Senior Threat Intelligence Researcher, ANZ

at  Salesforce

To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.
Job Category
Software Engineering
Job Details

MINIMUM REQUIREMENTS:

• Have at least 3-5+ years previous experience in an Intelligence or Detection & Response role.
• Experience conducting and correlating cyber threat research using OSINT, incident response engagement data, and proprietary tools.
• Skilled proficiency with data analysis and the ability to synthesize distinct data sources and security data-points into tangible intelligence, including drawing parallels with industry and landscape trends
• Proficiency with strategic intelligence writing for both technical, non-technical, and executive audiences - ideally with threat briefings, threat reports, public-facing blog posts, or similar finished intelligence
• Experience analyzing a variety of enterprise and platform log types for threat discovery, recommending detection and data science approaches against threats .
• Knowledge of industry standard conventions: BLUF, estimative language, ability to express analytic confidence, knowledge of common analytics frameworks (Cyber Kill Chain, Diamond Model, MITRE ATT&CK, etc.), and Structured Analytic Techniques (Analysis of Competing Hypotheses, etc.)
• Familiarity with using threat actors and landscape trends to support broader security functions, such as enterprise and product security, risk management, offensive security, identity management, among others.
• Baseline familiarity with red, blue, and purple teaming approaches

PREFERRED REQUIREMENTS:

• Experience doing intelligence analysis at a cloud/SaaS company or “at scale” in a large, complex environment
• Experience (either hands-on or supporting processes for) identifying, tracking, and/or disrupting advanced cyber threat actors; knowledge of advanced actor Tactics, Techniques, and Procedures (TTPs)
• Experience with threats in AWS, Microsoft Azure, and Google Cloud
• Experience with hunting/IR tools used for host and network analysis, automation/SOAR tools, and log query building (like Splunk)

ABOUT THE ROLE:

As a Senior Threat Intelligence Researcher in this role, you will perform technical assessments and data analyses on threats to Salesforce, our platforms, and our customers. The role requires a skilled security/intelligence professional with experience performing hands-on research and building intelligence products and briefings to better advise a global/diverse audience of internal customers on topics that matter to Salesforce. The role is expected to have a sound knowledge base and understanding of the cybersecurity threat landscape, including but not limited to state sponsored and advanced eCrime actors along with various trends in cybersecurity. You are both experienced and passionate about cyber intelligence, with tangible experience producing, communicating, and contextualizing intelligence and experience tackling cybersecurity incidents within a broader Detection and Response team. You would be expected to maintain and cultivate relationships on these topics across public and private industries, and support TI’s efforts within the security organization to influence and ensure Trust within the enterprise and our platforms.

RESPONSIBILITIES:

• Identify new or existing threats and distill this information into concise finished intelligence to multiple internal partners, including executives
• Assist in driving realized threat and risk reduction efforts/initiatives across the enterprise and products
• Manage threat data and create original intelligence assessments and output in support of our incident response, threat hunting, threat detection, and security engineering missions
• Serve as an intelligence expert and liaison to multiple internal customers in security and across the business in a technical capacity
• Build expertise on any threats targeting Salesforce and provide intelligence about the attacker activity when possible