Employer:GDH Consulting
Location: Dallas, TX
**4 Month Contract to Hire Opportunity**
The cyber threat intelligence analyst will be responsible for the
analysis and synthesis of operational intelligence from multiple
disparate sources of information. Daily responsibilities will include:- Real-time monitoring of third party security feeds, forums, and mailing lists to gather information on vulnerabilities and exploits related to the client.
- Assessing each event based on factual information and wider contextual information available.
- Producing intelligence outputs to provide an accurate depiction of the current threat landscape and associated risk through the use of customer, community, and open source reporting.
- Produce actionable intelligence information for delivery to colleagues and customers in the form of technical reports, briefings, and data feeds.
- Creation of Host based indicators of compromise from internal data sets.
- Creation of Network based indicators of compromise from internal data sets.
- Providing briefings to internal HP stakeholders and external HP customers.
- Documenting indicators of compromise for consumption from SOC detection personnel.
- Working with internal development teams in regard to module development within the HP intelligence engine.
- Consulting on transitioning threat actor intelligence into hunting operations at a network level.
- Proactively research relevant threats and produce reports and intelligence products.
- Support prototyping and continuous development/integration of tools to store, exchange, and analyze threat and incident data.
- Develop and maintain specialized knowledge in one of the following areas: crimeware/botnets, state-affiliated actors, high-level organized crime, and DDOS
- Continual vetting of sources of intelligence for usefulness.
- Respond to research requests from internal MSS personnel.
- Reverse engineering of tools and hostile file samples.
- Continual assessment of new data sources for inclusion into the intelligence program.
Preferred Candidate Qualifications
Education / Certifications
- 5 + years cybersecurity incident response and technical forensics investigation.
- Demonstrate expert skills in cyber security incident monitoring and response practices and proven track record managing cybersecurity teams.
- Incident handling and forensics skills including knowledge of common probing and attack methods, network/service discovery, system assessment, viruses and other forms of malware.
- Knowledge of current security threats, techniques, and landscape, as well as a dedicated and self-driven desire to keep abreast of latest cybersecurity threats and hacking techniques.
- Experience with intelligence analysis processes, including Open Source Intelligence (OSINT) and closed source intelligence gathering, source verification, data fusion, link analysis, and threat actor. Investigative and analytical problem solving skills.
- Critical thinking and contextual analysis abilities. Inherent passion for information security and service excellence.
- An understanding of the current vulnerabilities, response, and mitigation strategies used in cyber security.
- Ability to research and characterize security threats to include identification and classification of threat indicators.
- Prior experience working in a Security Operations Centre (SOC) or Computer Emergency Response Team (CERT/CIRT).
Education / Certifications
- Bachelor’s Degree or Masters: Cybersecurity, Information Assurance, Computer Science or related field.
- Preferred: Incident Handler certification, GCIH, ECIH, CERT-CSIH.
- Desired: CISSP; CISA, or CISM.
Share
& Comment
Tweet