Digital Security Threat Analyst
About the organization
This position is part of Internews' Global Technology team. We are a ~40 person, multilingual, multi-cultural team distributed across 11 countries. Our programs and initiatives:
Defend and promote Internet freedom, particularly digital rights, digital safety, and anti-censorship technologies;
Provide direct technological support to human rights defenders and independent journalists;
Improve private sector accountability within the area of technology and human rights;
Lead research into how human rights can be protected in closed and closing spaces.
You can learn more about the Global Technology Program at Internews here:https://internews.org/areas-of-expertise/global-tech/
Internews is seeking a full time Digital Security Threat Analyst to serve in a key position on a Global Technology project that will strengthen the resilience of human rights organizations and journalists to attacks by building local threat analysis and response capacity. The Digital Security Threat Analyst will play a crucial role in upskilling five Threat Labs on advanced threat research and analysis topics by providing advice, support, and trainings in addition to conducting advanced digital forensics. "Threat Labs" are local organizations with the technical capacity and appropriate tools to analyze suspicious phishing and malware samples and then share information back to the community regarding attack trends, emerging threats, and countermeasures. The Digital Security Threat Analyst will also serve as the primary point of contact for Internews engagements with private sector cybersecurity firms who provide pro bono assistance to our civil society project partners and will support relationship-building between Threat Lab partner organizations and private sector cybersecurity firms.
To learn more, please visit our Careers page.
- The successful candidate will be able to advise, support, and train partners on advanced threat research and analysis topics. Some partners are already quite advanced, some are mixed, and some are just starting; the Digital Security Threat Analyst will need to be ready to both learn from partners and identify opportunities for peer support among partners, while also training and/or introducing them to new topics.
- Expertise in digital security, threat analysis, forensics, and threat sharing
- Ability to conduct significant threat research, both indirectly leveraging VirusTotal and similar tools as well as direct reversing/investigation of files, logs, and web infrastructure
- Ability to rigorously document and present findings from threat analysis (Maltego, Dradis, etc.)
- Ability to apply and explain to others operational security approaches and workflows to follow when analyzing digital threats, such as the use of VPN/Tor, usage and hardening of analysis machines, when to use specific tools, etc.
- Familiarity with threat-sharing solutions like MISP, and ability to build Indicators of Compromise (IOC) to share iwth others, both independently and in coordination with Threat Labs
- Basic knowledge of cybersecurity standards, frameworks, and other concepts usually employed beyond the Internet Freedom community, like MITRE, CISecurity, CVE tracking, Indicators of Compromise, YARA, threat hunting, etc.
To apply, please submit CV and optionally a cover letter via our Careers page.
Equal Opportunity Employment
The posting employer has certified that this announcement complies with Peace Corps’ Equal Opportunity Employment policy:
The Peace Corps is committed to providing equal opportunity to all employees, Volunteers, and applicants for employment and volunteer service. Peace Corps policy prohibits discrimination and harassment because of race, color, religion, sex, national origin, age (40 or over), disability, sexual orientation, gender identity, gender expression, marital status, parental status, political affiliation, union membership, genetic information, or history of participation in the Equal Employment Opportunity process, grievance procedure, or any authorized complaint procedure.
Does this sound like the position for you?Apply to job