Cyber Data Intelligence Analyst

Location: Houston, TX, United States
Date Posted: 01-29-2019

We are seeking a Cyber Data Intelligence Analyst for a Major O&G company with the ability to work some remotely. 

The Data Intelligence Analysis team searches through large, diverse sets of internal and external data to detect any unknown active cyber security threats and weaknesses in existing security controls. You will regularly come up with new hypotheses on how adversaries may be attacking us and will prove out your hypotheses based on event data. Furthermore, you will use statistical and machine learning techniques to identify outliers that will be further investigated. Once the unknown becomes known, you will ensure that we automate our detection and hand it over to our 24x7 Monitoring team. The Data Intelligence Analysis team is paramount to ensuring there is continuous improvement in the detection capabilities and will keep track of the ever-increasing threat landscape.

Data Analytics
  • Analyze, investigate and report on threat intelligence and events. Track TTPs and perform attribution for the most relevant threats.
  • Develop hypothesis on the unknown threat and proof them out during your analysis.
  • Find correlations in event data to automate classification and triage of events for further investigation.
  • Develop security “use cases” and threat scenarios.
  • Co-develop analytical algorithms.
  • Create and/or recommend changes to Splunk policies, filters and rules.
  • Setup and continuous improvement of Data Analysis processes, protocols, skills and tools.
  • Keep up-to-date within your area of expertise and support adoption of best practice and compliance with security standards.
  • Lead improvement projects in the Threat & Analytics team and support our expansion into Big Data analytics.
  • Coach and teach more junior threat analysts to increase the knowledge within the team.
  • Assist in discovery of cyber vulnerabilities and investigation of global cyber security incidents where required.
Collaboration
  • Collaborate with service providers to enrich hunting activities.
  • Assure the quality of work from colleagues (e.g. Level 1 Analysts).
  • Work across multiple organizations, cultures and service providers to pull together actionable information and management information.
  • Report out significant finds to relevant parties for awareness and after action.

Traits needed for a Cyber Data Intelligence Analyst

  • Is a knowledgeable, creative and responsible IT security professional.
  • Has excellent analytical skills and appreciates a technical challenge.
  • Has a good technical understanding of and experience with IT networks, infrastructure and applications.
  • Has a passion for IT technology and is able to share that with other members of the team.
  • Has good written and verbal communication skills  and provides well-informed advice.
  • Produces high quality deliverables in terms of both content and presentation. Examples of deliverables include: reports, presentations and reasoned arguments.
  • Carries out assignments and projects, alone or as part of a team, applying knowledge, skills, and experience.
  • Demonstrates an understanding of the issues of interest and proposes viable solutions within the scope of own expertise, taking into account the needs of those affected.
  • Maintains knowledge and experience of current practice within own area of expertise and is aware of current developments within own area of expertise.
  • Develops and maintains knowledge of Cyber security and maintains an awareness of current developments.
  • Promotes transfer of knowledge and awareness of information security to those in related areas.
  • Is comfortable working virtually.
  • Pro-active and self-starter

Experience and Qualifications

  • Minimum of ten years IT security experience with deep knowledge and experience of advance analysis (e.g. malware analysis, forensic investigations, packet level analysis, indication of compromise, etc)
  • Understanding of attack activities - scans, man in the middle, sniffing, (D)DoS, phishing, and abnormal activities such as worms, Trojans, viruses, privilege escalations, etc.
  • Experience working in a complex global environment with common security device functions and countering a variety of attack vectors.
  • Ability to use various security technologies for topics such as packet analysis, intrusion detection (including signature development), exploitation of vulnerabilities, searches in event data using Splunk, etc
  • Knowledge of common operating systems and network device functions
  • Creative mind-set and proven ability to think as a hacker and to translate this into threat scenario’s and use cases (evidence based analytical ability and attention to detail)
  • Broad experience in technical IT security topics and hold certifications like: Offensive Security Certified Professional (OSCP), GIAC Certified Forensic Analyst (GCFA), GIAC Certified Reverse Engineering Malware (GREM), GIAC Certified Forensic Examiner (GCFE), GIAC Certified Intrusion Analyst (GCIA), CISSP; Broad understanding of all stages of Information Risk Management
  • Experience with Data Science concepts and Big Data architectures / technology is a pre.
  • Excellent verbal and written communication skills and the ability to interact professionally with a diverse group: executives, managers, and subject matter experts
  • Effective and persuasive in both written and oral communication in English; strong interpersonal skills, with the ability to network across boundaries

 

For more information, please apply below or contact us
 
this job portal is powered by CATS