Advanced Threat Intelligence Analyst
We are Relativity. A market-leading, global tech company that equips legal professionals with a powerful platform to organize data, discover the truth, and act on it. The U.S. Department of Justice, 198 of top 200 U.S. law firms, and more than 70 Fortune 100 companies are among our customers who trust Relativity during litigation, internal investigations, and compliance projects.
Our SaaS product, RelativityOne, has become the fastest-growing product in the company's history and we have consistently been named a great workplace. As we grow, we continue to seek individuals that will bring their whole self to our team atmosphere.
Join us in the transformation of the legal industry and play a pivotal role in shaping the future of the practice of law and beyond.
Relativity is looking for a Cyber Threat Intelligence Analyst to join a fast-paced and dynamic Cyber Security team. The ideal candidate will be a career-driven and passionate mid-career security professional that can continue the development of the intelligence-driven Cyber group into a world-class security program and collaborate with highly skilled cyber experts to anticipate and illuminate threats to our organization and clients using next-generation tool-sets and capabilities. Candidates will work with state-of-the-art tools to understand attacks against our organization, its assets, and our clients with a focus on understanding the techniques and methodologies being used. This is a technical role so let your inner geek shine!
- Evaluate, analyze, and derive actionable threat intelligence from a variety of open-source, commercial, and private sources to deliver quality deliverables to both technical and executive audiences.
- Assess, curate, and manage multiple threat intelligence feeds to enable the correlation of security events.
- Participation in the research and development of next-generation analytics using internal log data and external data sources to identify attack patterns that evade traditional countermeasures.
- Advocacy of intelligence-sharing principals to develop the capability, reputation, and footprint of Relativity.
- Provide subject-matter technical expertise during high-profile and targeted attacks under investigation by the Cyber organization.
- Familiarity with scripting or programming languages (Python, Powershell, Perl, etc), as they apply to information security.
- Interest to learn additional skills as required, including cross-functional tools and foreign languages.
- Exposure to intel-driven threat hunting principals to identify novel attack presentations and concepts.
- Knowledge of adversarial tools, techniques, and procedures within the context of the ATT&CK framework or equivalent.
- Strong familiarity with TCP/IP, cryptography, attacker methodologies, malicious code, exploit development, and mitigating controls.
- Proficiency with intelligence and analysis tools such as Splunk, Maltego, VirusTotal Intelligence, Threat Intelligence Platforms, and OSINT aggregators.
- One or more of the following certifications: GCTI, OSCP, GCIA, GREM, GNFA, CISSP or similar.
- Ability to leverage insight from internal telemetry and an emerging threat landscape to describe and anticipate actions by cyber-criminal, hacktivist, and cyber-espionage actors.
- Comprehensive understanding of adversary technologies, capabilities, targeting profiles, and motivations to assess and attribute observed malicious activity.
- Familiarity with the application of the cyber kill chain and diamond model to conceptualize advanced cyber attacks.
- Capacity to provide both high-level and technical briefings on emerging threats and vulnerabilities, collaborating with extended Cyber teams to assess risk.
- Proficiency in the identification and validation of data exposure events sourced from industry-standard tools and the intelligence community.
- Ability to work collaboratively and independently to deliver projects based on high-level requirements and success criteria.