Operationalization and automated transformation of CTI feeds into Zero Trust rules

Operationalization and automated transformation of CTI feeds into Zero Trust rules

About Nucleon Security :

Nucleon Security stands at the forefront of cybersecurity solutions, dedicated to safeguarding businesses’ valuable data and systems from online threats. Our team comprises passionate experts committed to ensuring our clients’ safety and security in an ever-changing digital landscape. Among our cutting-edge services is Managed Detection & Response (CyclonShield MDR), a comprehensive MDR service provided by Nucleon Security. Our suite of services is designed to provide customers with 24/7 protection against constantly evolving cyber threats.

CyclonShield MDR offers customers:

• 24/7 Security Monitoring
• Vulnerability Management
• Threat Hunting
• Incident Response
• Reporting

About the Internship:

As an intern, you will be an integral part of the Nucleon MDR team, contributing significantly to the development of an automated integration system for malicious feeds with Nucleon EDR. Your primary responsibility will involve the conversion of these feeds into Zero Trust Rules, enhancing protection against the latest malicious threats across various domains, IP addresses, URLs, filenames, and hashes.

Our Tech Stack:

• Programming Languages: Python
• Database: MongoDB
• Collaboration Platform: Gitlab
• Backend: Django

Responsibilities:

• Creating an integration between OpenCTI and Nucleon EDR.
• Developing a script that convert feeds to object and Zero Trust Rule within Nucleon EDR.
• Enhancing an automated Threat Hunting service to ensure a deep visibility.
• Mapping IOC collected with MITRE ATT&CK

Must-Have Qualifications:

• Cybersecurity Knowledge
• Mastery of the knowledge base of adversary tactics and techniques: MITRE ATT&CK
• Malware Analysis: Static & Dynamic malware analysis
• Good knowledge of Python.
• Passion and motivation for software development.
• Creativity and a proactive approach to problem-solving.

Nice-to-Have Skills:

• Familiarity with Unix/Linux platform.
• Experience with Django and Docker.
• Experience with Threat Hunting
• Vulnerability Assessment Knowledge
• Proficiency in MongoDB.

Additional details

• 6 months internship
• Pre-employment internship
• Physical presence mandatory

At Nucleon Security, we value continuous learning, creativity, and collaboration. If you are enthusiastic about cybersecurity, possess the required skills, and are eager to contribute to cutting-edge projects, we welcome your application. Join us in making a significant impact on the world of cybersecurity while gaining valuable hands-on experience in a dynamic and supportive environment.