At Lilly, we unite caring with discovery to make life better for people around the world. We are a global healthcare leader headquartered in Indianapolis, Indiana. Our 35,000 employees around the world work to discover and bring life-changing medicines to those who need them, improve the understanding and management of disease, and give back to our communities through philanthropy and volunteerism. We give our best effort to our work, and we put people first. We’re looking for people who are determined to make life better for people around the world.

The primary function of the Sr. Cyber Threat Intelligence Analyst is to analyze a variety of information and intelligence relevant to the cyber threats facing the systems, assets, and resources critical and develop research studies and recommendations, including cyber and network related data in support of investigations and operations. This will involve mining technical data discovered through research in order to create actionable intelligence reports and present findings of investigations. The analyst will be capable of executing log and trend analysis, developing timelines, and coordinating and synchronizing threat information between various analyzes and entities, and will collaborate to author various analytic documents, identifying findings and presenting hypotheses and intelligence gaps and recommendations. The analyst will also review weekly, monthly and on demand reports enabling discussions relating to our mission. The cyber threat intelligence must also demonstrate the ability to communicate effectively with the other key stakeholders in the cyber incident process including direct contact with clients.

• Perform as multi-subject matter expert (SME) for team of cyber and intelligence analysts responsible for supporting Cyber Fusion Center objectives.

• Triage, process and analyze cyber threats originating from the various cyber intelligence feeds and analytics systems.

• Perform detailed analysis of threats during the incident process, combining sound analytical skills with advanced knowledge of IT Security and network threats.

• Analyze cyber threat data and correlate with existing understanding of infrastructures.

• Perform post-mortem analysis on logs, traffic flows, and other activities to identify malicious activity.

• Produce and review weekly, monthly and on demand threat intelligence reports.

• Attend meetings and conference calls with clients to review cyber threats, required actions and suggest improvements. 

• Participate in knowledge sharing with other analysts and writing technical articles for internal knowledge.

• Apply communication, analytic and problem-solving skills to identify, communicate and resolve issues

• Work collaboratively with vendors to identify latest cyber threat intelligence solutions that support the CND.

• Work to improve and/or expand cyber threat intelligence solutions to meet mission needs.

• Active interest in cyber security, incident detection, network and systems security

• Familiarity with threat modeling, cyber cyber-crime and cyber-attacks, responsible groups (APTs), motivators and techniques

• Experience working in large scale security operations especially large corporations, military, or government organization.

• Knowledge of IT security best practices. Common attack types and detection/ prevention methods

Basic Requirements:

• BA/BS in Engineering, Computer Science, Information Security, Information Systems, or related field with 5+ years of successful work experience in Information Security, Cyber Threat Intelligence, Information Technology or a related field 

​ 

OR

• Associates Degree in Engineering, Computer Science, Information Security, Information Systems, or related field with 10+ years of successful work experience in Information Security, Cyber Threat Intelligence, Information Technology or a related field 

Additional Skills/Preferences 

• Motivated self-starter with strong written and verbal communications skills, and the ability to create complex technical reports on analytic findings 

• Strong research background and an understanding of analytical approaches, especially with respect to event classification, event correlation, and root cause analysis 

• Understanding of query development for SIEM solutions preferable. 

• Experience working with the output from security products, tools and SIEMs 

• Understanding of APT Tactics, Techniques, and Procedures 

• Understanding of the life cycle of network and host threats, attack vectors, and methods of exploitation 

• Hands-on experience analyzing high volumes of logs, network data (e.g. NetFlow, PCAP, Flow Log), and other artifacts in support of incident investigations. 

• Experience with malware analysis concepts and methodology 

• Ability to evaluate, analyze, and synthesize large quantities of data (which may be fragmented and contradictory) into high quality, fused targeting/intelligence products. 

• Ability to recognize and mitigate cognitive biases which may affect analysis. 

• Knowledge of computer networking concepts and protocols, and network security methodologies. 

• Knowledge of computer networking fundamentals (i.e., basic computer components of a network, types of networks, etc.). 

• Skill in conducting research using deep web. 

• Skill in using multiple analytic tools, databases, and techniques (e.g., Tableau, Anomali ThreatStream, divergent/convergent thinking, link charts, matrices, etc.). 

• Skill in writing, reviewing and editing cyber-related Intelligence/assessment products from multiple sources. 

• Conduct in-depth research and analysis. 

Additional Information

• Travel: 0-10% 

Eli Lilly and Company, Lilly USA, LLC and our wholly owned subsidiaries (collectively “Lilly”) are committed to help individuals with disabilities to participate in the workforce and ensure equal opportunity to compete for jobs. If you require an accommodation to submit a resume for positions at Lilly, please email Lilly Human Resources ( Lilly_Recruiting_Compliance@lists.lilly.com ) for further assistance. Please note This email address is intended for use only to request an accommodation as part of the application process. Any other correspondence will not receive a response.

Lilly is an EEO/Affirmative Action Employer and does not discriminate on the basis of age, race, color, religion, gender, sexual orientation, gender identity, gender expression, national origin, protected veteran status, disability or any other legally protected status.