Cyber Analyst – Threat Intelligence

With over 100,000 employees across 130 countries, A.P. Moller - Maersk is a global leader in logistics services and can offer you the opportunity to grow and evolve in a truly diverse workplace. A.P. Moller - Maersk is an integrated container logistics company working to connect and simplify its customers’ supply chains.

What We Offer: To work at Maersk is to work with the world. You’ll learn from – and collaborate with – skilled professionals who literally move the world, every day. With a supportive environment to develop your skills, you’ll gain access to world-class learning programmes to accelerate your career goals. And you’ll find yourself welcome in our diverse and inclusive culture, where you are valued for who you are and rewarded for what you bring. For this and many other of our roles, we can offer the flexibility of hybrid working, alongside industry leading benefits such as pension and family health/dental insurances as standard.

What You’ll Be Doing: You will conduct the collection, analysis and dissemination of threat intelligence and provide knowledge and expertise to the relevant stakeholders within Maersk. Cyber Threat Intelligence is a key part of Maersk’s Cyber Operations department and is responsible for the identification and reporting of cyber threats targeting Maersk entities.

• Accountable for the effective collection, analysis, and dissemination of intelligence reports.
• Determine, prioritise and monitor a set of internal and external sources for threat data.
• Prioritise, validate and correlate threat data to obtain actionable information on existing and emerging threats to Maersk.
• Responsible for the configuration and use of the chosen threat intelligence platforms.
• Produce and disseminate strategic, operational, and tactical threat intelligence reports periodically and urgently to relevant stakeholders in the enterprise.
• Produce and update threat actor profiles, detailing their motivations, capabilities, and infrastructure to enhance understanding of potential adversaries.
• Regularly review and update Priority Intelligence Requirements (PIRs) according to changes in the business and/or threat landscape.
• Apply and maintain an in-depth knowledge of principal cyber security threat actors through open-source and social media monitoring, and attendance at seminars and industry events where possible.
• Provide finished intelligence summaries with analytical insights on daily or weekly cadence, with minimal supervision.
• Conduct tactical investigations into key indicators and TTPs sourced from threat intelligence sources and Incident Response activities.
• Identify areas and gaps for process improvements.
• Collaborate and coordinate with teams across Cyber Operations to provide threat intelligence that furthers organisational understanding of potential adversaries and attack vectors, providing a foundation for building logging and monitoring strategies with CTI at the core.
• Identify, prioritise, and communicate threats related to newly identified vulnerabilities that pose a threat to Maersk.
• Define and enhance threat intelligence capabilities by developing processes where automation has the potential to improve efficiency.
• Supporting security incident management and delivering briefings to senior management.
• Ensure threat intelligence is actively used to drive improvements and remediation plans by participating in operational and change projects.
• Scope and respond to Requests for Information (RFIs) from Maersk stakeholders.

To Succeed in This Role, We Believe That You Can Offer:

• Professional training in threat intelligence or cyber security analysis.
• Open-source intelligence and formal intelligence qualifications are favourable.
• Qualifications such as CEH, SANS, CRTIA, OSCP or equivalent are desirable.
• Extensive and demonstrable experience in collection, analysis, production, and dissemination of intelligence.
• Strong technical understanding of networking, internet protocols and information security.
• Experience using the Cyber Kill Chain, Mitre ATT&CK Framework and Diamond Model.
• Advanced knowledge of the cyber threat landscape and conversant in the tactics, techniques and procedures used by cyber adversaries.
• Experienced in supporting security breaches, security incident management and delivering briefings to senior management.
• Knowledge of standard methods/systems for analysis and prioritisation of vulnerabilities e.g. CVE, CVSS.
• Knowledge and understanding of key political, operational and security risk issues in the maritime, transport and logistics sector is preferable.
• Advanced expertise in analysing the intersection of political and geopolitical developments with cyber security threat vectors and policymaking.
• Knowledge of threats to Cloud-based systems, and incident response in a Cloud environment.
• At least two years previous experience operating in a cyber threat intelligence function.
• Experience in developing and maintaining threat intelligence.
• Experience in direction and subsequent collection of intelligence from several sources of information.
• Familiarity with one or more Threat Intelligence Platforms.
• Experience with automation in a security operations context is desirable but not essential.
• Experience collecting and analysing threat data from security tooling and internal sources is desirable but not essential.

Are you ready to be part of something transformational at Maersk and join a team that’s setting a new standard in cybersecurity? If so, we would love to hear from you!

Maersk is committed to a diverse and inclusive workplace, and we embrace different styles of thinking. Maersk is an equal opportunities employer and welcomes applicants without regard to race, colour, gender, sex, age, religion, creed, national origin, ancestry, citizenship, marital status, sexual orientation, physical or mental disability, medical condition, pregnancy or parental leave, veteran status, gender identity, genetic information, or any other characteristic protected by applicable law.