Cyber Threat Intelligence Researcher

Key Responsibilities: Analyze data logs from different security controls to identify cyber threats and patterns, and generate relevant intelligence and recommendations to the operation teamsEffectively monitor, collect and report Intelligence relevant to the company and the industryAccurately analyze the impact / potential impact of an incident or vulnerabilityImplement in-depth research on threat actors, TTPs and vulnerabilities, and generate reports and white papers to relevant stakeholdersSupport and enrich internal security incidents with valuable threat intelligence conceptsDefine use cases to connect between Threat Intelligence indicators to the organization’s security controlsWork with the Cyber and the Threat Hunting teams to create monitoring tools for highly sophisticated hacking techniqueEssential Requirements:3+ years of experience in Threat Intelligence / technical Intelligence analysis / Threat Hunting / SOC or related fieldsUniversity working and thinking level. Degree in technical/scientific/business area or comparable education/experienceExperience in reporting to and communicating with senior level managementExperience in reviewing security controls data logsKnowledge of APT campaigns, attack Tactics, Techniques and Procedures (TTPs) and clear understanding and implementation of MITRE ATT&CK frameworkExperience with threat feed research; collect, prioritize, organize and researchHands on experience with SIEM (as Splunk)Excellent written and verbal communication and presentation skills; interpersonal and collaborative skills; and the ability to communicate information risk-related and incident response concepts to technical as well as nontechnical audiences in EnglishExperience in leading projects end-to-endStrong collaboration and team-work skills, and ability to work independentlyCreative and proactive approachHigh technical aptitude; quickly learns new skillsScripting experience with Python, PowerShell – Big advantage Desirable requirements:Professional information security certification, such as CISSP, CISM or ISO 27001 auditor / practitioner is preferred. Professional (information system) risk or audit certification such as CIA, CISA or CRISC is preferredWhy Novartis?Our purpose is to reimagine medicine to improve and extend people’s lives and our vision is to become the most valued and trusted medicines company in the world. How can we achieve this? With our people. It is our associates that drive us each day to reach our ambitions. Be a part of this mission and join us! Learn more here: https://www.novartis.com/about/strategy/people-and-cultureJoin our Novartis Network: If this role is not suitable to your experience or career goals but you wish to stay connected to learn more about Novartis and our career opportunities, join the Novartis Network here: https://talentnetwork.novartis.com/networkAccessibility and accommodation:Novartis is committed to working with and providing reasonable accommodation to all individuals. If, because of a medical condition or disability, you need a reasonable accommodation for any part of the recruitment process, or in order to receive more detailed information about the essential functions of a position, please send an e-mail to and let us know the nature of your request and your contact information. Please include the job requisition number in your message.