Senior Cyber Threat Intelligence Analyst

About SHEIN 

SHEIN is a global online fashion and lifestyle retailer, offering SHEIN branded apparel and products from a global network of vendors, all at affordable prices. Headquartered in Singapore, with more than 15,000 employees operating from offices around the world, SHEIN is committed to making the beauty of fashion accessible to all, promoting its industry-leading, on-demand production methodology, for a smarter, future-ready industry. 

 

Position Summary

SHEIN Global Security and Risk Management (GSRM) is a global security organization that oversees security infrastructure, risk management, data privacy, business fraud, governance, and regulatory compliance across SHEIN’s global footprint. It is composed of a team of security professionals, innovators and thought leaders that have had decades of global security experience, led large scale transformations, and served in Fortune 500 executive roles.

We're seeking a Senior Cyber Threat Intelligence Analyst (Official Title: Intelligence Analyst II) for our San Diego-based office hub, who will be responsible for leading the implementation, advancement, and daily operations of a Threat Intelligence Platform (TIP) within the Global Security Operations Center (GSOC). This intelligence professional will also be responsible for improving collection operations, developing new analytic techniques, and leading OSINT investigations.

This leader must deeply understand cyber threat intelligence operations, preferably at a growth-stage global enterprise. Must be familiar with general security operations and incident response procedures, the intelligence cycle, and current threat actor tactics, techniques, and procedures used to gain initial access. He or she must be able to effectively communicate with multicultural teams across a diverse range of stakeholders and should be comfortable briefing analytic results to all seniority levels.

 

Job Responsibilities

• Identify cyber threats, trends, and new developments on various cybersecurity topics by analyzing open-source intelligence and information.
• Identify and monitor the Tactics, Techniques, and Procedures (TTPs) used by cyber threat actors and make analytic estimates about their future activities.
• Draft analytical and technical reports for operational and strategic-level stakeholders.
• Articulate and communicate threat intelligence openly and publicly at all levels of the business.
• Analyze IOCs, APTs, attack vectors, adversary TTPs, and cyber threat intelligence topics and translate these into actionable intelligence products for security operations teams.
• Monitor CTI feeds and open-source intelligence reporting to identify potential threats.
• Respond to requests for ad-hoc reporting and research topics from stakeholders as required.
• Produce detailed intelligence analysis reports on cyber-threats, convey potential impact, along with recommended relevant remediation and countermeasures.
• Draft threat hunting packages with attack graphs/sequences, articulate the difference between IOCs and IOBs, and map TTPs to the MITRE ATT&CK framework.
• Advise and communicate threats and vulnerabilities with recommendations on how to protect, detect, and respond.
• Provide actionable strategic, technical, and tactical cyber information and intelligence through reports, briefings, and presentations.
• Develop and refine CTI collection and analysis processes, tools, and automation to enhance CTI capabilities.
• Performs other duties as assigned.

 

Job Requirements

• 4+ years of professional experience producing threat intelligence and tracking cyber threats is preferred.
• 4+ years of relevant experience in cyber threat intelligence, all source intelligence analysis, OSINT, threat hunting, or similar disciplines is preferred.
• Excellent understanding of threat intelligence platform (TIP) implementation and use in a modern security operations center. 
• Experience using a TIP such as Anomali ThreatStream, ThreatConnect, or ThreatQ.
• Excellent understanding of cybercrimal threat actors, their communities, and their tactics, techniques, and procedures (TTPs).
• Familiarity with intelligence writing, structured analytic techniques, and crucially, the ability to write in active voice.
• Demonstrated ability to research and distill large amounts of technical and non-technical data into written and actionable reports.
• Experience delivering cybersecurity-associated material within a deadline and following quality guidelines.
• Knowledge of security controls and how they can be monitored and thwarted.
• Knowledge of network forensics: network traffic protocols, traffic analysis (e.g., network flows and PCAP).
• Basic knowledge of scripting languages (i.e., Bash, Python and PowerShell).
• Ability to monitor and analyze logs and alerts from a variety of different technologies, including IDS/IPS, firewall, proxies, SIEM, and EDR.
• Strong communication skills both written and verbally.

 

Nice to Have 

• Bachelor of Arts or Science degree in computer science, intelligence studies, cybersecurity, or related field is preferred.
• Relevant cyber security certifications, such as GCTI, GCFA, CEH, Security+, GOSI, or GREM are highly desired.
• An understanding of geopolitics and cyber espionage group is preferred.
• A basic understanding or cryptocurrencies and financial crime is preferred.
• Experience working in the retail or e-commerce space is preferred.
• Ability to work effectively under pressure and meet deadlines is preferred.
• Experience collecting, analyzing, and interpreting qualitative and quantitative data from multiple sources to provide advanced threat intelligences preferred.
• Knowledge of security architectures, devices, proxies, and firewalls is preferred.
• Chinese language proficiency is preferred.

 

 

Benefits and Perks 

• Bonus and RSU eligible
• Healthcare (medical, dental, vision, prescription drugs) 
• Health Savings Account with Employer Funding 
• Flexible Spending Accounts (Healthcare and Dependent care) 
• Company-Paid Basic Life/AD&D insurance 
• Company-Paid Short-Term and Long-Term Disability 
• Voluntary Benefit Offerings (Voluntary Life/AD&D, Hospital Indemnity, Critical Illness, and Accident) 
• Employee Assistance Program 
• Business Travel Accident Insurance 
• 401(k) Savings Plan with discretionary company match and access to a financial advisor  
• Vacation, paid holidays, floating holiday and sick days   
• Employee discounts 
• Free weekly catered lunch 
• Dog-friendly office (available at select locations) 
• Free gym access (available at select locations) 
• Free swag giveaways 
• Annual Holiday Party 
• Invitations to pop-ups and other company events 
• Complimentary daily office snacks and beverages

#LI-CR1