Nordic Financial CERT is looking for a Senior Technical CTI Analyst

Would you like to be a part of a small and highly competent CTI analyst team, gaining insight to monitor and disrupt cyber threats against the Nordic Financial Sector?  

Join our team in Oslo as a passionate and experienced analyst to help us safeguard the financial sector! 

Why join us? 

• This is a unique opportunity to be at the forefront of cybersecurity and financial crime prevention collaboration in the Nordic region. You will work with a passionate team and a committed membership base to make a tangible difference. 
• NFCERT is not a typical security, SOC or incident response team selling services. Our members handle incidents themselves, while we focus on the threats, and the threat actors’ tools and infrastructure. We support our members through coordination, sharing, analysis, monitoring, and producing intelligence on the threats and incidents.  
• We are a well-established and mature sector CERT with a high degree of freedom under responsibility. In addition to having technical analysis capabilities to fight various attacks in the cyber realm, we also collaborate with our members’ Cyber Defence and Anti-fraud teams, other national and sector CERTs in the Nordics to provide its financial sector an actionable understanding of the threats. We have long provided unique insight into threats. 

What will my tasks be? 

As a technical CTI analyst, you will be involved in: 

• Member & Community engagement: Build and maintain relations with members and selected security communities. Contribute to driving an engaged and knowledgeable community. 
• Threat Analysis: Analyse threat actors and incidents targeting the Nordic Financial Sector. Refine data and intelligence from multiple data sources, financial entities, CERTs and TI vendors. Develop and gain insight into relevant threat actors and their operations, infrastructure and tools. 
• Automate: Build automation and monitoring to track relevant threats. Find ways to hinder, disrupt, or limit the capabilities of threat actors. 
• Disseminate: Maintain and present the current threat picture to members and relevant partners. 
• Unique insight: The role provides the freedom and time to analyse the threats and develop tactics for gaining unique insights and solutions to mitigate the threats. 
• Specialist: Share your research, provide specialist guidance, and together with the team drive our future deliveries and capabilities. 

To be successful, we believe you have: 

• Higher education relevant to cybersecurity, or long and relevant experience. 
• Experience with technical security analysis or cyber threat intelligence and related tools are required, and a strong desire to expand this knowledge is even more important.   
• Able to program (Python), automate and build APIs.  
• An analytical mindset – with the ability to understand and communicate the bigger picture. 
• Technical CTI analysis - malware, infrastructure, and network analysis. 
• Knowledge of cloud technology/security/investigation practices (we use AWS). 
• Experience with Django / orchestration – put data and automation into processes to create value. 
• Experience with Linux servers and service maintenance (for our own CTI tool stack). 

Other  

• Candidates must pass security clearance at level HEMMELIG in Norway. 
• Work will mainly be in Oslo. Some travel is expected (mainly in the Nordics).  
• Be part of the CTI team 24/7 on-call rotation. 
• Proficient in English, written and oral. 
• Speak one of the Nordic languages. 

What we offer 

• Access: Extensive access to data, tools, vendors and sharing networks. 
• Competent team: Be part of a highly competent team of CTI analysts (Technical, Tactical and Strategical) where everyone matters. 
• Community: Be part of well-established and high-trust security communities across countries and sectors. 
• Purpose: Challenging and stimulating work – serving a purpose for the Nordic societies. 
• Ownership: Possibility of taking ownership of tools, platforms, and services to be further developed. 
• Benefits: Everything you would expect from working within finance/tech, such as 
• Competitive salary and benefit package. 
• Flexible working hours with the possibility of partial remote work. 
• 5 weeks of vacation plus 1 extra week of fully paid leave.