Cyber Threat Analyst
- Greenfield, MA
Paysafe Limited ("Paysafe") (NYSE:PSFE) (PSFE.WS) is a leading specialized payments platform. Its core purpose is to enable businesses and consumers to connect and transact seamlessly through industry-leading capabilities in payment processing, digital wallet, and online cash solutions. With over 20 years of online payment experience, an annualized transactional volume of US $92 billion in 2020, and approximately 3,400 employees located in 12+ global locations, Paysafe connects businesses and consumers across 70 payment types in over 40 currencies around the world. Delivered through an integrated platform, Paysafe solutions are geared toward mobile-initiated transactions, real-time analytics and the convergence between brick-and-mortar and online payments.
Further information is available at www.paysafe.com.
We are looking for a highly enthusiastic analyst and a great team player to join our Cyber Threat Management team. We need you to help us understand threat actors, the techniques they are using, how we can monitor for them and how best to mitigate against them. By analysing in-the-wild attack techniques, we hope to improve Paysafe's security posture and take a proactive approach to protecting our environment.
Cyber Threat Management seeks to proactively identify, detect, and prevent cyber threat activity by collating data on active campaigns and producing actionable outcomes in the form of vulnerability remediation, detection rules, proactive threat hunts and the development of processes and controls. In this role you will become a subject matter expert on attacker tactics, techniques, and procedures. You will get to work with some of the latest tooling available and be part of the development of a growing team.
What you will do:
- Analysing priority cyber threat activity to understand the techniques being used, and how they can be detected through our security stack and log sources
- Writing detection logic for identified attacker techniques. or providing recommendations for detection to relevant teams.
- Conducting in-depth research into cyber threat actors of particular interest to Paysafe, to understand their techniques and what we need to do as an organization to counter them.
- Working closely with the Security Operations Center to ensure that appropriate responses are being taken to identified cyber threat activity, including assisting with the development of alerts and with incident response activities
- Responding to requests for information from numerous parts of the business, including Information Security, Fraud and Financial Crime.
- Responding to inbound alerts from threat intelligence providers, industry intelligence sharing groups and other external sources.
- Producing written reports on cyber threats, translating highly technical subjects to non-technical audiences, and presenting research and findings to the wider group.
- Conducting open-source investigations to gather additional context around cyber threat activity impacting Paysafe or industry peers.
To be successful you need to have:
Our ideal candidate would be highly motivated to dig deep into cyber attacker tactics, techniques, and procedures, and be comfortable with methods we can use to detect them with our existing technology stack. There are some areas we would consider highly beneficial to be successful in the role:
- Experience working in network defence, ideally in one of the following roles (or similar): SOC Analyst, Threat Hunting, Threat Intelligence, Threat Research.
- Knowledge of common cyber-attack techniques and how they can be detected and mitigated is a must
- Experience using the Mitre ATT&CK framework and how to apply it in an enterprise environment.
- Experience interpreting technical reports on malware analysis or attack techniques and translating those for non-technical people.
- Experience using open-source tooling for cyber threat investigations: VirusTotal, Passive DNS, URLScan etc.
- Experience using enterprise cyber security tooling including endpoint detection and response (EDR), and SIEM platforms
- Knowledge of logging sources and detection capabilities in an enterprise environment
- Experience tracking and profiling cyber threat actors and campaigns
- Perseverance, a willingness to adapt and a high degree of diligence.
Any of the following would be beneficial, but not essential:
- Education and training in Information Technology, Cyber Security, or other areas applicable to the job role
- Cyber Security qualifications are great, but not a must.
- Scripting languages, particularly Python
What we offer in return:
- The opportunity to write the history of a leading and growing multinational company;
- Competitive remuneration and social benefits package (25 days annual paid leave, health insurance, sports card, team events, company discounts, variety of soft skills, business and technical training programs);
- Training and support to help you get to where you want to be; this is your career, and we want to help you develop along with the team.
- Be part of a highly regarded team within Information Security, with the flexibility of a start-up and access to state-of-the-art security tooling
- Be part of a relatively new function, shaping the way it operates, what it produces, and the impact is has.
- Working closely with other disciplines in cyber security; Threat Hunting, Threat Intelligence, Vulnerability Management and Penetration Testing included.
- A friendly and collaborative work environment; we don't judge, we don't discriminate, and the best ideas are the ones we pursue. There are no stupid questions here and you will get support from your teammates whenever you need it.
Are you ready to take your career to the next level? Join our team that is inspired by a unified vision and propelled by passion!
Equal Employment Opportunity
Paysafe provides equal employment opportunities to all employees, and applicants for employment, and prohibits discrimination of any type with regard to ethnicity, religion, age, sex, national origin, disability status, sexual orientation, gender identity or expression, or any other protected characteristics. This policy applies to all terms and conditions of recruitment and employment. If you need any reasonable adjustments please let us know. We will be happy to help and look forward to hearing from you.
Back to top