The Cyber Threat Intelligence Analyst is an integral part of the Threat Intelligence Center. The primary function of the role is to analyze a variety of information and intelligence relevant to the cyber threats facing the systems, assets, and resources critical to the nation and develop relevant research studies and recommendations, including cyber- and network-related data in support of investigations and operations. This will involve mining technical data discovered through research in order to create actionable intelligence reports and present the findings of investigations
Responsibilities
Collection, analysis and distribution of threat intelligence from multiple sources
• Manage threat intelligence platforms and monitor feed sources for efficacy
• Preparation of intelligence products, including high-quality papers, assessments, briefings, recommendations, and findings.
• Develop, manage, optimize and continuously improve processes to enhance the overall cyber threat intelligence function
• Ability to work well with others in a fast paced dynamic environment
• Excellent verbal and written communication skills with strong interpersonal, facilitation & communication skills
• Hunting and discovering previously unidentified/unknown and emerging threats and understand new adversary TTPs
• Development of use cases for SIEM for previously unidentified threat indicators
• Ability to learn & perform analysis quickly while balancing attention to detail and thoroughness
Previous experience as Threat Researcher, Hunter and/or Intelligence Analyst
• Experience in Incident Response, Event Management, Network Forensics, Signature Creation, Log Analysis & Collection
• Strong analytical and investigative skills
• In-depth knowledge and understanding of cyber-attack vectors, detection techniques, malware analysis, cybercrime networks and methodologies
• In-depth understanding of technical details related to common TTPs employed by threat actors, responsible groups (APTs), motivations and techniques
• Strong working understanding of threat intel platforms
• Experience working in large scale security operations especially large corporations, military or government
Organizational
• Experience with using threat intelligence analytics software
• Experience building & managing SIEM use cases
• Strong understanding of threat models, including security kill chain and diamond model • Strong experience with a scripting language
• Experience with integrating intelligence into security stacks thru YARA, STIX or OpenIOCs.
Job Specifications
Education
Bachelor’s degree in Computer Information Systems or a related discipline, or equivalent experience
Minimum Work Experience
7+ years' experience working in a cyber threat analyst or cyber threat intelligence job function.
Skills/Certifications (Technical & Non-Technical)
• CISSP, GIAC, or similar Information Security certification is preferred
• Malware analysis or threat intelligence related certification such as GCIH, GREM, GCTI, etc.
