המקום בו המומחים והחברות הטובות ביותר נפגשים
Job Description:
The Rapid Cyber Threat Intelligence (RCTI) Technical Analyst serves as a liaison between CTI and Cyber Security Defense (CSD), Cyber Security Assurance (CSA) and Cyber Security Technology (CST) teams, triaging cyber threat intelligence-related collections, communicating updates on breaking situations to Operations Leadership and engaging control owners. Rapid Analysts prepare intelligence updates and analysis on indicators and warnings and serve as CTHID s focal point for situational awareness within the Cyber Threat Operations Center (CTOC). Rapid CTI analysts work as part of a Follow-the-sun model to triage incoming raw and pre-filtered information, data, social media, tips and vendor alerts. Triage analysts collect, assess and prioritize threats, and then communicate assessments in a manner that accurately conveys urgency, severity, and credibility that support CSD controls and inform senior and executive leadership.
• Work in a tactical/technical role reviewing and cultivating intelligence sources, analyzing information, creating intelligence, and hunting for exposures or related incidents.
• Participate with other triage analysts in a follow-the-sun model to provide consistent support for Cyber Security Defense.
• Contribute to daily internal stand-up calls, contribute to intelligence briefings for staff and CSD leadership.
• Work within the virtual or physical CTOC communicating with internal teams and minimizing response times for critical events.
• Operate as part of a team of triage analysts responsible for collecting, assessing, and prioritizing threats, and then communicating that assessment in a manner that accurately conveys urgency, severity, and credibility.
• Identify, escalate and debate recommended actions that strengthen controls.
• Operate within an established Escalation Matrix to determine report priority and messaging to operations and senior executives throughout Global Information Security and the lines of business and escalate issues to control teams and management in a timely manner with appropriate information regarding risk and impact.
• Continually and consistently review triage processes to identify reforms that could add to increased speed, efficiency and accuracy in reporting.
• Ensure immediate notifications are followed by in-depth coordination and collaboration with control owners and appropriate business partners and lines of business.
• Exercise independent judgment in methods, techniques and evaluation criteria for obtaining results.
• Participate in technical bridge lines to facilitate the identification, mitigation and containment of cyber-security incidents.
• Technical or information security certifications are a strong plus.
• Familiarity with JIRA, Python, JAVA and SQL are a strong plus.
• Minimum 2 years’ experience in information, cyber or physical security.
• Minimum 1 year working in a 24/5 or 24/7 operational environment.
• Experience with multiple social media platforms and tools to monitor those platforms.
• Experience working in a Security Operations, Incident Management or Fusion Center operation.
• Experience working with vendors and intel providers to manage and enhance operations.
• Demonstrated reading comprehension and the ability to summarize accurately.
• Demonstrable technical proficiency (Information technology, information, cyber or physical security, networking)
• Bachelor’s degree or higher-level education.
• Excellent organizational and analytical skills.
• Ability to communicate (verbal and written) with stakeholders in non-technical terms.
• Excellent written and verbal communication and demonstrated presentation skills.
• Ability to handle multiple work efforts in a fast-paced environment and to be able to quickly change direction as needed.
• Ability to prioritize conflicting tasks.
• Exposure to cyber threat intelligence related activities, including Open Source Intelligence and social media monitoring.
• Familiarity with cyber threat landscape, geopolitical issues that could have cyber impacts, security vulnerabilities, exploits, malware, digital forensics, network security vulnerabilities, exploits and attacks.
• Ability to work in a strong team-oriented environment with a sense of urgency and resilience while being a self-starter and able to work independently.
• Ability to work effectively with technical and non-technical business owners.
משרות נוספות שיכולות לעניין אותך