Senior Analyst Cybersecurity

Scope of Position:

The Senior Analyst for Cybersecurity will perform data analysis, incident response, investigative analysis, and research on existing and emerging cyber threats, particularly those directed against the company's global networks. You will be charged with part of leading the maturation and optimization of our EDR capability through the development of custom content that focuses on threat actor TTPs and reduces false positives. You will be expected to "think like an adversary" and engage in threat hunting operations leveraging your understanding of the tactics, techniques and procedures employed by advanced threats combined with intelligence from multiple sources and provide reporting and briefings to other teams and leadership to maintain appropriate levels of situational awareness.

RESPONSIBILITIES:

• Review and build host-based detection content in EDR solutions such as Sentinel One, Microsoft Defender and other leading vendors.
• Perform network traffic analysis utilizing raw packet data, net flow, IDS, and custom sensor output and mentor cyber analysts.
• Leverage understanding of tactics, techniques and procedures associated with advanced threats to create and evolve custom detections that mitigate highly dynamic threats to the enterprise.
• Proactively research advanced and emerging cyber threats, and apply analytical understanding of attacker methodologies, system vulnerabilities, and key indicators of attacks and exploits in threat hunting efforts
• Execute as needed in each of the six phases of incident response: Preparation, Identification, Containment, Eradication, Recovery, and Lessons Learned
• Collaborate using information and knowledge sharing networks and professional relationships.

Education and Experience:

• Bachelor's degree and 5+ years of threat analysis and/or incident response experience - additional years of relevant experience may be considered in lieu of Bachelor's degree
• Relevant certifications (CISSP, SANS GIAC, CEH, etc.)

REQUIREMENTS:

• Threat analysis and/or incident response experience
• Understanding of cyber threat models, including ATT&CK, Cyber Kill Chain, Racetrack, Diamond Model, etc.
• Experience working with EDR tools
• Experience with a SIEM-type platform
• Experience performing analysis and correlation of log data and forensic artifacts from multiple sources.
• Must be proficient, verbally and in writing with the English language.