Недавні записи
- У Києві відсвяткували 30 – річчя ТПП Франція – Україна та свято молодого вина – Божоле Нуво 03.12.2024
- Офіційний курс гривні у вівторок ослаб ще на 7 копійок 27.11.2024
- Як захиститися під час обстрілів у місті: урок для учнів від ветерана російсько-української війни 23.11.2024
- ІІІ Національний туристичний саміт 23.11.2024
- 9 листопада відбувся SUMMIT 6 2024 — головна подія для будівельників цієї осені від Ліги Майстрів 22.11.2024
Short-Term position Threat Intelligence Coordinator for USAID Cybersecurity for Critical Infrastructure in Ukraine Activity
- BACKGROUND/CONTEXT:
The purpose of the US Agency for International Development (USAID) Cybersecurity for Critical Infrastructure in Ukraine Activity is to strengthen the resilience of Ukraine’s critical infrastructure from cyberattacks by establishing trusted collaboration between key cybersecurity stakeholders in the government, private sector, academia, and civil society. The activity aims to achieve this goal by implementing the following activity components:
Component 1: Strengthen the cybersecurity enabling environment
The legal, regulatory, and institutional framework for national cybersecurity in Ukraine needs to be strengthened and aligned with international standards and best practices. This component will strengthen the cybersecurity resilience of Ukraine’s critical infrastructure sectors by addressing legislative gaps, promoting good governance, enabling collaboration between stakeholders, and supporting cybersecurity institutions.
Component 2: Develop Ukraine’s cybersecurity workforce
Ukraine suffers from a severe shortage of cybersecurity professionals. This component of the USAID Cybersecurity for Critical Infrastructure in Ukraine Activity will address workforce gaps through activities that develop new cybersecurity talent and build the capacity of existing talent. These activities will address the entire workforce pipeline, the quality of education received by cybersecurity specialists, and industry training programs to rapidly upskill Ukraine’s workforce to respond to immediate cybersecurity vulnerabilities.
Component 3: Build a resilient cybersecurity industry
A growing cybersecurity industry in Ukraine will contribute directly to national security and prosperity. This component will seek to build trust and collaboration between the public and private sector to develop innovative solutions for future cybersecurity challenges; spur investment and growth in the broader cybersecurity market in Ukraine through greater access to financing; support smaller cybersecurity companies to rapidly increase the number of local cybersecurity service providers; and offer mechanisms for Ukrainian firms to connect with industry partners to enable better access to innovations and business opportunities.
- ROLE’S PURPOSE:
The National Security and Defense Council (NSDC) is one of Ukraine’s key government authorities and one of the Activity’s primary stakeholders. The National Coordination Center for Cybersecurity (NCCC), under the NSDC, is responsible for overseeing and coordinating implementation of cybersecurity policy as it relates to national security. The NSDC has developed a new National Cybersecurity Strategy (Strategy) to address cybersecurity challenges and advance cyber capabilities of Ukraine.
However, NCCC needs more comprehensive analytical assistance to develop their analytical capacity and facilitate its coordination work with other cyber stakeholders in strengthening cybersecurity landscape. The Activity assists NSDC/NCCC in improving their analytical capacity and provides rapid analytical support.
The Activity is looking for the services of a Threat Intelligence Coordinator to identify priority areas for the analytical tasks, analyze tactics of cyberattacks on critical infrastructure operators, determine cyber activities patterns, establish processes for cyberattacks responses, and build capacity on protecting critical infrastructure in cyberspace. This work will be carried out in close coordination with representatives of the NSDC/NCCC.
The Activity is looking for a Threat Intelligence Coordinator to:
- Lead the Cyberthreats and APT activities assessment (including tactics, techniques, and procedures (TTP), aims and vectors of attacks)
- Determining the trend of threat development (for further modeling of threats and security incidents, preparing recommendations for detection, analytical processing of cyber incidents and conducting research on threats, vulnerabilities and attack analysis)
- Setting up of Threat intelligence / Threat hunting (TI/TH) processes in the NCCC, which includes: monitoring of the Internet, development of SCAD elements of TI/TH, preparation of informational materials within the framework of TI/TH processes.
The Threat Intelligence Coordinator will work under the oversight of the Enabling Environment Lead.
- DELIVERABLES AND DEADLINES
Deliverables |
Due by date |
Monthly report on cyberthreats which should contain results on:
|
On the monthly basis |
MINIMUM QUALIFICATIONS, SKILLS AND EXPERIENCE:
- Bachelor’s degree in Information Technology, Information Security/Cybersecurity Engineering or related field of study.
- 4+ years of professional experience in a Cyber Threat Intelligence.
- Experience of computer systems engineering for GOU authorities (desired);
- Previous experience in monitor and response to cybersecurity incidents preferred;
- Experience analyzing cyber-IOCs, APTs, MITRE ATT&CK TTPs, attack vectors, adversary TTPs, and cyber threat intelligence topics and translate these into actionable intelligence for our SOC.
- Experience with using and troubleshooting cybersecurity and IT tools.
- Knowledge of the intelligence cycle/process
- Knowledge of Threat intelligence / Threat hunting
- Skills in creating YARA, SIGMA, Snort, etc. rules
- Understanding of various enterprise IT and cloud architectures and technologies such as networks, server infrastructure, operating systems, web applications, databases, containerization and mobile devices
- ADDITIONAL BENEFITS
- Experience working in a cybersecurity operations center, or participating in a red or blue team and the ability to work as both an attacker and a defender
- Windows/Unix administration experience;
- Experience using security scanners (nmap, nessus);
- Experience with attack detection systems (IDS/IPS, HIDS/HIPS);
- Experience in IS monitoring or IS incident investigation
- Certificates:
- Certified Ethical Hacker (CEH)
- Certified Information Systems Security Professional (CISSP)
- GIAC Certified Incident Handler (GCIH)
- GIAC Cyber Threat Intelligence (GCTI)
- GIAC Reverse Engineering Malware (GREM)
- Certified Incident Handler Engineer (CIHE)
- Information Systems Security Engineering Professional (ISSEP)
Period of Performance – 1 January 2023 -31 December 2023
Maximum Level of Effort – 230 working days
Qualified candidates should send their CV and cover letter with the name of position in a subject line to [email protected]. by 31 December 2022 6:00 pm Kyiv time. Only short-listed candidates will receive notice requesting additional information.