Pelorus Technologies - Manager - Computer Emergency Response Team (8-9 yrs)

CERT Manager

Role Overview:

- The Dark Web and Deep Web Investigator is responsible for monitoring, researching, and analyzing activities on the dark web and deep web to uncover cyber threats, unlawful activities, and potential security risks to a organization.

- This role involves identifying and investigating online criminal activities, such as cybercrime, data breaches, intellectual property theft, and the illicit trade of sensitive information.

Responsibilities:

- Monitoring and Research the dark web and deep web for potential threats, including stolen data, account credentials, cybercriminal activities, new hacking techniques, malware, phishing schemes, and underground markets.

- Track and analyze dark web forums, marketplaces, and chat channels to identify relevant threats to the organization.

- Investigate suspicious activities and track the movement of stolen or leaked data that could impact the organization's cybersecurity.

Investigation and Analysis:

- Perform in-depth investigations into illegal activities on the dark web, such as the sale of stolen data, hacking tools, or illicit services.

- Analyze encrypted and anonymized data on the dark web using specialized forensic tools and techniques.

- Investigate cybercriminals, hacker groups, and criminal organizations by tracking their online activities and identifying potential threats to the organization.

- Use advanced search techniques and access tools (e.g., Tor, I2P) to retrieve and analyze content in a secure and responsible manner.

Threat Intelligence and Reporting:

- Generate and disseminate actionable threat intelligence reports based on dark web and deep web findings.

- Provide detailed reports on identified risks, including descriptions of threats, severity levels, and recommended countermeasures.

- Collaborate with internal cybersecurity teams to integrate dark web intelligence into the organization's security posture and incident response strategies.

- Develop adversary reports to inform the organization about emerging threats and trends.

Evidence Collection and Documentation:

- Gather and preserve evidence from dark web sources to support ongoing investigations or legal proceedings.

- Ensure proper documentation of all investigative steps, including evidence collection, analysis processes, and findings.

- Maintain a chain of custody for all evidence and data retrieved from dark web sources.

Cyber Threat Hunting and Malware analysis:

- Proactively hunt for threats within the network and endpoints, leveraging advanced search and analysis techniques to identify potential vulnerabilities or indicators of a breach before they manifest.

- Develop and execute hunting queries, using threat hunting platforms and tools to uncover hidden or subtle attacks.

- Conduct in-depth analysis of malicious software.

- Identify malware families, behaviour, and evasion techniques.

- Collaborate with threat hunters and security researchers.

Collaboration and Risk Mitigation:

- Work closely with law enforcement agencies to support investigations involving cybercrime and dark web activities.

- Assist in identifying potential threats or vulnerabilities that could be exploited by actors in the deep or dark web.

Skills and Qualifications:

- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent work experience).

- Experience conducting investigations in cybersecurity, dark web, or law enforcement environments.

- 8 to 9 years of hands-on experience in Investigation, threat intelligence, or cybersecurity.

- Strong understanding of dark web and deep web technologies, including Tor, I2P, and anonymous communication protocols.

- Familiarity with dark web marketplaces, forums, and cybercriminal networks.

- Experience using dark web analysis tools (e.g., OSINT tools, digital forensics software) to access, analyze, and extract data from the dark web.

- Knowledge of cybersecurity fundamentals, including encryption, data protection, and threat intelligence practices.

- Strong analytical and research skills with the ability to analyze complex data and draw actionable conclusions.

- Excellent written and verbal communication skills, with the ability to produce clear and detailed reports for technical and non-technical audiences.

- Certifications such as Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), GIAC Cyber Threat Intelligence (GCTI), or similar.

- Experience with OSINT (Open-Source Intelligence) techniques and tools.

- Knowledge of relevant legal and regulatory frameworks related to cybercrime and online investigations.

- Familiarity with cryptocurrency tracking and analysis in relation to illicit transactions.

- Experience working in or with law enforcement agencies or intelligence organizations.