Senior Threat Intelligence Analyst

Job Description

The Senior Threat Intelligence Analyst is responsible for conducting in-depth research, documenting threats, understanding the risk to the business, and sharing information with those who need to know. Among the research conducted, the analyst will seek to uncover patterns and trends and be forward-thinking as to how threats may evolve. Furthermore, the analyst will participate in simulation exercises designed to uncover weaknesses related to threats, with the goal of implementing defensive solutions prior to attacks and disrupting attacks in progress. The analyst will also distill threat intelligence so technical and non-technical contacts can understand it and make educated decisions about next-step actions.

Essential Functions: Reasonable accommodations may be made to enable individuals with disabilities to perform the essential duties.

• Research and report current and emerging threats facing the business and industry sector.
• Track threat actor infrastructure and associated malware families.
• Centralize multiple threat sources (premium, industry-shared, open-source, dark web), correlate indicators and threats, and distill actionable intelligence.
• Use automation to efficiently streamline and de-duplicate threats for playbooks but use human analysis for actionable decision-making.
• Actively hunt for exposures and identify incidents warranting action to disrupt and remediate threats.
• Use and assign indicator severity and impact ratings to determine appropriate plans of action.
• Document threats into contextual reports outlining severity, urgency, and impact, and ensure they can be understood by both management and technical teams.
• Serve as a trusted advisor to establish credibility with business unit leadership and technical teams.
• Share relevant information with stakeholders and make recommendations for next steps when facing threats.
• Actively participate in threat hunting tabletop exercises to hone and strengthen skills across the team.
• Evaluate and implement deception techniques designed to thwart adversaries.
• Work closely with security leadership to instill cybersecurity policies and practices throughout business units to address security operations, incident response, application security, and infrastructure.
• Actively inform and engage in security projects across the business to disrupt active or potential threats.
• Be readily available to participate in collaborative threat analysis meetings with internal and external trusted entities.
• Maintain an up-to-date level of knowledge related to security threats, vulnerabilities, and mitigations to reduce attack surface, and circulate it through business units.

Supervisory Responsibilities: This position has no formal supervisory responsibilities.

Minimum Required Qualifications:   

• 5-7 years of cybersecurity experience (or information technology coupled with cybersecurity), with at least 3-5 years in an intelligence or incident response security practitioner role.
• Demonstrated experience conducting tabletop exercises …