Digital Risk Protection Analyst – Mid level

About Group-IB

Founded in 2003 and headquartered in Singapore, Group-IB is a leading creator of cybersecurity technologies to investigate, prevent, and fight digital crime. Combating cybercrime is in the company’s DNA, shaping its technological capabilities to defend businesses and citizens and support law enforcement operations.

Group-IB’s Digital Crime Resistance Centers (DCRCs) are located in the Middle East, Europe, Central Asia, and Asia-Pacific to help critically analyze and promptly mitigate regional and country-specific threats. These mission-critical units help Group-IB strengthen its contribution to global cybercrime prevention and continually expand its threat-hunting capabilities.

Each of us can help make the world a safer place.

Join us!

The area:

Digital Risk Protection — a technological service designed to detect and eliminate threats to brands on the Internet. We prevent financial and reputational damage caused to businesses by brand abuse, Internet fraud, online piracy, and counterfeiting. Now we need you to spread our activities and help even more clients in the fight against online brand abuse.

To learn more about DRP, you can via https://www.group-ib.com/digital-risk-protection.html

The role: 

DRP analysts leverage scam intelligence and dedicated tools to identify scam schemes, phishing attacks, trademark misuse issues, etc. From potential social media threats to extensive Deep and Dark Web capabilities, DRP analysts research both the scam schemes and unique incidents to mitigate their negative impact on the particular brand or the whole industry.

• Ensuring the quality of the service provided to customers.
• Countering revealed threats:
  • Proceeding with the company/brand threat landscape analysis.
  • Setting up and adjusting threat monitoring parameters.
  • Violations mitigation via communication with the Internet regulators.
  • Compiling overview reports of the provided security measures.
• Coordination with the team on the processes.
• Conducting a scam schemes research and descriptions.
• Implementation of search accounts on the sites necessary for the data collection (forums, e-mails, groups in social networks, and messengers).
• Identify and implement possible improvements in the DRP services.

• At least 3-5 years of experience in a technical security function (SOC, CERT, brand intelligence, etc.) or another relevant experience.
• Working knowledge of the Security Operation Centre (SOC), cybersecurity practices, and risk management basics.
• Knowledge of phishing & scam & counterfeit countering related regulations, consumer protection, or similar.
• Experience in cyber incidents mitigation: use actionable data, response, and remediation workflows with Internet regulators to quickly mitigate threats.
• Experience in communicating with hosting centres or domain name registrars.
• Deep understanding of search engines’ processing and Google dorks / advanced search tools.
• Understanding of the operation principles of network infrastructure organisation (OSI model, DNS, and domain resolving).
• Knowledge of RegExp writing (PHP, Elasticsearch) and basic knowledge of Python.
• A high degree of curiosity and aptitude, with a clear passion for security as a lifestyle.
• Fluency in English and Spanish; Portuguese is a plus. 
• Please, send the CV in English.