Cyber Threat Analyst

Job description details

Intro

We are a rapidly expanding Cybersecurity SaaS company, dedicated to protecting millions of users worldwide – including major Japanese telecom providers such as Docomo, KDDI and Softbank. As part of our continued growth, we’re seeking a talented Cyber Threat Analyst to join our Threat and Intelligence Response Center (TIRC) team.

As a Cyber Threat Analyst, your core mission is to proactively fight against cyber threats by updating and improving Hornetsecurity’s security solutions. Your work will directly impact the safety and security of our customers in Japan and around the world.

We are looking for someone to join us for 40 hours per week remote in Japan.

Your Job

• You analyze threat events generated by our security services.
• You qualify threat types including spam, scam, phishing, spear phishing, and malware.
• You investigate both minor and advanced threat campaigns to identify and neutralize malicious elements (IPs, domains, etc.).
• You create and update detection systems to block sophisticated threats proactively.
• You leverage reporting tools and spamtraps to better understand and anticipate sender behavior.
• You monitor threat detection accuracy and initiate investigations when anomalies are detected.
• You produce clear documentation and reporting on threat activity and attacker techniques.
• You have dedicated time to run investigations on a specific topic (Phishing, Spambot, Scam, etc.).

Your Profile

More than skills, we are looking for a profile based on:

• Experience as a Cybersecurity analyst (SOC experience ideal)
• High motivation to learn
• Demonstrated ability to perform threat analysis
• Very logical mind (Boolean algebra)
• An interest in data analysis (familiar with a big data tool is an advantage)
• Good relationship

The mission will start with a 3-6 month training with the rest of the team: you will learn from threat definition to the use of our advanced tools to block threats.

In order to ensure your future missions, we need you to be curious, propose initiatives, autonomous, resourceful, rigorous.

Our activity is various according to the period of the year and the attacks. Consequently, we are also looking for someone who is enduring and, due to 24/7, who can work during some weekends and national holidays that are planned and compensated.

Good basics for learning (but not imperative)

• Knowledge of regular expressions (Regex posix)
• Control of Windows & Linux environments and commands (bash, grep, …)
• Knowledge of HTML
• Knowledge of SMTP protocol
• SPF, DMARC, DKIM
• Experience with a SIEM / Splunk is a plus
• Knowledge of email ecosystem is a plus
• English written required

Your Benefits

• Short decision paths and flat hierarchies in an open work atmosphere.
• Personal and professional development opportunities.
• Full remote work