Threat Intelligence Data Analyst

Title: Threat Intelligence Data Analyst

Type: Voluntary

Engagement: The individual will provide time when possible in their schedule 

Hours: Fours hours per week

Location: Remote

Reporting line: role reports to Head of Threat Intelligence

The Cyber Helpline

The Cyber Helpline is a movement by the information security community to step in and fill the gap in support for victims of cybercrime and online harm. It is a UK charity that provides free, expert help to victims by helping them understand, contain, recover and learn from experiencing a malicious online issue. We have helped over 30,000 individuals and families in the UK. 

On top of the opportunity to do some good with your skills, The Cyber Helpline will offer you the opportunity for training, skills development, mentoring and career progression. Perfect for those looking to join or progress in the cybersecurity industry. 

Role Summary

The Threat Intelligence Data Analyst will review descriptions of attacks by our users to help us classify cases, identify threat intelligence markers and spot new approaches used by threat actors. This analysis will enable us to update our chatbot decision-making engine, guides and general advice to better identify users' issues and ensure they get the right advice. 

Key Responsibilities

The Threat Intelligence Data Analyst will:

  • Classify cases with the right attack type - we currently have around 2,500 new cases a month. Each case needs to be reviewed and mapped to our taxonomy of attacks so we can correctly identify the issues. 

  • Tag cases with relevant markers to identify issues or themes - we tag some cases with to show that certain tradecraft is present - or to monitor new activity. The analyst will monitor cases for these data points and tag when present. 

  • Spot threat intelligence markers that can be used to update the chatbot schema - users often provide data that can be used to spot issues with other victims - such as phishing email addresses, scam virtual currency wallets, malicious phone numbers and names of malware. The analyst will identify these data points and add them to the chatbot schema. 

  • Identify new attack types or changes in attack tradecraft - when an attack type is not something that we have seen before - or the usual attack approach has evolved - the analyst will flag the new cases and support further analysis. 

  • Monitor for external threat intelligence - the analyst will support the process of monitoring the external threat landscape and look for additional sources of threat intelligence. 

Requirements

Candidates must be 18 years old or older and be resident in the UK. 

Successful candidates will need to be background & criminal records checked, as they are likely to have access to sensitive personal data. Once background checked the analysts will also be required to complete & pass online training to learn about our attack taxonomy. 

Key attributes we are looking for:

  • Passion for our mission of supporting victims of cybercrime & online harm

  • Baseline knowledge of cyber security attacks and methods

  • Understanding of modern components of an individual's digital footprint - such as social media accounts, email accounts and internet-connected devices 

  • Strong attention to detail

  • Good English language skills

  • Ability to focus on a detailed task for periods of time while maintaining accuracy

  • Experience working with confidential data