Consulting Opportunities In Threat Intelligence

egrizzly

Hi guys,

Has anyone heard of consulting opportunities for security professionals in the Threat Intelligence area of cybersecurity, or is it usually a business segment dominated by big companies?

JDMurray

The US DoD and government Three-Letter-Agencies are typically the dominant players in TI followed by security vendors that have TI as part of their product solutions (e.g., email security, Malware/APT security). Most small companies get TI through one or more security appliances or services. The rest of us just fumble around with OSINT and call it TI.

egrizzly

...I certainly agree @JDMurray . I guess the answer to my question is leaning more to "chances are very slim".  It's quite interesting though. I wish their was room for independent consultants for this very interesting area of cybersecurity.

UnixGuy

There are internal roles in bigger organisation where you can set up a threat inel function. There are open source tools you can set up to gather intel and IOCs and make it part of your threat management process. You can also collaborate with CERT teams and get intel through them and other sources.

scasc

Big 4 have opportunities in this areas. There are dedicated consultancies I have seen also - a friend of mine recently joined a firm as a cyber threat intel analyst.

egrizzly

scasc said:

Big 4 have opportunities in this areas. There are dedicated consultancies I have seen also - a friend of mine recently joined a firm as a cyber threat intel analyst.

If he joined the firm that means he's an employee. I'm referring specifically to opportunities for independent consultants who work under their own companies and not paid by HR.

scasc

The friend I was referring had joined a niche consultancy. If you are talking specifically about being an independent consultant then from what I’ve seen, roles are few and far between. To be independent you need to have a skill set which is in demand and heavily build relationships - it’s the name of the game. What happened to the Risk work you were interested in?

egrizzly

Ok, yeah, their are many folks I know consulting in the Risk Assessment area.  That's a given.  Along those lines I had wondered about threat intel but just wanted to get a clearer sense on whether it was a balanced playing field (Threat Intel) or dominated by the big companies.

UnixGuy

There are tools from vendors, and the rest is being done as part of SOC work using a mix of opensource and vendor tools. Apart from that, in government agencies this work exist. I found it to be another skill to have and grow but I'm not sure it's enough to specialise in. Unless you work for a vendor selling/support their product or for a government agency.