Collect, analyze, and operationalize cyber threat intelligence to strengthen detection and response capabilities at APPIT Software Solutions in Toronto.
Toronto, Canada
Full-time
Cybersecurity
Responsibilities
Collect, analyze, and disseminate tactical, operational, and strategic cyber threat intelligence from open and proprietary sources
Track threat actor groups, campaigns, and TTPs relevant to the organization's industry and technology stack
Produce actionable intelligence reports, threat advisories, and indicators of compromise (IOC) feeds for SOC consumption
Map adversary behaviors to the MITRE ATT&CK framework and identify detection gaps in current security controls
Collaborate with incident response teams during active investigations to provide threat context and attribution analysis
Manage threat intelligence platforms (TIP) and automate IOC enrichment and dissemination workflows
Requirements
4+ years of experience in cyber threat intelligence, threat analysis, or security research
Strong knowledge of the MITRE ATT&CK framework, Diamond Model, and Kill Chain methodology
Experience with threat intelligence platforms (MISP, Anomali ThreatStream, Recorded Future, or Mandiant Advantage)
Proficiency in OSINT techniques and tools for threat research and adversary tracking
Understanding of malware analysis fundamentals, network traffic analysis, and common exploitation techniques
Strong analytical and technical writing skills for producing intelligence reports for diverse audiences
Nice to Have
GCTI, CTIA, or SANS FOR578 certification
Experience with malware reverse engineering using IDA Pro or Ghidra
Proficiency in Python for threat intelligence automation and data analysis