Listing Description
Job Description
If you have a strong background in analysis and are looking to be at the forefront of the cyber threat intelligence field, then we want to hear from you! The successful candidate should be a self-motivated and independent, critical thinker skilled in the application of threat intelligence for the enablement of a customer’s network security. The analyst will address a customer’s threat intelligence needs and leverage Mandiant's unique knowledge to produce informative products, briefs, and have understanding of the entire CTI Lifecycle, from guiding the organizations strategic direction for CTI, establishing a robust collections and processing framework, organizing analysis best practices, instituting production requirements, and developing dissemination protocols aligned to stakeholder requirements
Responsibilities:
- Work with customers to determine their intelligence needs and requirements, and identify the most effective methods for fulfilling these unique requirements
- Conduct extensive research into current threat activity to determine customer-relevant threat intelligence
- Produce briefing material, written products, and simple graphics in order to convey analysis both verbally and in writing to a variety of audiences
- Present tactical, operational, and strategic intelligence about threat groups, the methodologies they use, and the motivations behind their activity
- Correlate threat intelligence from the customer’s industry/region to observed activity impacting the customer
- Evaluate current and emerging tools and best-practices for tracking advanced persistent threats; tools, techniques, and procedures (TTPs) of attacker’s motivations, industry and attacker trends
- Ability to work with minimal direct oversight, maintaining high quality analytical production and excellent customer relationship
- Develop core threat intelligence capability and subject matter expertise
- Support CTI capability maturation
- Support CTI stakeholder identification and requirements gathering
- Support adjustments and tuning to existing CTI procedures
- Integrate CTI analyst activities into existing cyber defense functions (i.e. SOC, IR)
- Develop an organizational Threat Profile based on industry, geo location, critical assets etc.
Qualifications
- 5 + years of experience in an analytical role of either network forensics analyst, intelligence threat analyst, or security engineer/ consultant
- 5 + years of experience in investigative or incident response environments
- 5 + years working in a customer-facing environment
- Exceptional oral and written communication skills
- Excellent communication and presentation skills with the ability to present to a variety of internal audiences including senior leadership
- Excellent organizational skills with the ability to prioritize and execute in a disciplined manner
- Outstanding communication and interpersonal abilities, with the ability to adapt to a variety of customer personalities
- Ability to set and manage expectations with senior stake-holders and team members
- Demonstrated ability to manage customer relationships
· Strong understanding and experience related to:
- Threat Intelligence analysis and experience managing and implementing the threat intelligence lifecycle
- Common malware variants, functionality, and basics of static and dynamic analysis
- Common threat actor tactics, techniques, and procedures
- Threat Intelligence Platform (TIP) usage and best practices
- Cyber Attack Lifecycles and Threat Models
- Cyber Security-related process development
- Proven written and oral communication skills and ability to quickly document research and analysis
- Experience conducting executive debriefs of deliverables and project outcomes
- Excellent time management skills
- Research best practices and topic analysis
Technical Qualifications:
- Experience in evaluating forensic reports of electronic media, packet capture, log data, and network devices in support of intrusion analysis or enterprise level information security operations
- Experience in working with threat modeling systems
- Broad understanding of network architecture and network security methods (web content filtering, domain reputation policy, snort signatures, host-based analysis systems (HBSS, HX), email analysis)
- Ability to interact with their user interfaces
- Experience with basic malware analysis; the tactics, tools, techniques, and procedures of network intrusion activity
Additional Qualifications:
- Bachelor’s or other professional degree preferred
- Malware/security experience and experience with Mandiant products, highly desired
- Previous experience in a customer facing role and/or consulting expertise
- Strong understanding of threat intelligence analysis and application, while conveying strategic outcomes to executive audiences
- Scripting capabilities in Python and/or Bash
- Knowledge of various operating systems
Listing Details
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Full Telecommute