Principal Information Security Engineer – Threat Intelligence
ABOUT THE ROLE:
Threat Intelligence Engineer is a member of an adaptive, integrated and intelligence driven Cyber Defense and Security Engineering department. Identifies and manages threat intelligence requirements. Conducts cyber threats modeling, identification and assessments. Plans, designs, builds and continuously improves Threat Intelligence Platform (TIP). Supports security incident response and threat hunting operations.
Your KEY objective is to keep DHL IT operations running! by providing predictive, early warning capabilities and actionable threat intelligence to effectively combat advanced cyber adversaries. Your mission is: to continuously increase DHL’s resilience to emerging cyber-threats and vulnerabilities.
• Identify, create and maintain Threat Intelligence (TI) requirements to support: key stakeholders with decision making processes, Incident Response and Threat Hunt operations.
• Plan, design, implement, operate and continuously improve Threat Intelligence Platform (TIP) to support threat detection and prevention capabilities across layers of technical controls.
• Manage Threat Intelligence (TI) sources throughout their life cycle: testing, acquisition, integration, correlation, enrichment, contextualization and continuous evaluation.
• Provide predictive and early warning capabilities about prioritized cyber threats, their evolution, new campaigns, TTPs changes (tools, tactics and processes).
• Manage DHL own threat intelligence generation, integration and sharing workflows. Create Indicators of Compromise (IOCs) in formats such as YARA, OpenIOC, and STIX.
• Research specific threats and assist with simulation of their TTPs within DHL. Test SIEM and other security technologies detection capabilities.
• Conduct analysis of DHL’s adversaries’ cyber infrastructure and subsequently report for takedown.
• Support security incident response function for selected situations, threat identification and analysis, IoCs sets generations for threat hunt operations.
• Support Security Engineers and Analysts training and development program by running specific threat demonstrations and workshops.
YOU SHOULD HAVE:
• Passion for information security, continuous learning mindset and problem solving attitude.
• Data analytics skills to efficiently comprehend and synthesize large information sets and produce actionable TI.
• Ability to cope with fast changing situations and to keep calm, and stay focused during major situations.
• Rich experience with designing, building, running and improving Threat Intel Platforms (TIPs).
• Very good programing language skills (e.g. Python, Shell, PowerShell, CSharp) and system administration capabilities (to run TIP infrastructure).
• Very good understanding of Common Cyber Attack techniques and principles e.g. MITM, Cyber Kill Chain, MITRE ATTACK framework.
• Good understanding of Intrusion Prevention Systems (IPS on host and network level), EndPoint Protection Platform (EPP), EndPoint Detection and Response (EDR) and Security Information and Event Management (SIEM) solutions.
• Good understanding of Information Security Incident Response management practices (ISIRT/CSIRT).
NICE TO HAVE:
• Good understanding of Information Security common body of knowledge e.g. ISC2, SANS, ISO270xx, OWASP.
• Good understanding of Threat and Vulnerability Management (TVM) practices.
• Good understanding of Continuous Improvement framework.
• Understanding of Enterprise Security Architecture principles.
• Understanding of Project Management (PM) and IT Infrastructure Library framework (ITIL).
• SANS, CISSP certifications and trainings.
• Ability to join one of the most agile and passionate Cyber Security teams in the Czech Republic!
• Opportunity to join advanced cyber threats’ “hunt” / “seek & destroy” missions.
• Great team of IT professionals - “Brothers in arms”; be warned that we have specific sense of humor and very direct communication style.
• Plentiful (!) opportunities for personal and professional development.
• Permanent contract.
• Company Car, Pension plan contribution, Long-term Sickness Insurance.
• CAFETERIA employee benefit program with wide selection of benefits from Edenred.
• Extra week of holiday (25 days/year), 6 Self-sickness days/year, Full salary compensation for up to 10 days absence due to illness per calendar year, Lunch vouchers fully covered by company.
• Multisport card, mobile and laptop, fruit days, sport clubs for employees, Referral program……
• On-going professional and technical trainings and certifications.
• Huge number of internal job opportunities within the company.
Zahlen und Fakten
DHL Information Services (Europe) s.r.o.
„Die Deutsche Post DHL bietet mir Sicherheit, die Chance mich weiterzuentwickeln und die Möglichkeit, in fast jedem Land der Welt zu arbeiten.“
Aktueller Mitarbeiter – Senior Consultant in Bonn