A highly collaborative, fast paced, and agile team responsible for providing cyber threat intelligence and reporting ROC Operations provides the opportunity to work in dedicated Security Intelligence Center environments with focus on threat identification, incident response, cyber threat intelligence infusion, and mitigations. The qualifications captured below provide an overview of the skills and capabilities required for this position.
• Minimum 2 years working in a cyber threat intelligence capacity in a Security Intelligence Center or similar environment.
• Must be self-motivated and able to work both independently and as part of a team.
• Previous experience sourcing cyber intelligence, synthesizing the information, converting it to actionable content, and evaluating network resources for impact; hunting.
• Previous experience with threat hunting proactively for threat identification and reactively for lateral movement and incident scope impact determination.
• Previous experience developing and disseminating cyber threat intelligence content such as threat advisories across organizational lines.
• Knowledge of the cyber threat landscape to include different types of adversaries, campaigns, and the motivations that drive them.
• Previous experience working with and documenting analysis results in a knowledge and/or intelligence management system.
• Previous experience working with automated malware analysis technologies such as Palo Alto Wildfire, Joe Sandbox, etc.
• Knowledge of industry recognized analysis frameworks (Kill Chain, Diamond Model, NIST Incident Response, etc.)
• Strong communication (both verbal and written) and client intimacy skills with experience briefing corporate executives and professionals
• Bachelor’s Degree in an IT related field and/or equivalent work experience
• Relevant certifications (Security +, CISSP, GIAC, etc.)
• Previous experience providing cyber intelligence support for Fortune 1000 companies
• Previous experience working with intelligence management platforms (Threat Connect, etc.)
• Previous experience with various endpoint threat detection and response (ETDR) technologies
• Experience leveraging technologies such as Maltego to support OSINT collection
• Hands on experience working with Incident Response and Threat Monitoring SOC functions.
• Previous experience working with various Forensics technologies to include EnCase, FTK, etc.
• Previous experience working with network tools and technologies such as firewall (FW), proxies, IPS/IDS devices, full packet capture (FPC), and email platforms.
• Experience and knowledge conducting cyber threat analysis originating from phishing emails
• Previous experience conducting static, dynamic, and reverse engineering malware analysis