Previous Job
Previous
Threat Intel Analyst
Ref No.: 18-05631
Location: San Jose, California
Duties:
  • Compile cyber threat data gathered through independent research and analysis along with Security Operations Center activity, and look at emerging technology, techniques and adversarial capabilities and tactics.
  • Identify credible, new intelligence and subject matter resources relative to current and emerging threats.
  • Understand and develop threat actor profiles, the typical indicators associated with those profiles, and be able to synthesize the two to develop innovative techniques to detect threat actor activity.
  • Consistent delivery of successful Threat Intelligence Feedback Loop to inform tools and process
  • Support intelligence metric definition and reporting
  • Leverage relationships with various intelligence organizations to gain and share intelligence data.
  • Advise on countermeasures and defensive techniques based on intelligence gathered.
  • Build custom tools and scripts designed to generate threat information for subsequent analysis; this includes but is not limited to data mining, web crawling, log file analysis, click flow analysis, etc.
  • Perform threat hunting based on emerging IOCs or Vulnerabilities based on analysis of network or host activity in intrusions by advanced attackers or open source intelligence
Skills:
[On-site in San Jose, CA or Remote]
Job Qualifications:
  • 2+ years experience with cyber intelligence monitoring, analysis, and/or indicator lifecycle management
  • Solid understanding of cyber intelligence support activities provided to a security operation center or similar capability.
Desired Qualifications:
  • Self-motivated individual who can work remotely and keep up with a dynamic, fast-paced environment meeting deliverable and operational requirements
  • 1+ years supporting a Security Operation Center as an analyst or Incident Responder
  • Hands-on experience in countermeasure implementation through creation of detection rules.
  • Relationships in security communities that facilitate indicator sharing.
  • Familiarity with link-analysis methods and software (Maltego) Ability to quickly develop effective solutions to unique problems using a combination of existing tools and custom code/scripts.
  • Bachelor's Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience.
  • Experience in Cyber Intelligence concepts and implementation, and cyber intrusion kill chain concepts and implementation.
Knowledge in:
SIEM (Splunk ES)
Threat Client Platforms
Orchestration Platforms
Malware Analysis
Maltego
Ability to program and familiarity with Python.
Education:
.

Languages:
English Read Write Speak

Skills: Required
  • security orchestration
  • CYBER SECURITY
  • THREAT IDENTIFICATION
  • THREAT ANALYSIS
  • SPLUNK
Additional
  • Maltego
  • DATA MINING
  • INTRUSION
  • LOG FILE
  • PYTHON
  • MALWARE
  • OPERATIONS
  • SIEM
Languages: English( Speak, Read, Write )