CTI Analyst

Job Location: UniOps Bangalore

ABOUT UNILEVER:

Be part of the world’s most successful, purpose-led business. Work with brands that are well-loved around the world, that improve the lives of our consumers and the communities around us. We promote innovation, big and small, to make our business win and grow; and we believe in business as a force for good. Unleash your curiosity, challenge ideas and disrupt processes; use your energy to make this happen. Our brilliant business leaders and colleagues provide mentorship and inspiration, so you can be at your best. Every day, nine out of ten Indian households use our products to feel good, look good and get more out of life – giving us a unique opportunity to build a brighter future.

Every individual here can bring their purpose to life through their work. Join us and you’ll be surrounded by inspiring leaders and supportive peers. Among them, you’ll channel your purpose, bring fresh ideas to the table, and simply be you. As you work to make a real impact on the business and the world, we’ll work to help you become a better you.

ABOUT UNIOPS:

Unilever Operations (UniOps) is the global technology and operations engine of Unilever offering business services, technology, and enterprise solutions. UniOps serves over 190 locations and through a network of specialized service lines and partners delivers insights and innovations, user experiences and end-to-end seamless delivery making Unilever Purpose Led and Future Fit.

Unilever is one of the world’s leading consumer goods companies with operations in over 190 countries and serving 3.4 billion consumers every day. Unilever delivers best in class performance with market making, unmissably superior brands which include Dove, Knorr, Domestos, Hellmann’s, Marmite and Lynx. Our strategy beings with a purpose that places our consumers at the heart of everything we do, “Brighten everyday life for all”.

Role Purpose:

This role will support the Cyber Threat Intelligence (CTI) team in proactively collecting cyber security information and events and converting them into actionable intelligence that will be used by various technologies and stakeholders for securing Unilever. The ideal candidate will have a strong understanding of cyber threat intelligence processes, tools, and technologies, and will play a key role in identifying, analysing, and reporting on cyber threats that could impact our organization.

Role Summary:

The Threat Intel Analyst will play a key role in identification, interpretation, transformation, and dissemination of threat intelligence crucial to the protection of Unilever. The candidate will support the daily operations of the CTI team in areas ranging from Strategic, Tactical and Operational intelligence.

The role should possess analytical skills to be able to assess and prioritize signals from the noise to ensure resources are utilized optimally at CTI and dependent teams.

This role involves continuous monitoring of the threat landscape, profiling threat actors and malware, tracking vulnerabilities, and the production of actionable intelligence to support decision-making, and keeping the stakeholders informed of threats that could have an adverse impact on the organization. The role is key to transforming the produced intelligence to cater to audiences ranging from technical to business stakeholders.

This role is also crucial to Unilever's overall cyber threat management efforts, as it helps to drive the right focus on cyber threats and instilling confidence that adequate countermeasures in line with the NIST Cyber Security Framework (version 2.0).

Main Accountabilities

Threat Profiling:

• Monitor surface, deep and dark web for cyber threats impacting the manufacturing sector and Unilever in specific.

• Ensure 0-days and critical vulnerabilities are analysed and raised with the Threat and Vulnerability Management team to identify exposure and drive remediation.

• Support campaigns with the human risk team to increase threat awareness across the organization.

Tools and Technology Management

• Work with Security Engineering team to maintain the technology stack used by the CTI team.

• Drive innovative integrations using the existing toolsets to automate workflows resulting in efficient ways of working.

Incident Response Support:

• Work with the Security Operations Centre (SOC) and Cyber Emergency Response Team (CERT) in supporting them with cyber investigations.

• Enrich and contextualize threat intelligence to support the investigations and containment efforts.

VIP Protection

• Support investigations to ensure scams and frauds against / impersonation Executives are thwarted in a quick and efficient manner.

• Support in creation of digital footprints for Executives to create awareness about their sensitive information present in publicly accessible forums.

Metrics and Reporting (Including Cloud Resilience):

• Create and maintain cyber threat intelligence content in Unilever’s central collaboration spaces.

• Collaborate with Unilever’s Cyber Security Analytics (CSA) team for alignment on reporting of CTI metrics.

Key Skills and Relevant Experience

Skills:

• The role is highly responsive, and responsible for identification, analysis, processing, and distribution of intelligence related to threats and vulnerabilities.

• Stay up to date on the threat landscape.

• Excellent analytical, problem solving and presentation skills with a flair for technical aspects of cyber security.

• Prioritize and use information derived from open and commercial intelligence disciplines to determine new / changes in actor activity, capabilities, intent, and resources.

• Lead research efforts tracking threats and actors across industry verticals

• Performing and adding structured intelligence analysis to the Threat Intelligence Platform (TIP).

• Technical analysis of Tactics, Techniques and Procedures (TTPs) used in cyber incidents and campaigns: Analyzing attack vectors, finding adversary infrastructure, establishing intrusion chain, structured documentation of findings on the TIP.

• Focus on integration and automation of threat intelligence to security tools using STIX / TAXII

• Providing Intelligence support to Incident Response teams in Security Operations, Cyber Security teams and Business stakeholders.

• Engage with IT and Security teams to apprise them of threats to the technology landscape and drive remediation.

• Producing intel reports on incidents, campaigns and emerging threats for technical and Executive audience.

• Usage of AI to simplify and automate CTI activities with working knowledge of automation using API integrations and webhooks.

Experience:

• Minimum 4 – 5 years of experience in Information / Cyber Security domain with at least 3 years as Threat Intelligence Analyst.

• Strong experience analyzing and synthesizing actionable threat intelligence via open-source tools.

• Solid understanding of threat intelligence lifecycle, cyber kill chain and Mitre ATT&CK framework.

• Experience with cloud platforms (Azure, Google Cloud) and their resilience features.

• Solid understanding of network and endpoint security concepts in on-prem and cloud environments.

• Solid understanding of vulnerabilities, how they affect systems, organizations and their corresponding context and severity (CVEs, CVSS, CPE and vulnerability disclosures).

• Ability to identify, create, execute, and adjust standard operating procedures for day-to-day operations.

• Ability to document technical analysis and articulate outcomes to non-technical audiences

• Understanding of current events in the security and threat intelligence world.

• Strong experience with SIEM, EDR, NDR tools.

• Good to have, but not mandatory – Cyber security certifications

Note: "All official offers from Unilever are issued only via our Applicant Tracking System (ATS). Offers from individuals or unofficial sources may be fraudulent—please verify before proceeding."