Cyber Threat Intelligence Analyst
Company: Trustwave
Location: Washington
Posted on: November 8, 2024
Job Description:
Trustwave is a leading cybersecurity and managed security
services provider focused on threat detection and response. We
uncover threats that others can't and respond quicker than others
can to protect against the devastating impacts of cyberattacks.
We're a world-class team of cyber consultants, threat hunters and
researchers serving clients in 96 countries. At Trustwave, you can
learn alongside the best, make a personal impact on a global scale,
and solve new challenges every day. Learn more about us at .A Cyber
Threat Intelligence Analyst is a member of the TDR SpiderLabs
Applied Intelligence (SLAI) team within Trustwave Managed Security
Services (MSS). The mission of this MSS team is to collect, curate
and operationalize cyber threat intelligence (CTI) for internal
security operations services teams. This team will provide advisory
support to internal Trustwave stakeholders and lead the MSS
organization active response and emerging threat functions as it
relates to newly discovered incidents, threat campaigns, recently
discovered 0-days, and geo-political events that may have
significant impact to Trustwave MSS clients.STARTING DATE: 2nd
September 2024.Candidate must be a US citizen.Localization:
Washington, D.C.Responsibilities include but are not limited
to:
- Source and execute an intel curation methodology to identify,
classify and prioritize threats from internal sources, 3rd-party,
OSINT, DarkINT, social, etc.
- Maintain the MSS Threat Intelligence Platform.
- Provide advisory support and reporting on threat actors, groups
and campaigns to internal teams.
- Manage and respond to emerging threat activity for MSS.
- Develop actionable threat intelligence; both tactical and
operational.
- Execute proactive threat actor tracking and build a portfolio
of threat profiles and trends from MSS activity.
- Apply intelligence through collaboration with peers to create
use cases and detection rules for MSS.
- Perform periodic cyber advisory presentations for Trustwave
teams.Key Qualifications:
- Complex critical thinking and security analysis skills.
- Advanced written and verbal communication skills for a wide
array of audiences.
- Ability to communicate technical risk details into
easy-to-understand language.
- Knowledge of intelligence lifecycle.
- Solid understanding of MITRE ATT&CK, Diamond model, NIST
and other relevant frameworks.
- Ability to prioritize and execute tasks in a high-pressure
environment.
- Experience working in a team-oriented and collaborative
environment including cross-functional collaboration.Skills &
Knowledge Requirements:Must have intermediate skills/knowledge in
some of the following:
- 1 - 2 years' experience using and maintaining MISP or similar
TIP solutions.
- Minimum of 2-years' experience producing threat intelligence,
tracking cyber threats, incident response, and/or threat hunting
with a focus on attacker TTPs and attribution.
- Understanding of STIX / TAXII.
- Scripting, Python, and API experience.
- 1-3 years of SIEM experience with Microsoft Sentinel, Splunk,
IBM Qradar, or other platforms.
- 1-3 years of EDR experience with solutions from Microsoft, Palo
Alto Networks, Sentinel One, Trellix, Crowdstrike, or other
platforms.
- Unix/Linux and Windows system administration.
- Excellent analytical thinking and problem-solving skills.
- Superb incident management and incident response skills.
- Strong oral and written communication skills.
- Self-managed and team oriented.
- Deadline and detail oriented.
- Highly motivated with excellent teaming and customer service
skills.Preferred:
- Intermediate to advanced experience in Information Security
related areas like CTI, SIEM, EDR, or DFIR.
- Certified in Security related Industry, Vendor or Professional
Certification- Certified Threat Intelligence Analyst, GCTI,
Security+, etc.Education:
- A high school diploma or equivalent is required; a college or
university degree is a plus.This is a remote opportunity open to
anyone legally authorized to work in the United States. Guided by
our flexible workplace philosophy, Moments That Matter, people
gather in the office when in-person interaction is most impactful;
full-time remote employees may be asked to travel occasionally
based on the needs of the team and the business.Per Federal
government contracting requirements, candidate must be a US
citizen, as well as potentially pass and maintain a National Agency
Check with Local Agency and Credit Checks (NACLC).Trustwave is an
Equal Opportunity Employer. We're committed to treating everyone
with respect, one of our core TRUST Values, and strive to create a
culture that empowers all Trustees to be their best, most authentic
selves. All qualified applicants will receive consideration for
employment without regard to race, color, religion, sex, sexual
orientation, gender identity, national origin, disability or
veteran status, age, or any other federally protected class.To All
Agencies:Please, no phone calls or emails to any employee of
Trustwave outside of the Talent Acquisition team. Trustwave's
policy is to only accept resumes from agencies via the Trustwave
Agency Portal. Agencies must have a valid fee agreement in place
and they must have been assigned the specific requisition to which
they submit resumes, by the Talent Acquisition team. Any resume
submitted outside of this process will be deemed the sole property
of Trustwave and in the event a candidate is submitted outside of
this policy is hired, no fee or payment of any kind will be
paid.
#J-18808-Ljbffr
Keywords: Trustwave, Washington DC , Cyber Threat Intelligence Analyst, Professions , Washington, DC
Didn't find what you're looking for? Search again!
Loading more jobs...