Cyber Intelligence Analyst
About The Position
The Cyber Intelligence Analyst participates in the identification, tracking, monitoring, containment and mitigation of information security threats. He/She performs analysis of endpoint and network data utilizing established processes and tools to perform threat identification, analysis, containment and remediation. This position is responsible for the documentation of security events and their resolution. The Cyber Intelligence Analyst communicates with and educates clients and asset owners to ensure understanding of processes and procedures, complex security topics and protocols, and risk resolution methodologies. The Cyber Intelligence Analyst will be required to provide support on a rotating basis.
Requirements
- Experience as Security Operations Center (SOC) Analyst or relevant Cyber Security focused incident response and handling roles
- Experience in Malware Reverse Engineering and Sandboxing
- Experience with SIEM Technology
- Significant experience with Linux, TCP/IP, UNIX, MS-Windows, IP Routing, Firewalls and IPS
- Understanding of behavioral based threat models, including ATT&CK, Cyber Kill Chain, Diamond Model, etc.
- Deep understanding of advanced cyber threats targeting enterprises, along with the tools, tactics, and procedures used by those threats
- Demonstrated experience using Open Source (OllyDbg, Radare, GDB, etc.) malware analysis tools
- Ability to analyze shellcode, and packed and obfuscated code, and their associated algorithms
- Ability to develop network and host-based signatures to identify specific malware. Recommend heuristic or anomaly-based detection methods
- Subject matter expertise in the detection, analysis and mitigation of malware
- Experience with Information Security Research, Malware Reverse Engineering, Cyber Threat Analysis, Windows Operating System and Data Analysis
- Knowledge of Research skills, Technical Writing, Information Security Research, Security Incident Response, Security Risk Assessment/Analysis
- Must be a U.S. Citizen or National of the U.S., an alien lawfully admitted for permanent residence, or an alien authorized to work in the U.S. for this employer.
Nice To Haves
- Bachelors degree or other college equivalent is preferred.
- Incident response focused certifications such as GIAC GSEC (401), GCIH (504), GMON (511) or equivalent knowledge level preferred.
- Public cloud (AWS, Azure, GCP) certifications are preferred.
Responsibilities
- identification of information security threats
- tracking of information security threats
- monitoring of information security threats
- containment of information security threats
- mitigation of information security threats
- analysis of endpoint and network data utilizing established processes and tools to perform threat identification, analysis, containment and remediation
- documentation of security events and their resolution
- communication with and education of clients and asset owners to ensure understanding of processes and procedures, complex security topics and protocols, and risk resolution methodologies
- provide support on a rotating basis
Benefits
- Medical/prescription drug coverage
- Dental coverage
- Vision coverage
- Flexible Spending Account
- Health Savings Account
- Dependent Care Flexible Spending Account
- Basic and Supplemental Life Insurance & Accidental Death and Dismemberment
- Disability Income Protection Plan
- Employee Assistance Program
- 401(k) retirement program
- Vacation
- Paid Holidays and Personal time
- Paid Sick and Family and Medical Leave time as required by law
- Discounted Employee Stock Purchase Program
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
