.The Threat Intelligence Lead will own Canonical's threat intelligence strategy and execution, including understanding which cyber threat actors are targeting Canonical, and the use of intelligence on Tactics, Techniques, and Procedures (TTP) to better our products and internal cybersecurity controls. You will collaborate with internal stakeholders as well as with the wider cybersecurity community, ensuring that Canonical is recognized as a thought leader on open source threat intelligence.This role will report to the CISO.You will lead intelligence gathering and development activities on threat actors targeting software supply chains. You'll study attack trends across the wider open source software landscape, report findings to internal security teams, and advise the wider engineering community on the best course of action to detect and mitigate possible threats.As the publisher of Ubuntu, Canonical products are directly or indirectly present in almost every organization and household in the world, making them a prime target for threat actors. This team's mission is to help Canonical, and by extension countless community members and companies around the world, secure their software infrastructure.What you'll do in this role:Build and own Canonical's threat intelligence strategyBuild and maintain OSINT research environmentsDevelop OSINT tradecraft, principles, and techniquesIdentify and track targeted intrusion cyber threats, trends, and new developments by cyber threat actors through analysis of proprietary and open source datasetsCollaborate across teams to inform on activity of interestCoordinate adversary/campaign trackingContribute to the wider threat intelligence community, establishing Canonical as a key contributor and thought leader in the spaceWork with product and engineering teams to explain cybersecurity threats and advise on mitigation strategiesWork with the OPSEC and IS team to help implement/update security controls prioritizing cyber defenseIdentify intelligence gaps and propose new tools and research projects to fill themConduct briefings for executives, internal stakeholders, and external customersThe successful Threat Intelligence Lead will be:An experienced threat intelligence leader (or similar)Knowledgeable about the current open source threat landscape and computer networking/infrastructure conceptsHighly competent with OSINT tools (e.G., Buscador, Trace Labs OSINT VM, OSINT Framework, Maltego, Shodan, social media scraping tools, etc
