Job Description
The Red Canary Intelligence Team conducts in-depth analysis to provide context and help prioritize where to focus detection and response efforts. You will investigate raw telemetry, analyze suspicious and confirmed threats, and conduct open-source research to associate activity with known adversaries. A significant focus is on researching identity-based threat actors and cloud-targeted TTPs across infrastructure services like AWS, GCP, and Azure, as well as platform services such as Okta, EntraID, and Kubernetes.
Responsibilities include developing intelligence on emerging threats, producing actionable intelligence reports, defining new threat clusters, and identifying opportunities to bolster our detection and response capabilities. Additionally, you will engage with internal teams, external partners, customers and the broader infosec community to communicate unique trends and noteworthy threat actor TTPs through blogs and presentations. This role involves staying updated on emerging threats, suggesting workflow improvements, and supporting customers in understanding and responding to their specific threat models.
About Red Canary
Red Canary is a cybersecurity company that protects, supports, and empowers organizations to make better security decisions so they can focus on their mission.