Specialist, Threat Intelligence

at  Teck

QUALIFICATIONS

• 5+ years of experience in cybersecurity with a focus on threat intelligence
• Certified Threat Intelligence Analyst (CTIA), Certified Information Systems Security Professional (CISSP) certifications or equivalent
• Additional relevant certifications (e.g., CEH, GIAC GCTI) are a plus
• Proven track record in identifying and mitigating cyber threats
• Consistent record in automating threat intelligence processes and developing custom security tools
• Solid understanding of cyber threat intelligence frameworks and methodologies
• Proficiency in threat intelligence tools and platforms (e.g., ThreatConnect, Anomali, MISP)
• Coding and scripting skills in languages such as Python, PowerShell, or Bash
• Experience with security automation and orchestration platforms (e.g., SOAR)
• Understanding of APIs and integration techniques
• Analytical thinking and problem-solving skills to identify and mitigate security threats
• Teck values encompassed in daily activities including being responsible and courageous, respectful and inclusive, and humble and driven
• The ability to increase maturity by building on context and to manage risk while assessing trade-offs
• Capacity to standardize processes through writing and reviewing
• Demonstrated personal accountability, transparency and a growth mindset

• Be a courageous safety leader, adhere to and sponsor safety and environmental rules and procedures
• Champion the 3 lines of defense model for risk management and act as a 2nd line of defense facilitator regularly interacting with the 1st defence line
• Determine, document, and curate threat intelligence requirements for the organization and its key partners while establishing critical metrics for the function
• Maintain a threat intelligence collection plan to guide the function’s processes and integrations
• Provide context and enrich threat intelligence in order to sharpen the signal and its relevance to the organization
• Produce work products that will support the missions of various customer groups, including but not limited to IOCs, TTPs, weekly threat briefings, quarterly threat reports, and annual threat trends
• Gather, analyze, and disseminate threat intelligence from various sources, including open-source intelligence, commercial feeds, and internal data
• Implement and maintain automated threat intelligence scripts and workflows using Python, PowerShell, and other relevant languages
• Integrate threat intelligence feeds and APIs into security systems to ensure real-time threat detection and response
• Collaborate with the security operations team to develop automated threat seek missions as code
• Ensure the integration of threat intelligence with SIEM, SOAR, and other security tools to improve threat detection and response capabilities
• Develop and maintain threat intelligence processes and procedures, collaborating with partners to improve capabilities when possible
• Conduct threat analysis and provide actionable intelligence to relevant teams
• Stay updated with the latest threat trends and technologies, and share knowledge with the team
• Ensure timely and accurate reporting of threat intelligence findings to senior management
• Develop threat profiles for critical assets and communicate potential impacts to business leaders