Senior Cyber Threat Intelligence Analyst - Abbott Laboratories Minnesota, USA Bookmark Share Print 59 0 0

Listing Description

The Opportunity

This position works out of our St Paul, MN location in the BTS.

What You’ll Work On

As the Senior Cyber Threat Intelligence professional you will continue the maturation of Abbott's Cyber Threat Intelligence program through consuming and vetting indicators of Compromise (IOCs), adversary behaviors, and malware capabilities. You will bring a tactical mindset to drive Intelligence-Driven Operations through technical integrations and engagements with teams throughout Abbott and bring a strategic mindset to strengthen the foundation while progressing the program forward. You’ll engage, create buy-in, and meet high demands of the business by defending against real world threats using sound analytics produced by you and your team through industry respected practices and techniques.

Provide proactive and reactive threat intelligence capabilities to enhance situational awareness with contextualization and better decision-making during/following intrusions, enabling improved detection of advanced threats, identifying relevant vulnerabilities as influenced by the threat, and bolstering overall risk management policies.

What You’ll Work On:

• Develop intelligence briefings, reports, and short position papers, with a focus on relevant and actionable intelligence

• Actively monitor and research cyber threats that could have a direct or indirect impact on the Abbott brand, business operations, technology infrastructure and customer trust

• Provide Cyber Threat Intelligence expertise to peer teams during time-sensitive, critical investigations

• Process and enrich information to ensure timely, actionable, high confidence IOCs are ingested and shared with key stakeholders

• Coordinate effectively with the counterparts in technology organization to ensure that new or existing cyber security controls and remediation initiatives are implemented in-line with the intelligence input, as and when required

• Collaborate with stakeholders to develop and maintain cyber threat intelligence requirements that drive the cyber intelligence function, providing actionable threat intelligence that result in reduced risk for Abbott and its business operations

• Stay informed and provide subject matter expertise regarding recent attacks / exploits -- especially against the healthcare industry and relevant web applications, databases, and common desktop tools

• Work across organizational boundaries to accomplish the company's threat intelligence objectives

• Provide training, mentoring, and coaching to team members

Required Qualifications:

• Bachelor’s Degree in a related field or an equivalent combination of education and work experience

• 5+ years of experience directly related to the area of cyber threat intelligence, incident response, digital forensics, malware analysis, or threat hunting

• 3+ years of experience administering and maintaining a Threat Intelligence Platform (TIP) with playbook development, integrations, enrichments, tagging, workflows, and backend API knowledge and development

• Foundational knowledge and experience with Cyber Threat Intelligence principles and frameworks

• Strong written and verbal communication skills; must be able to effectively communicate to all levels of staff up to executive-level management, customers (internal and external), and vendors

• Progressively more responsible work experience in a range of cybersecurity disciplines

• Be available for on-call duty to handle high-impact cybersecurity incidents

• A self-starter and team player with the ability to work independently with limited supervision

• Experience working in a broader enterprise/cross-division business unit model is preferred

• Ability to work in a highly matrixed and geographically diverse business environment

• Ability to leverage and/or engage others to accomplish projects

• Ability to travel approximately 10%, including internationally

Preferred Qualifications:

• 3+ years of experience with SIEMs (Splunk)

• Experience with security orchestration and automation tool

• GIAC (GCTI, GCIH, GSEC, GCFA, GREM), CISSP, or equivalent certifications