Dark Web Monitoring Support (L1/L2)

What You'll Do At Cyble:Proactively discover, monitor, and triage underground forums, dark web marketplaces, instant messaging channels, and social media platforms to identify potential cybercrime or threat activities.Analyse potential cybercrime activities to detect serious threats and research emerging trends.Proactively track activities of financially motivated threat actors, state-backed threat actors and actors targeting a clientele or a prospect region.Conduct threat research to identify motivation, goals, targets, capabilities, and modus operandi (tactics, techniques, and procedures) of the cyber threat actors and groups using conventional and unconventional threat intelligence methods.Collate threat research findings and assessments into deliverables for dissemination of timely intelligence.Provide incident management and threat research support to clientele.Provide research and intelligence support with respect to internal and external ad-hoc requests.Collaborate with global teams for information exchange and joint research.What You'll Need:Willing to work in rotating shifts and weekends to support 24x7 operations (Days-off during weekdays)Skills and Qualifications Required:Excellent understanding of cyber security concepts, modern threat landscape and intelligence framework.Good knowledge in cybercrime methodologies and TTPs opted by the financially motivated and state sponsored threat actors and groups.Experience in cyber tradecraft and online persona management (sock puppets) for gathering closed sources information from the underground forums.Experience in open-source intelligence (OSINT) research.Experience in writing analytical and intelligence reports.Experience in handling investigations on the given artifacts or IoCs related to malicious campaigns such as phishing, ransomware, financial frauds.Experience in investigating and analysing suspicious IP addresses, domains, and malicious infrastructure.Hands-on experience in Maltego, Shodan, Google Earth, Whois, Search Engines, VirusTotal or other OSINT tools for relevant investigations.Good understanding of MITRE ATT&CK framework.Good understanding of operational security (OPSEC).About Cyble: Cyble provides the fastest and most comprehensive coverage across adversaries, infrastructure, exposure, weaknesses, and targets.Cyble empowers governments and enterprises to safeguard their citizens and infrastructure by providing critical intelligence in a timely manner and enabling rapid detection, prioritization, and remediation of security threats through its advanced capabilities for data analysis, expert insights, and automated processesHeadquartered in Alpharetta, Georgia, and with offices in Australia, Malaysia, Singapore, Dubai, Saudi Arabia and India, Cyble has a global presence. To learn more about Cyble, visit www.cyble.com. PRB