You will lead intelligence gathering and development activities on threat actors targeting software supply chains. You’ll study attack trends across the wider open source software landscape, report findings to internal security teams, and advise the wider engineering community on the best course of action to detect and mitigate possible threats.
As the publisher of Ubuntu, Canonical products are directly or indirectly present in almost every organisation and household in the world, making them a prime target for threat actors. This team’s mission is to help Canonical, and by extension countless community members and companies around the world, secure their software infrastructure.
What you’ll do in this role
Build and own Canonical’s threat intelligence strategy
Build and maintain OSINT research environments
Develop OSINT tradecraft, principals, and techniques
Identify and track targeted intrusion cyber threats, trends, and new developments by cyber threat actors through analysis of proprietary and open source datasets
Collaborate across teams to inform on activity of interest
Coordinate adversary/campaign tracking
Contribute to the wider threat intelligence community, establishing Canonical as a key contributor and thought leader in the space
Work with product and engineering teams to explain cybersecurity threats and advise on mitigation strategies
Work with the OPSEC and IS team to help implement/update security controls prioritising cyber defence
Identify intelligence gaps and propose new tools and research projects to fill them
Conduct briefings for executives, internal stakeholders and external customers
The successful Threat Intelligence Lead will be
An experienced threat intelligence leader (or similar)
Knowledgeable about the current open source threat landscape and computer networking/infrastructure concepts
Highly competent with OSINT tools (e.g., Buscador, Trace Labs OSINT VM, OSINT Framework, Maltego, Shodan, social media scraping tools, etc.)
Able to identify, organise, catalogue, and track adversary tradecraft trends — often with incomplete data
Experienced using threat intelligence data to influence enterprise architecture or product development decisions
An excellent communicator with the ability to clearly articulate and tailor technical content to a variety of audiences
Able to travel twice a year, for company events up to two weeks long
Desired Characteristics
A professional portfolio of OSINT related scripts, tools, or frameworks
Demonstrated involvement in the larger OSINT community (please share relevant links)
Degree qualified, with a bachelor’s degree in computer science, information security, or a related field
Certifications in related areas (e.g. GOSI, SANS SEC487 & SEC587, IntelTechniques OSIP, etc)
Experience in a tech company or government/military signal intelligence departments
go to method of application »
Use the link(s) below to apply on company website.
Apply via :