As a Cyber Security Threat Research Analyst, you will be joining the company at an exciting time where it is transforming from an operational, tool-based cyber defense program to an intelligence and threat-based organization. You will be part of an agile Security Technology team and partner with other Cyber Security and IT teams to shape the future of cyber defense at the company.
You’ll be responsible for addressing wide ranges of security opportunities, beginning with researching current threats from blogs and reports, as well as other internal and external resources, and using that information about as well as an understanding of available data to identify opportunities and hunt through our networks for evidence of threat activity. You’ll help us generate signals we can use to find malicious activity and look for new technologies or configurations that will help stop badness faster.
- Proactively combat threat activity to ensure the company enterprise is secure
- Coordinate with the company’s Cyber Security Response and Intelligence team to conduct threat research from public as well as internal and private sources and identify high-quality signals for hunting and technical experimentation
- Interact and experiment with a wide range of security technologies – both currently in use at the company and under investigation – to understand and describe how they can be used to detect and stop threats
- Use Splunk and other analysis tools and methods to sift through data, identify, and validate ways that data can be used to find threat activity
- Turn successful experimental methods into reliable inputs to other Security teams within Splunk or other tool sets
- Propose new data sources, capabilities, and approaches to detect and stop threats not possible with existing tools
- Keep up-to-date on trends in security, best practices. Participate, share with, and learn from communities of practice. Create reports, summaries, or sketches as appropriate.
- Cyber Threat analysis research experience, whether through a CSIRT/SOC, threat intel, or other analysis function, and an understanding of how to leverage it for enterprise defense, 2-5 years preferred but not required
• Familiarity with cybersecurity principles and best practices
• Experience collecting and organizing data in various formats (Excel, CSV, JSON) and synthesizing results
• Exposure to SIEM technologies (Splunk preferred) and comfort using data to hunt for evidence of malicious activities
• Interest in emerging technologies, passion for experimenting and pushing technology into “off label” uses in enterprise defense
- Must be flexible, and have a creative approach to problem solving, with demonstrated track record of aligning technical objectives and programs to enterprise objectives and strategies
• Highly collaborative; personally, and professionally self-aware; able to and interested in interacting with employees at all levels; embody integrity; and represent and inspire the highest ethical standards.
• Experience with threat hunting, or other proactive, intelligence and threat-based security analysis approaches
• Understanding adversary capabilities and the attacker mindset, either through red team/penetration testing experience, or through network defender experience
• Deep understanding of security analysis in Splunk including advanced analytics tools such as MLTK, transactional correlations, and statistical capabilities
• Comfort and enthusiasm writing code (Python preferred) to solve problems
• Experience working in security engineering or operations – building, managing, or using security technologies in a business environment. Bonus points for threat-centric, intelligence-based security operations.
• Intellectual capability and curiosity to learn complex processes.
• A dedicated and self-driven desire to think creatively and produce results
• Ability to work with and gain the trust of business stakeholders, technical resources, and third-party vendors
• Strong sense of urgency and commitment – able to meet deadlines and ask clarifying questions to understand and ensure work matches longer-term objectives
• Passion for and interest in media and entertainment industry highly desired