DUTIES AND RESPONSIBILITIES:

Vulnerability Lead Identification & Analysis

• Quickly identify, analyze, and assess new or emerging cybersecurity threats, especially newly disclosed or exploited vulnerabilities.

• Stay updated on cybersecurity news, advisories, and exploitation activity to ensure timely and thorough coverage.

• Identify key technical details such as root causes, exploitation chains, post-exploitation activity (IoCs, malware), threat actors, exposed instances, PoCs, and relevant MITRE

ATT&CK techniques.

Author Insikt Notes

• Write TTP Instance reports based on open-source information and your own analysis (e.g., code review).

• Each report should clearly explain the threat, impact, mitigation steps, and include a concise summary.

• Cadence: Up to 2 TTP Instances daily.

• Quality: Minimal grammar errors; plagiarism is strictly prohibited.

Detection Engineering

• Create Nuclei templates for detecting new and emerging vulnerabilities.

• Cadence: At least 1 template per month, with support from the Senior Vulnerability Analyst.

• Templates should be submitted together with a TTP Instance.

• Junior Analysts will receive training; prior Nuclei experience is not required.

Information Security

• Follow Organization's quality and information security policies.

• Protect all client data from unauthorized access, disclosure, or modification.

• Perform tasks aligned with security processes and report any non-conformities, observations, or security risks to your supervisor.

QUALIFICATIONS

• Bachelor’s degree (or equivalent) in Computer Science, Information Systems, or Cyber Intelligence.

• Minimum 6 months of experience in cybersecurity, threat intelligence, or IT.

• Strong interest in cybersecurity topics (e.g., vulnerabilities, exploitation, PoCs).

• Proven ability to research and analyze emerging cyber threats.

• Experience in technical writing and simplifying complex technical concepts (writing sample required).

• Strong attention to detail.

• Able to work both independently and in a team.

Must-have Qualifications

• Strong English writing skills

• Experience creating clear and concise technical reports (e.g., vulnerabilities, malware, offensive security tools)

• Good time management

• Self-motivated and collaborative

• Accountable and open to constructive feedback

Nice-to-have Qualifications

• Experience with threat intelligence frameworks (MITRE ATT&CK, D3FEND, Diamond Model, Cyber Kill Chain).

• Familiarity with CTI tools (DomainTools, VirusTotal, Shodan, etc.).

• Hands-on experience with pentesting tools (Burp Suite, Nmap, ZAP, Metasploit, Wireshark).

• Knowledge of scripting/programming (YAML, Python, Golang, JavaScript, etc.).

• Background in vulnerability management/remediation.

• Experience creating Nuclei templates