Threat Intelligence Analyst

About eSentire

Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business-disrupting events. Combining cutting-edge machine learning XDR technology, 24/7 Threat Hunting, and proven security operations leadership, eSentire mitigates business risk and enables security at scale.

The Team eSentire difference means enterprises are protected by the best in the business with a named Cyber Risk Advisor, 24/7 access to SOC Cyber Analysts, Elite Threat Hunters, and industry-leading threat intelligence research from eSentire’s Threat Response Unit (TRU). eSentire provides Managed Risk, Managed Detection and Response and Incident Response services.

eSentire is looking for highly capable individuals to be part of our Threat Intelligence team. eSentire is a recognized industry leader and one of Canada’s Fastest-Growing Tech company. We work in a collaborative and innovative work environment with brilliant and passionate people who strive and encourage others to do their best. Join us to gain rewarding and developing career experience with the ability to grow and make an impact from your work.
The Opportunity

**Responsibilities**:

- Work collaboratively with the team to automate data collection/processing where possible.
- Produce tactical level intelligence analysis of cyber threats and actors in support of the team objectives as well as overall cyber security and network defense operations.
- Collaborate with Customer Success, and the Security Operations Centre
- The Sr. Manager will assign other duties if required.

Time Allocation
- 60% - Intelligence Processing and Reporting
- 20% - Collaboration on Projects
- 10% - Threat Intelligence Escalations
- 10% - Public facing & Client Engagement

**Requirements**:

- Minimum of 3 years’ experience in an analytic role of either intrusion detection or network forensics analyst.
- Experience in performing security incidents detection and handling in an operational environment such as SOC, CSIRT, CERT.
- Strong written and verbal communication skills.

Desired Skills
- Experience working with database management systems such as MYSQL/PSQL.
- Experience with investigation & response tools such as Carbon Black Response, CrowdStrike, SentinelOne, and ThreatConnect.
- Familiarity with Shodan, Binary Edge, GreyNoise, and VirusTotal.
- Ability to convey complex technical content to a tactical, operational, and strategic audience.
- Familiarity with incident lifecycle and reporting.
- Familiarity with MITRE’s ATT&CK framework.
- SANS Certifications are considered an asset (GCTI,GCIH)
- Experience presenting research at conferences and public events is considered a plus.
- Experience working with clients, and articulating risk in business terms is considered a plus.

Work Conditions
- Work will be in the standard business environment during 9 to 5 office hours.
- The position does not require the availability for on-call rotation, or 24/7 shift coverage.
- In case of emergency working hours might be modified.

Why a Career with eSentire?

**Our Culture**: At eSentire we work in a collaborative and innovative work environment. We work with brilliant and passionate people who strive and encourage others to do their best. eSentire’s idea-rich environment welcomes creative and sometimes unconventional perspectives

**Growth Opportunities**: At eSentire you will have the opportunity to grow and make an impact from your work. We encourage innovation in all who become a part of our team. With growing operations internationally, there are many lateral and upward advancement opportunities for rewarding and developing careers with eSentire. We’re strong believers in continuing education and provide the resources that you need to continue learning.

**Employee Perks**: We provide breakfast, snacks and refreshments (at our physical office locations in Waterloo, London, and Cork), flexible working hours and vacation, company-wide equity and bonus programs, subsidies for continuing education and health & wellness, and attractive compensation and benefits plans. We make it our obligation to the team to stay current with compensation trends in the tech field

We thank all applicants in advance for applying. Only individuals selected for interviews will be contacted.

LI-SJ
LI-Hybrid