Hello Everyone!

I might be having an interview for a Cyber Threat | Intel. Analyst Job very soon. My background is closer to that of a Tier 1 Soc Analyst and initially that's what i was just aiming for. another Tier 1 soc analyst job. BUT!!! and this opportunity to do a Cyber Threat | Intel job has come my way. I've been doing a SOC Analyst role for approx. 2 years.

i believe that because i have a security clearance, CEH, Security + and because I have experience with basically using Tcpdump to view pcap files and malware traffic. This has peaked the interest of the employer. I've been looking up online what a Cyber Threat / Intel Analyst does..and i found this.

https://www.alienvault.com/blogs/sec...n-organization

https://www.recordedfuture.com/smart-threat-intelligence-analysts/


Based on the job description. some of the requirements are:


* Experience with Splunk
* Understanidng of common cyber threats tactics
* Experience using open and closed data sources to identify and extract IOCs
* Experience with the technical capabilities and limitations of the Internet and online technologies, including social networking sites, blogs and microblogs, Internet mapping tools
* The ability to analyze e-mail headers, conduct PassiveDNS analysis, create Yara signatures based off of malware reports and collaboration with malware team
* conducting open-source research
* Ability to write concise analytical assessments


Desired Qualifications:
Experience with:
* computer programming languages
* targeting analysis in the intelligence community or computer network defense community
Knowledge of:
* malware types, malware analysis tools and procedures and ability to report malware analysis output-Possession of

i meet a some of these qualifications but some things i would need some training on. talked with a recruiter. the guy asked if i had experience with Bro IDS, use any software to do vulnerability scanning or Splunk. and the recruiter guy seemed very interested in getting me infront of the cyber team for consideration for this role. now whether or not i make it to the phase is in the air...but i think because i have security clearance and 2 years of experience with network analysis...they seem interested.

my assumption is that i will have a technical screening / in-face interview next.

any advice here to begin preparing for this would be greatly appreciated!

thanks