Principal Cyber Threat Intelligence Analyst

Location: Round Rock or Remote, Texas
Date Posted: 11-30-2018
CyberDefenses is a leader in managed security services and provides our clients with a 24x7 Security Operations Center to monitor and respond to threats, as they appear.  The Threat Intelligence team monitors and researches the internet (and darknet) for activity and assets that may be important to our clients or to specific security programs.  
 
Reporting to the Director of Threat Intelligence, the Threat Intelligence participates in all aspects of team’s activities in monitoring, investigating and reporting on discoveries that may impact our client(s).  This team member must have deep experience and strong instincts cyber crime and threat intelligence.  This individual must embrace process and automation to constantly improve the capabilities and performance of the SOC team, while constantly driving for innovative and dynamic solutions.
 
This role may by remote or based out of our Round Rock, TX headquarters and requires approximately 10% travel.
 
 
Responsibilities
  • Process both internal and external Cyber Threat Intel for determination of potential threat and impact, hunting to determine potential scope, and implementation of mitigations to defend our clients; this includes reports from law enforcement, security researchers, industry leaders and governmental agencies.
  • Conducts pivoting analysis on intelligence to identify current impact or proactively process mitigations for defense through security technologies and proactive mitigations including zero-day patching identification, anomalous behavior, and recommendations of remediation action.
  • Identifies gaps in intel gathering strategy and leads changes in covering identified gaps. Develop, create, and drive current and new reporting methods of Intelligence analysis to peers and leadership teams for purposes of situational awareness and making Intelligence actionable.
  • Drives support for the Security Operations Center during incident response and threat monitoring activities to include intelligence context and analysis support, provide industry expertise and recommend relevant remediation and countermeasures
  • Conducts trending and correlation of cyber intelligence for the purposes of attribution and establish strategic counter measures to increase our clients defenses, including customized signatures, in-house identified indicators of compromise and behaviors associated with targeted behavior, with support from the threat.
  • Writes intelligence and technical articles for knowledge sharing.
  • Leads strategic projects and develop capabilities to enhance existing cyber threat intelligence functions.
  • Leads change within the Threat Intelligence team through leadership, guidance, and creating new processes and procedures to enhance the intel capabilities in support of our clients.

Requirements
 
  • At least 5 years Cyber Threat Intelligence experience.
  • At least 1 year of experience with Incident Management, Problem Management and Change Management processes
  • At least 5 years of experience in cybersecurity operations and maintenance environment
  • At least 5 years of experience in leadership and management of teams in cybersecurity or technical field
  • At least 5 years of experience in Security Event log monitoring
  • At least 5 years of experience in Network/System traffic/event analysis
  • At least 5 years of experience in Vulnerability Management
  • At least 5 years of experience in Security Tools
  • At least 5 years of experience in Intrusion Detection/Prevention Monitoring
  • Good understanding of production IT Environment and IT Operations such as Intel / DBA/ Unix / Windows OS/Exchange and Remote Server Management domains etc
  • Experience in Critical Situations Management
  • Knowledge of Conflict Management techniques
or
this job portal is powered by CATS