Consulting Opportunities In Threat Intelligence
egrizzly
Member Posts: 533 ■■■■■□□□□□
Hi guys,
Has anyone heard of consulting opportunities for security professionals in the Threat Intelligence area of cybersecurity, or is it usually a business segment dominated by big companies?
Has anyone heard of consulting opportunities for security professionals in the Threat Intelligence area of cybersecurity, or is it usually a business segment dominated by big companies?
B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+
Comments
-
JDMurray Admin Posts: 13,099 AdminThe US DoD and government Three-Letter-Agencies are typically the dominant players in TI followed by security vendors that have TI as part of their product solutions (e.g., email security, Malware/APT security). Most small companies get TI through one or more security appliances or services. The rest of us just fumble around with OSINT and call it TI.
-
egrizzly Member Posts: 533 ■■■■■□□□□□...I certainly agree @JDMurray . I guess the answer to my question is leaning more to "chances are very slim". It's quite interesting though. I wish their was room for independent consultants for this very interesting area of cybersecurity.B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+
-
UnixGuy Mod Posts: 4,570 ModThere are internal roles in bigger organisation where you can set up a threat inel function. There are open source tools you can set up to gather intel and IOCs and make it part of your threat management process. You can also collaborate with CERT teams and get intel through them and other sources.
-
scasc Member Posts: 465 ■■■■■■■□□□Big 4 have opportunities in this areas. There are dedicated consultancies I have seen also - a friend of mine recently joined a firm as a cyber threat intel analyst.AWS, Azure, GCP, ISC2, GIAC, ISACA, TOGAF, SABSA, EC-Council, Comptia...
-
egrizzly Member Posts: 533 ■■■■■□□□□□scasc said:Big 4 have opportunities in this areas. There are dedicated consultancies I have seen also - a friend of mine recently joined a firm as a cyber threat intel analyst.B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+
-
scasc Member Posts: 465 ■■■■■■■□□□The friend I was referring had joined a niche consultancy. If you are talking specifically about being an independent consultant then from what I’ve seen, roles are few and far between. To be independent you need to have a skill set which is in demand and heavily build relationships - it’s the name of the game. What happened to the Risk work you were interested in?AWS, Azure, GCP, ISC2, GIAC, ISACA, TOGAF, SABSA, EC-Council, Comptia...
-
egrizzly Member Posts: 533 ■■■■■□□□□□Ok, yeah, their are many folks I know consulting in the Risk Assessment area. That's a given. Along those lines I had wondered about threat intel but just wanted to get a clearer sense on whether it was a balanced playing field (Threat Intel) or dominated by the big companies.B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+
-
UnixGuy Mod Posts: 4,570 ModThere are tools from vendors, and the rest is being done as part of SOC work using a mix of opensource and vendor tools. Apart from that, in government agencies this work exist. I found it to be another skill to have and grow but I'm not sure it's enough to specialise in. Unless you work for a vendor selling/support their product or for a government agency.