep, and dark web. We do this by providing relevant threat intelligence, context, expertise, and remediation that enables organizations and security teams to focus on their core business in the digital era. Our SearchLight™ service combines scalable data analytics with threat intelligence analysts to monitor for cyber threats, data leakage, reputation risks and a whole lot more. You can learn more about us at www.digitalshadows.com or review the Forrester New Wave report where we were named the leader in Digital Risk Protection.

We are currently seeking a Vulnerability Intelligence Analyst that can apply their theoretical and practical knowledge of vulnerabilities to support the production of client facing Photon intelligence products. This is a tactical role and the successful candidate will be responsible for reporting on major vulnerabilities, analyzing data feeds, and providing in-depth analysis on how vulnerabilities can impact clients.

Role and Responsibilities

• Deliver tactical vulnerability intelligence to support the Photon Team’s production of SearchLight Intelligence
• Conduct research into vulnerabilities and malware and provide insights into how these could manifest as cyber threats drawing on industry feeds, proprietary data and multiple sources including primary and restricted-access sources
• Drive the creation of client-facing threat profiles available in the SearchLight portal
• Support client Requests for Intelligence (RFIs) as needed
• Share knowledge, to support all Photon team members
• Support the Cyber Threat Intelligence Leads and Managers in developing vulnerability intelligence products
  

Requirements

• 3+ years experience, ideally in a vulnerability intelligence, penetration testing or network intrusion analysis based role
• Sound technical understanding of hardware and software-based vulnerabilities
• Experience with vulnerability assessment products and tooling
• Ability to use suitable coding/scripting languages (preferably Python or Java)
• Familiar with Diamond Model, Cyber Kill Chain, and ATT&CK/D3FEND frameworks
• Demonstrated writing ability and able to explain complex technical subject matter to non-specialists
• A university degree or equivalent education (i.e. Computer Science, Cyber Security, Data Science) with strong academic results or equivalent professional experience
• Comfortable working in cross functional intelligence teams
• Inquisitive and curious mindset when it comes to threat identification, threat hunting
• Willing and eagerness to learn and able to adapt with the growth of the business
• Up-to-date insights into current exploit techniques, vulnerability disclosures, data breach incidents, and security analysis techniques, combined with the understanding of the potential impact on an organization’s security posture

Desirable

• Security Operations or incident response experience preferred but not required
• Experience of red-teaming events and penetration testing practices
• Foreign language skills are a plus, especially key languages (Russian, Mandarin, Farsi)
• Soft skills including coaching and mentoring

Benefits

• Generous compensation package which includes; competitive salary, annual bonus, stock options and expense reimbursements related to travel and remote working.
• Excellent benefits; generous health insurance, paid time off (PTO), volunteering days, paid parental leave, paid military leave, paid sick leave, long service award of additional PTO, employee assistance program and mental health support.
• Spirited and energetic culture; regular team building events (in-person and online), monthly employee care packages, employee engagement activities with prizes, weekly updates from our cofounders, employee thank you cash awards, company swag!
• Career Development: In-house training programs and online learning management platforms, employee career path programs, professional certification and eduction support.