For over a year, I had the privilege of leading the development of a comprehensive cyber threat intelligence (CTI) program for a global enterprise. This experience was both challenging and rewarding, as it involved the implementation of advanced technologies and processes to enhance the organization’s security posture.
My Role and Responsibilities:
As the leader of the CTI team, I was responsible for overseeing the implementation of processes and technologies, ensuring that our operations were efficient and effective. My key contributions included:
- Implementation of Processes and Technologies: I spearheaded the integration of cutting-edge threat intelligence tools such as Intel471, MISP, Anomali ThreatStream. These tools were crucial in gathering, analyzing, and disseminating threat intelligence data.
- Operational Leadership: I helped establish robust processes for threat intelligence gathering, analysis, and reporting. This included setting up daily standups, managing threat hunting activities, and ensuring the timely delivery of intelligence reports.
Achievements:
- Executive Reports: We began delivering detailed executive reports that provided high-level insights into the threat landscape, helping senior management make informed decisions.
- Threat Hunting Recommendations: Our team provided actionable threat hunting recommendations, enabling proactive defense measures.
- Daily Standups: We conducted daily standup meetings to review the latest threats and coordinate our response efforts.
Through this initiative, we successfully built a robust CTI program that significantly enhanced the organization’s ability to detect, analyze, and respond to cyber threats.
Tech Stack
- Intel471
- MISP
- Anomali ThreatStream
- TAXII
- MITRE Attack