Senior Threat Intelligence Analyst

Role Overview

The Senior Threat Intelligence Analyst proactively seeks out indicators of compromise that conventional cybersecurity processes cannot find as well as track threats and campaigns. They work with stakeholders from across the business and customer base to identify, monitor, assess and counter cyber threats.

Key Responsibilities

## Threat Analysis

- Works with data to identify patterns

- Uses judgment to form conclusions that may challenge conventional wisdom

- Hypothesizes new threats and indicators of compromise

- Monitors threat intelligence feeds to identify a range of threats, including indicators of compromise and advanced persistent threats (APTs)

- Identifies the tactics, techniques and procedures (TTPs) of potential threats through the MITRE ATT&CK or similar frameworks

## Process and Controls Innovation

- Uncovers and implements innovative approaches to address inefficiencies in security processes

- Creates cybersecurity measures and control plans to protect against unauthorized exploits

## Business-Relevant Analysis and Consultation

- Understands the organization's mission, values, operations, goals, risks and risk tolerance

- Maintains situational awareness for cyber threats across the organization and drive the appropriate or commensurate response activities, where necessary

- Understand and connects threats to the risks of the organization to provide appropriate capabilities and services

- Conducts threat assessments to identify what threats are most likely to target this business, and how they would execute their attacks

- Provides consultative advice and coaching to cybersecurity customers to help them make informed risk management decisions

## Stakeholder Engagement

- Applies different strategies to convince others to change their opinions or plans

- Ensures that proposals or arguments are supported by strong logic and a compelling business case

- Assists teams in various security and privacy risk mitigation

- Innovates on reporting methods and deliver actionable intelligence to peers and leadership teams to increase situational awareness

Requirements

A successful Intelligence Analyst candidate will have the expertise and skills described below:

## Education, Training and Previous Experience

- BS or MS in Computer Science, Computer Engineering, MIS, or related degree

- Minimum of 5 years of related experience in Information Security or an equivalent combination of training and experience (Threat Tracking, Traffic Analysis, OSINT, Threat Hunting)

- Optional Certifications: CCTIA – Certified Threat Intelligence Analyst, GIAC Open Source Intelligence, Certified Threat Intelligence Analyst, Certified Ethical Hacker (CEH), GIAC Certified Intrusion Analyst, Global Information Assurance Certification

## Technical and Business Experience

- Demonstrated ability to analyze and correlate large data sets for identifying new threat activity and attribution.

- Demonstrated ability to quickly create and deploy countermeasures under pressure

- Proficiency in creating and maintaining complex scripts, developing tools, and/or automating processes in Python or other scripting languages (not required but preferred)

- Proficiency in creating and maintaining complex regular expressions for the purpose of identifying network and/or host-based threats

Skills and Competencies

- An understanding of business needs and commitment to delivering high-quality, prompt and efficient service to the business

- An understanding of organizational mission, values and goals and consistent application of this knowledge

- Past experience with network or host-based detection engineering, preferably YARA.

- Knowledge of the top-25 large-scale real-world malware campaigns and the actors behind them.

- Knowledge of current threat landscape with ability to forecast based on known patterns/trends

- Rudimentary knowledge of geopolitical factors relevant to shifting threat landscape

- An ability to effectively influence others to modify their opinions, plans or behaviors

- Excellent problem-solving and communications skills

- Ability to document findings in a structured manner, maintaining both current as well as historical relevance

- Ability to communicate complex information to nonexperts

- Ability to work with internal and external stakeholders in challenging situations

- Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most effective/appropriate course

- Experience with SIEM and SOAR tools

- A solid grasp of core security fundamentals and concepts

- Can proactively identify and address security issues, as soon as they are identified

If you’re interested in fulfilling this role and working with the InQuest team, please apply here: