Job Summary

Canonical is seeking a highly skilled Threat Intelligence Lead to own and execute the company's threat intelligence strategy. This role will be responsible for understanding cyber threat actors targeting Canonical and utilizing intelligence on Tactics, Techniques, and Procedures (TTP) to enhance products and internal cybersecurity controls.

Key Responsibilities

• Develop and maintain Canonical's threat intelligence strategy
• Build and maintain OSINT research environments
• Develop OSINT tradecraft, principles, and techniques
• Identify and track targeted intrusion cyber threats, trends, and new developments by cyber threat actors through analysis of proprietary and open source datasets
• Collaborate across teams to inform on activity of interest
• Coordinate adversary/campaign tracking
• Contribute to the wider threat intelligence community, establishing Canonical as a key contributor and thought leader in the space
• Work with product and engineering teams to explain cybersecurity threats and advise on mitigation strategies
• Work with the OPSEC and IS team to help implement/update security controls prioritizing cyber defense
• Identify intelligence gaps and propose new tools and research projects to fill them
• Conduct briefings for executives, internal stakeholders, and external customers

Requirements

• Experienced threat intelligence leader (or similar)
• Knowledgeable about the current open source threat landscape and computer networking/infrastructure concepts
• Highly competent with OSINT tools (e.g., Buscador, Trace Labs OSINT VM, OSINT Framework, Maltego, Shodan, social media scraping tools, etc.)