CYBER INTELLIGENCE ANALYST - REMOTE

The Cyber Intelligence Analyst participates in the identification, tracking, monitoring, containment and mitigation of information security threats. He/She performs analysis of endpoint and network data utilizing established processes and tools to perform threat identification, analysis, containment and remediation. This position is responsible for the documentation of security events and their resolution. The Cyber Intelligence Analyst communicates with and educates clients and asset owners to ensure understanding of processes and procedures, complex security topics and protocols, and risk resolution methodologies.

The Cyber Intelligence Analyst will be required to provide support on a rotating basis.

QUALIFICATIONS:

• Experience as Security Operations Center (SOC) Analyst or relevant Cyber Security focused incident response and handling roles

• Experience in Malware Reverse Engineering and Sandboxing

• Experience with SIEM Technology

• Significant experience with Linux, TCP/IP, UNIX, MS-Windows, IP Routing, Firewalls and IPS

• Understanding of behavioral based threat models, including ATT&CK, Cyber Kill Chain, Diamond Model, etc.

• Deep understanding of advanced cyber threats targeting enterprises, along with the tools, tactics, and procedures used by those threats

• Demonstrated experience using Open Source (OllyDbg, Radare, GDB, etc.) malware analysis tools

• Ability to analyze shellcode, and packed and obfuscated code, and their associated algorithms

• Ability to develop network and host-based signatures to identify specific malware. Recommend heuristic or anomaly-based detection methods

• Subject matter expertise in the detection, analysis and mitigation of malware

• Experience with Information Security Research, Malware Reverse Engineering, Cyber Threat Analysis, Windows Operating System and Data Analysis

• Knowledge of Research skills, Technical Writing, Information Security Research, Security Incident Response, Security Risk Assessment/Analysis

• Bachelors degree or other college equivalent is preferred.

• Incident response focused certifications such as GIAC GSEC (401), GCIH (504), GMON (511) or equivalent knowledge level preferred.

• Public cloud (AWS, Azure, GCP) certifications are preferred.

• This job is a grade 20G

• The last day to apply internally is October 25th at 11:59PM

• Work location - Remote

Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $84,900/year to $157,320/year. Pay is based on several factors including but not limited to, market location and may vary depending on job-related knowledge, skills, and education/training and a candidate’s work experience. Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company’s performance.

Hired applicants may be eligible for Medical/prescription drug coverage, Dental coverage, Vision coverage, Flexible Spending Account, Health Savings Account, Dependent Care Flexible Spending Account, Basic and Supplemental Life Insurance & Accidental Death and Dismemberment, Disability Income Protection Plan, Employee Assistance Program, 401(k) retirement program, Vacation, Paid Holidays and Personal time, Paid Sick and Family and Medical Leave time as required by law, and Discounted Employee Stock Purchase Program.