Senior Threat Intelligence Researcher, ANZ
To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.
Job Category
Software EngineeringJob Details
About Salesforce
We’re Salesforce, the Customer Company, inspiring the future of business with AI+ Data +CRM. Leading with our core values, we help companies across every industry blaze new trails and connect with customers in a whole new way. And, we empower you to be a Trailblazer, too — driving your performance and career growth, charting new paths, and improving the state of the world. If you believe in business as the greatest platform for change and in companies doing well and doing good – you’ve come to the right place.
The Salesforce Threat Intelligence (TI) team focuses on defending our organization and our customers by cutting through the noise, identifying who’s targeting us, and preparing the organization for emerging threats. We use our wide expertise to drive organizational direction, support investigations, and uplift security as a whole across Salesforce. Threat Intelligence empowers Salesforce to predict, detect, and mitigate threats through innovation.
About the Role:
As a Senior Threat Intelligence Researcher in this role, you will perform technical assessments and data analyses on threats to Salesforce, our platforms, and our customers. The role requires a skilled security/intelligence professional with experience performing hands-on research and building intelligence products and briefings to better advise a global/diverse audience of internal customers on topics that matter to Salesforce. The role is expected to have a sound knowledge base and understanding of the cybersecurity threat landscape, including but not limited to state sponsored and advanced eCrime actors along with various trends in cybersecurity. You are both experienced and passionate about cyber intelligence, with tangible experience producing, communicating, and contextualizing intelligence and experience tackling cybersecurity incidents within a broader Detection and Response team. You would be expected to maintain and cultivate relationships on these topics across public and private industries, and support TI’s efforts within the security organization to influence and ensure Trust within the enterprise and our platforms.
Responsibilities:
Identify new or existing threats and distill this information into concise finished intelligence to multiple internal partners, including executives
Assist in driving realized threat and risk reduction efforts/initiatives across the enterprise and products
Manage threat data and create original intelligence assessments and output in support of our incident response, threat hunting, threat detection, and security engineering missions
Serve as an intelligence expert and liaison to multiple internal customers in security and across the business in a technical capacity
Build expertise on any threats targeting Salesforce and provide intelligence about the attacker activity when possible
Minimum Requirements:
Have at least 3-5+ years previous experience in an Intelligence or Detection & Response role.
Experience conducting and correlating cyber threat research using OSINT, incident response engagement data, and proprietary tools.
Skilled proficiency with data analysis and the ability to synthesize distinct data sources and security data-points into tangible intelligence, including drawing parallels with industry and landscape trends
Proficiency with strategic intelligence writing for both technical, non-technical, and executive audiences - ideally with threat briefings, threat reports, public-facing blog posts, or similar finished intelligence
Experience analyzing a variety of enterprise and platform log types for threat discovery, recommending detection and data science approaches against threats.
Knowledge of industry standard conventions: BLUF, estimative language, ability to express analytic confidence, knowledge of common analytics frameworks (Cyber Kill Chain, Diamond Model, MITRE ATT&CK, etc.), and Structured Analytic Techniques (Analysis of Competing Hypotheses, etc.)
Familiarity with using threat actors and landscape trends to support broader security functions, such as enterprise and product security, risk management, offensive security, identity management, among others.
Baseline familiarity with red, blue, and purple teaming approaches
Preferred Requirements:
Experience doing intelligence analysis at a cloud/SaaS company or “at scale” in a large, complex environment
Experience (either hands-on or supporting processes for) identifying, tracking, and/or disrupting advanced cyber threat actors; knowledge of advanced actor Tactics, Techniques, and Procedures (TTPs)
Experience with threats in AWS, Microsoft Azure, and Google Cloud
Experience with hunting/IR tools used for host and network analysis, automation/SOAR tools, and log query building (like Splunk)
Benefits & Perks:Check out our benefits site which explains our various benefits, including wellbeing reimbursement, generous parental leave, adoption assistance, fertility benefits, and more!
#LI-Y
Accommodations
If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form.
Posting Statement
At Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. Learn more about Equality at www.equality.com and explore our company benefits at www.salesforcebenefits.com.
Salesforce is an Equal Employment Opportunity and Affirmative Action Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Salesforce does not accept unsolicited headhunter and agency resumes. Salesforce will not pay any third-party agency or company that does not have a signed agreement with Salesforce.
Salesforce welcomes all.