Job Description:

Description

Title: Cyber Security Threat Analyst
Onsite: No
Remote: Yes
Duration: 1 Year Plus

Job Description:
The Cyber Threat Analyst is responsible for supporting the mission of network defense, hunting, and strategic intelligence on the Cyber Threat Intelligence Team within the Cyber Security and Incident Response (CSIRT) organization under the Chief Information Security Officer CISO. The Cyber Threat Analyst will be responsible for processing, organizing, and analyzing incident indicators retrieved from open source intelligence sources and internal security sources. The analyst will also support various teams with relevant cyber threat intelligence as it pertains to their mission.

Core Duties:

* Provides holistic security guidance to a wide variety of internal business partners across network, host, database, application, and people/process domains.

* At advanced levels, may provide program or portolio-level guidance to business unit leaders and embedded security champions.

* Typically offers deeper specialization and expertise in one or more areas.

Responsibilities:

* Offers deeper specilization and expertise in one area

* Provide program or portolio-level guidance to business unit leaders and embedded security champions

* Works with a great deal of independence, and proactively identifies complex problems and implements solutions to those problems

* Acts as a subject matter expert and local leader for cybersecurity; contributes directly to the development of strategy, policy, standards, and procedures

* Contributes as a Cybersecurity subject matter expert and mentors junior colleagues

* Partners with senior management inside and outside of the organization

* Translates cybersecurity requirements into specific systems, applications and product designs for a specific client, program or project

Day to Day Responsibilities:

* Scan network traffic and log files to extract, manipulate, and pivot to Client new indicators of compromise

* Investigate network and host detection and monitoring systems to advise engagement processes

* Process, organize, analyze and assist in contextualization of incident indicators

* Produce written intelligence reports discussing technical findings and emerging threats, and deliver to a diverse audience of technical and non-technical consumers

* Collect and analyze information from various sources, including open source reports, information sharing partners, and cyber security vendors. Synthesize findings to assess threat and conduct research in security tools to determine Client exposure

* Support Incident Response by providing analysis of incidents

* Conduct researchers on attacker infrastructure to Client and curate previously unknown indicators of compromise (IOCs) and submit IOCs to security tools for detection and blocking

* Leverage knowledge of common attacker techniques and Clients business process to develop and refine queries to identify malicious activity

* Profile adversaries, develop collection and exploitation strategies to fulfill intelligence requirements

Skills/Qualifications:

* A degree or industry-recognized certification in intelligence or cybersecurity, or equivalent experience

* 7 years of experience as a threat intelligence analyst

* Strong knowledge of advisory cyber threat actors including Advanced Persistent Threat (APT) actors, cybercriminal groups, hacktivists, and insider threats

* Strong knowledge of the various cyber threat intelligence models a must

* Including:

* Cyber Threat Kill Chain

* Diamond Model

* Pyramid of Pain

* MITRE Telecommunication&CK Framework

* Strong knowledge of the various structured analytic techniques a must

* Including:

* Key Assumptions Check

* Analysis of Competing Hypotheses (ACH)

* High-Impact/Low-Probability Analysis

* Red Team Analysis

* Demonstrated knowledge in one of more of the following areas: network security principles, host-based security principles, network and system administration, forensic analysis principles, cyber threat intelligence principles, and/or counterintelligence operations

* Proven analytical and report-writing abilities

* Excellent written, oral communication, and presentation skills

* Problem-solving skills

* Comfortable speaking technically with analysts and strategically with senior executives

* Strong presentation and interpersonal skills

* Able to manage competing priorities and work efficiently under pressure

* Inquisitive, high energy, and eager to win

* Coding and scripting experience a plus, comfort with new technology a must

* Knowledge of and experience with standard network logging formats, network management systems and network security monitoring systems, security information and event management, network packet analysis tools and forensic analysis tools

* Knowledge of and experience with web proxy, firewalls, IPS, IDS, mail content scanning appliances, enterprise Antivirus solutions, Network Analyzers, and domain name servers desired

* Multiple languages are a plus

* Demonstrate understanding of culture, politics, and conditions of a foreign country or region

\\"ACCOUNTABILITIES
Provides holistic security guidance to a wide variety of internal business partners across network, host, database, application, and people/process domains.
At advanced levels, may provide program or portolio-level guidance to business unit leaders and embedded security champions.
Typically offers deeper specialization and expertise in one or more areas.

The Company is an equal opportunity employer and makes employment decisions on the basis of merit and business needs. The Company will consider all qualified applicants for employment without regard to race, color, religious creed, citizenship, national origin, ancestry, age, sex, sexual orientation, genetic information, physical or mental disability, veteran or marital status, or any other class protected by law. To comply with applicable laws ensuring equal employment opportunities to qualified individuals with a disability, the Company will make reasonable accommodations for the known physical or mental limitations of an otherwise qualified individual with a disability who is an applicant or an employee unless undue hardship to the Company would result.

Apply Now