(Global Oil Gas) Senior Lead Cyber Threat Intelligence Specialist

This role required candidate to permanently relocate at Dhahran, Saudi Arabia.

About the Company

This company engages in the exploration, production, transportation, and sale of crude oil and natural gas. It operates through the following segments: Upstream, Downstream, and Corporate. The Upstream segment includes crude oil, natural gas and natural gas liquids exploration, field development, and production. The Downstream segment focuses on refining, logistics, power generation, and the marketing of crude oil, petroleum and petrochemical products, and related services to international and domestic customers. The Corporate segment offers supporting services including human resources, finance, and information technology. The company was founded on May 29, 1933 and is headquartered in Dhahran, Saudi Arabia.

Job Summary

We are seeking a Senior Cyber Threat Intelligence Analyst to join the Security Intelligence Center Division of Digital & Information Technology.

The Security Intelligence Center Division is responsible for providing security operations, including 24/7 Security Operations Center (SOC), cyber intelligence, forensic services, network and endpoint protections as well as running Security Information and Event Management (SIEM) system, Log Management System (LMS) and Cyber Intelligence Management System (CIMS).

The Cyber Threat Intelligence Senior Analyst's primary role is to conduct Threat Intelligence ingestion, threat hunting, and integration of security reports within This Company cybersecurity systems. This includes working closely with security staff to capture high-fidelity Indicators of Compromise (IOCs) for detecting malicious activity to enhance cyber security operations as well as profiling and tracking of threats.

Key Responsibilities:

• Managing and orienting internal and external sources of intelligence.
• Reviewing threat reports and feeds and digesting threat information into actionable Cyber Threat Intelligence.
• Managing a Threat Intelligence platform and optimizing its integration with other cybersecurity systems.
• Optimizing Cyber Threat Intelligence models.
• Developing and maintaining strategic cyber intelligence-related partnerships.
• Aiding and guiding cybersecurity analysts in threat hunting and Cyber Threat mitigations.
• Guiding and mentoring junior Cyber Threat Intelligence analysts.

Requirements:

• Willingness to permanently relocate to Dhahran, Saudi Arabia.
• Hold a Bachelor’s degree in Computer Science or a related field from a recognized and approved program; an advanced degree is preferred.
• Have nine years of experience in Information Security, including at least 5 years in Cyber Threat Intelligence.
• Possess working user-level knowledge of Security Information and Event Management (SIEM), Log Management Systems, Incident Response Platforms (IRP), and Threat Intelligence Platforms (TIP).
• Have knowledge in both YARA and SIGMA rules, including both writing and using them.
• Demonstrate a working understanding of OODA, ICD 203 & 208, Diamond, LM CKC models, and the MITRE ATT&CK Framework.
• Understand how Intelligence-Driven Defense is used to protect a large enterprise.
• Possess Forensic Analyst skillset.
• Have working-use knowledge of Intrusion Protection Systems, Web Gateways, email security appliances, Log management, and Threat Intelligence platforms.
• Ability to identify indicators of compromise (IOCs), evaluate existing defenses against identified attacks to determine weaknesses, correlate intelligence to identify campaigns, profile actors, and track such activities.
• Track activities of specific campaigns.
• Be self-motivated with a high sense of urgency and personal integrity.
• Demonstrate eagerness and capacity to learn.
• Write clearly with full documentation and present verbal/written messages persuasively.
• Work well with people of diverse values, opinions, skills, and goals.