Senior Cyber Threat Intelligence Analyst

The Cyber Defense (CD) team is seeking an experienced cyber threat intelligence analyst to contribute to the enhancement of our threat intelligence capabilities. You will be the first member of our EMEA Cyber Threat Intelligence (CTI) team, as we expand to provide global intelligence coverage.

The CTI team is an essential component of Cyber Defense's intelligence-led approach to protecting Okta. They monitor and perform research focused on the methodologies used by threat actors that seek to target Okta, our products and our customers. By better understanding their motives, tactics and techniques, we can assist our security teams in defending against them.

Responsibilities

• Identify, collate, assess and disseminate intelligence on the tactics, techniques and procedures (TTPs) of threat actors relevant to Okta
• Assist in the maintenance and ongoing improvement of our Threat Intelligence Platform to ingest and disseminate indicators of compromise for use by our defensive teams and tooling
• Monitor and maintain a detailed understanding of the cyber threat landscape, as it pertains to Okta and our customers and communicate curated knowledge with key stakeholders in written and oral formats
• Use our Priority Intelligence Requirements to identify and distribute intelligence of interest to CTI's stakeholders including our security, IT and product engineering teams
• Provide tactical cyber intelligence support to the incident commander as required during security incidents or events of interest
• Conduct research to support threat investigations using a combination of open-source and internal data and tools, make informed judgements and document assessed findings and conclusions

Do you have experience in Splunk?, You're a passionate and experienced threat intelligence practitioner. You have great communications skills and a thirst for knowledge. You enjoy working under limited supervision, using priority intelligence requirements to drive the direction of your efforts. You're a team player and a mentor to less experienced colleagues. You're curious about systems and how they interact, knowing that to properly defend a system you must first understand how it works. You have a knack for synthesizing information from disparate data sources, understanding what's relevant, and communicating your assessments to others.

If you don't have a degree, you have equivalent experience that's given you the foundational knowledge to understand complex computing environments., * Strong understanding of network security fundamentals and their application to threat actor tracking. You should be very familiar with core protocols such as TCP/IP, TLS and DNS, etc.

• A minimum of 5 years experience in cyber threat intelligence or threat research roles
• Experience in performing research into the tactics, techniques and procedures of sophisticated adversaries and hunting for evidence of them within an enterprise environment
• Ability to work independently and achieve outcomes with limited direct supervision
• Excellent communication and writing skills (work samples encouraged)

Desirable Experience

We love to identify individuals who can supplement and enhance the existing skills within our team. Don't be put off by the length of this list - we're not looking for unicorns, but we would highly value applicants who have experience one - or multiple - of the following areas:

• Deploying, configuring and/or maintaining Threat Intelligence Platforms such as ThreatQuotient, MISP, OpenCTI, etc
• Demonstrated proficiency in Python scripting for automation, data analysis, security tool integration and custom tool development
• Malware reverse engineering, network traffic or log analysis
• Experience in cyber security operations in specialities such as incident response or detection engineering
• Experience with any of the following - Splunk, Snowflake, SQL, Maltego (particularly transform development), Jupyter Notebooks
• Experience in providing threat intelligence support in large SaaS vendor environments
• Experience leveraging tools such as VirusTotal, pDNS, Certificate Transparency logs, Shodan, Censys, Urlscan and other data sets to identify threats and provide context to security investigations.

Okta is The World's Identity Company. We free everyone to safely use any technology, anywhere, on any device or app. Our flexible and neutral products, Okta Platform and Auth0 Platform, provide secure access, authentication, and automation, placing identity at the core of business security and growth. At Okta, we celebrate a variety of perspectives and experiences. We are not looking for someone who checks every single box - we're looking for lifelong learners and people who can make us better with their unique experiences. Join our team! We're building a world where Identity belongs to you. Information Security is a top business imperative here at Okta. In addition to driving security in our Corporate environment and the Okta platforms, the Security team is deeply entrenched in the business. As such, we contribute to product roadmaps, branding, research and other strategic aspects of our operations. We work across multiple functions, business partners and the research community. We are an engineering-focused team that seeks to stay on the cutting edge of security technology and the threat landscape., Okta cultivates a dynamic work environment, providing the best tools, technology and benefits to empower our employees to work productively in a setting that best and uniquely suits their needs. Each organization is unique in the degree of flexibility and mobility in which they work so that all employees are enabled to be their most creative and successful versions of themselves, regardless of where they live. Find your place at Okta today! https://www.okta.com/company/careers/. Some roles may require travel to one of our office locations for in-person onboarding. Okta is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, ancestry, marital status, age, physical or mental disability, or status as a protected veteran. We also consider for employment qualified applicants with arrest and convictions records, consistent with applicable laws. If reasonable accommodation is needed to complete any part of the job application, interview process, or onboarding please use this Form to request an accommodation.