Cyber Threat Intelligence Analyst

Location: Houston, TX, United States
Date Posted: 01-29-2019

We are seeking a Cyber Threat Intelligence Analyst for a major O&G company in West Houston some remote work allowed..

The Threat Intelligence Analyst maintains close relationships with intelligence agencies, the O&G industry and other relevant parties and internet sources to maintain an up-to-date view of the threat landscape. Threats will be analysed and translated into intelligence that can be applied to our cyber detection capabilities for enhanced monitoring for adversaries. Furthermore, you will be closely collaborating with other teams in IRM to ensure they have the latest relevant information required for risk decision making and prioritization of mitigating actions.

Responsibilities:  Threat Intelligence

  • Analyse threat intelligence (e.g. actors, hack tools, exploits, malware, etc) using a wide variety of sources and determine the impact including detailed technical analysis and verification of the intelligence.
  • Translate intelligence into threat scenario’s / security use cases that can be implemented within available surveillance capabilities. Recommend changes to Splunk policies, filters and rules to improve event detection.
  • Review available surveillance data to further develop and improve the threat scenario’s and use cases. Use your clearance with intelligence agencies to attend classified (""secret"") briefings and investigate applicability of obtained intelligence.
  • Ensure completeness of threat information sources used and evaluate whether additional sources must be included for daily analysis.
  • Setup and continuous improvement of threat intelligence processes, protocols, skills and tools.
  • Assist in discovery of cyber vulnerabilities and investigation of global cyber security incidents where required.
  • Lead improvement projects in the Threat & Analytics team.
  • Work across multiple organizations, cultures and service providers to pull together actionable information and management information.
  • Coordinate and compile threat intelligence from multiple sources into management information and actionable data and report out to relevant parties.
  • Establish a strong working relationship in/outside of IT and the business.

Traits needed for a Cyber Intelligence Analyst

  • Is a knowledgeable, creative and responsible IT security professional.
  • Has excellent analytical skills and appreciates a technical challenge.
  • Has a good technical understanding of and experience with IT networks, infrastructure and applications.
  • Has a passion for IT technology and is able to share that with other members of the team.
  • Has good written and verbal communication skills and provides well-informed advice.
  • Produces high quality deliverables in terms of both content and presentation. Examples of deliverables include: reports, presentations and reasoned arguments.
  • Carries out assignments and projects, alone or as part of a team, applying knowledge, skills, and experience.
  • Demonstrates an understanding of the issues of interest to Shell and proposes viable solutions within the scope of own expertise, taking into account the needs of those affected.
  • Maintains knowledge and experience of current practice within own area of expertise and is aware of current developments within own area of expertise.
  • Develops and maintains knowledge of Cyber security and maintains an awareness of current developments.
  • Promotes transfer of knowledge and awareness of information security to those in related areas.
  • Is comfortable working virtually.
  • Pro-active and self-starter

Experience and Qualifications

  • Minimum of five years IT security experience with deep knowledge and experience of advance analysis (e.g. malware analysis, forensic investigations, packet level analysis, indication of compromise, etc)
  • Understanding of attack activities - scans, man in the middle, sniffing, (D)DoS, phishing, and abnormal activities such as worms, Trojans, viruses, privilege escalations, etc.
  • Experience working in a complex global environment with common security device functions and countering a variety of attack vectors.
  • Ability to use various security technologies for topics such as packet analysis, intrusion detection (including signature development), exploitation of vulnerabilities, searches in event data using Splunk, etc
  • Knowledge of common operating systems and network device functions
  • Creative mind-set and proven ability to think as a hacker and to translate this into threat scenario’s and use cases (evidence based analytical ability and attention to detail)
  • Broad experience in technical IT security topics and hold certifications like: Offensive Security Certified Professional (OSCP), GIAC Certified Forensic Analyst (GCFA), GIAC Certified Reverse Engineering Malware (GREM), GIAC Certified Forensic Examiner (GCFE), GIAC Certified Intrusion Analyst (GCIA), CISSP; Broad understanding of all stages of Information Risk Management
  • Excellent verbal and written communication skills and the ability to interact professionally with a diverse group: executives, managers, and subject matter experts
  • Effective and persuasive in both written and oral communication in English; strong interpersonal skills, with the ability to network across boundaries
  • Existing clearance with DHS/FBI or AIVD, or is willing to go through the clearance process
For more information, please apply below or contact us
this job portal is powered by CATS