Tactical Cyber Threat Analyst - R-CISC Remote Bookmark Share Print 680 16 36

Listing Description

As a Tactical Cyber Intelligence Analyst, you will be focused on supporting R-CISC member organizations through the tactical analysis of ongoing attacks and threat hunting operations. In this role, you will support data analysis, incident response, investigative analysis, and research on existing and emerging cyber threats, particularly those directed against the Retail Sector and member organizations. You will be expected to "think like an adversary" and engage in threat hunting operations leveraging your understanding of the tactics, techniques and procedures employed by advanced threats, combined with intelligence from multiple sources.

The successful candidate will be required to analyze indicators to generate actionable intelligence and insight into current threats. He or she will help enhance member capabilities by formulating new analytic techniques and working across teams to drive the supporting capabilities. A deep understanding of current APT actors and TTPs as well as experience performing question driven analysis is required. Candidates should have a solid understanding of network and host based indicators and how to best leverage them. He or she should be able to script and help automate recurring tasks to improve the overall effectiveness of the team.

Additionally, you will maintain trusted relationships with member CTI, IR, SOC, and Cyber Security teams providing tactical subject matter expertise, reporting and briefings to other teams and leadership in order to maintain appropriate levels of situational awareness, and contribute to technical innovation to further evolve member organization’s defensive capabilities and methodologies.

The R-CISC has a primarily remote work environment. Preference will be given to candidates with remote work experience. Successful candidates will have dedicated space for remote work at home, ability to work from our office in the Washington D.C. metro area at least one day per week, and available to travel within the U.S. and/or Canada for various client visits and events four or more times per year.• Leverage understanding of tactics, techniques and procedures associated with advanced threats to create and add custom signatures that mitigate highly dynamic threats to the enterprise.

• Provide R-CISC member organizations with actionable intelligence and serve as the tactical dissemination hub for the R-CISC community.

• Work with industry partners to gather and share intelligence. Apply intelligence to member attack vectors and systems to proactively identify potential cyber threats.

• Identify and evaluate new sources of intelligence and integrate numerous types of cyber security data sources into cyber threat analysis products.

• Support the development and execution of custom scripts to identify host-based indicators of compromise

• Proactively research emerging cyber threats. Apply analytical understanding of attacker methodologies and tactics, system vulnerabilities, and key indicators of attacks and exploits.

• Produce tactical threat intelligence reports and briefings, that provide situational awareness of cyber threats impacting the R-CISC and member organizations.

• Support threat hunt operations for R-CISC members using known adversary tactics, techniques and procedures, as well as indicators of attack, in order to detect advanced threats to member organizations.

• Ensure timely response to deadlines and administrative actions.

• Collaborate using information and knowledge sharing networks and professional relationships to achieve common goals.

• Stay abreast of world-wide events that are indicators of developing trends for situational awareness.

• Mentor and guide less experienced CTI team members.