Deloitte Cyber Threat Research Developer in New York, New York
Are you interested in improving the cyber and organizational risk profiles of leading companies? If your response is yes, consider joining Deloitte & Touche LLP s growing Cyber Risk Data Privacy & Protection practice. Our data protection and privacy architects assist our clients with the design and implementation of holistic and targeted solutions needed to meet and exceed the requirements of best practice, ethical operations, and regulation.
Work you ll do
This position is for Deloitte s Managed Threat Services team. The Cyber Threat research developer manages the development, implementation commercial and custom-made tools supporting the Threat Intelligence team. The developer will closely work with the threat intelligence team to assess the needs and any new development projects needed to drive more automation from a data perspective and daily tasks.
Responsibilities include but are not limited to:
Manage the development, implementation, and routine operation of multiple commercial and/or custom tools and data sources that enable tracking of threat actors, campaigns, vulnerabilities and exploits, and associated tactics, techniques, and procedures (TTP).
Oversee development of collection capabilities to include (but not limited to): spam traps, honeynet / intrusion monitoring, and malware sandboxes.
Integrate of data derived from these tools into accessible and usable platforms which facilitate intelligence research and analysis.
Develop custom code with streamlines intelligence analysis and production
Coordinate intelligence sharing internally with Deloitte security teams and externally with clients through Deloitte s Threat Intelligence Platform (TIP).
The ideal candidate should exhibit the following behavioral traits:
Strong understanding of code development (particularly Python, Java)
Experience in both the DevOps and Information Security disciplines
Familiarity with the various stages of the Intelligence lifecycle and an understanding of how tools/programs/capabilities support each stage of this process
Relevant job experience leveraging the MITRE ATT&CK framework to track threat actor TTPs.
Experience integrating and processing disparate and/or unstructured data from multiple sources.
Knowledge of one or more of the following technologies, specific tools listed in parentheses: workflow and ticketing (Jira), and Threat Intelligence Platforms (i.e. Threat Connect), link analysis (i.e. Maltego), Intrusion Detection (i.e. Snort), Sandboxes (i.e. Cuckoo)
Work history which demonstrates the individual s capacity to prioritize tasks and complete mission critical projects without regular direct supervision.
Ability to function as a remote/work from home employee while staying engaged with a dynamic, team-oriented group of co-workers across the globe.
Category: Information Technology
As used in this document, Deloitte means Deloitte LLP and its subsidiaries. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.