Sr Threat Intelligence Analyst - Erlanger, KY
Archer Daniels Midland
Sr Threat Intelligence Analyst - Erlanger, KY
Responsibilities include, but are not limited to:Demonstrate and apply subject matter expertise in a variety of information security disciplines, both technical and non-technicalResponsible for the collection, processing, analysis, and production of tactical, operational, and strategic intelligence throughout the organizationPrioritize work, collate information from various sources, and move swiftly toward strong analytical conclusionsHelp develop and maintain CTI processes, procedures, playbooks, etc.Develop, maintain, and execute the threat communication / product distribution processesAuthor professional looking reports that can be clearly understood by technical, non-technical, and executive consumers based on the audienceAccept and incorporate intelligence product feedback from consumers and stakeholdersAccept editorial input from the CTI Manager and higherReadiness to defend analysis in the face of opposing opinionsEmploy predictive analytic methods to determine changes in adversary’s capabilities, motivations, and intent, while providing recommendations to reduce risk before exposure to threats occurUse intelligence tools to hunt large sets of data to find threat activity and analyze it.Provide direct analytic support to the security operations teams providing context to active risks and threats using intelligenceWork individually, with a team, and in a hybrid managing services environment utilization various partners in dynamic waysHelp prioritize and lead cases, investigations, daily work tasks, and projects with management guidanceMentor junior analystsRequirements7+ years’ experience in an intelligence role with 3+ years in cyber threat intelligence roleBachelor’s Degree in computer science, engineering, computer information systems, or 5+ years of experience in an information security-related fieldSecurity certifications such as CISSP or SANS preferredStrong verbal and written communication and presentation skillsIn-depth knowledge of ITExpertise in understanding and applying the intelligence lifecycleIntelligence analysis tradecraft skillsStrong experience in vulnerability, exploitation, penetration testing conceptsStrong experience with information security, host- and network-based forensics, monitoring, detection, and incident response best practicesStrong experience in computer intrusions, malicious code, and technical aspects of associated threat vectors, adversarial TTPs, and their relation to the cyber kill chainIn-depth knowledge of the general cyber threat landscape coupled with the ability to quickly determine how threats can or will affect an organization, based on factors such as confidence, likelihood, impact, and probability.Understanding the MITRE attack framework.Working knowledge of intelligence analysis applications, tools, and systems and the ability to use them on datasets to analyze threatsDesired Skills and ExperienceFive or more years of direct experience actively managing/using threat intelligence to reduce risk and threat exposureExposure to assessing technical intelligence collection and analytic products, including behavioral analysis and reverse engineering outputs from researcher teams or automated sandbox testingFamiliarity with various technologies such as SIEM, IDS/IPS, Proxy, endpoint and enterprise incident management systems, as well as applications such as Microsoft Office, ServiceNow, or comparable productsKnowledge of the cyber threat landscape for manufacturing, brokerage services, business operation, research, supply chain, transportation, etc on a global scaleFamiliarity with world events, geo-politics, etc. and how they often influence the cyber threat.Familiarity with insider threat investigations and programs.Excited about this role but don’t think you meet every requirement listed? We encourage you to apply anyway. You may be just the right candidate for this role or another one of our openings.
ADM requires the successful completion of a background check.
REF:101495BR
Position Summary
SCTIAs, under general supervision, provides support to leaders and cyber security analysts by consuming, analyzing, and reporting tactical, operational, and strategic threat intelligence. The SCTIAs focus their efforts on processing indicators of compromise from known attacks, emerging cyber threats, current events and their potential cyber impacts, threat actors, threat actor tools and techniques, motivations of threat actors, and malware, etc. The SCTIA will need to use intelligence processes and tools to work all of this threat information to develop intelligence products that are useful to leadership and cyber security analysts in the security operations center, incident responders, hunt teams, vulnerability management, etc.
Responsibilities include, but are not limited to:Demonstrate and apply subject matter expertise in a variety of information security disciplines, both technical and non-technicalResponsible for the collection, processing, analysis, and production of tactical, operational, and strategic intelligence throughout the organizationPrioritize work, collate information from various sources, and move swiftly toward strong analytical conclusionsHelp develop and maintain CTI processes, procedures, playbooks, etc.Develop, maintain, and execute the threat communication / product distribution processesAuthor professional looking reports that can be clearly understood by technical, non-technical, and executive consumers based on the audienceAccept and incorporate intelligence product feedback from consumers and stakeholdersAccept editorial input from the CTI Manager and higherReadiness to defend analysis in the face of opposing opinionsEmploy predictive analytic methods to determine changes in adversary’s capabilities, motivations, and intent, while providing recommendations to reduce risk before exposure to threats occurUse intelligence tools to hunt large sets of data to find threat activity and analyze it.Provide direct analytic support to the security operations teams providing context to active risks and threats using intelligenceWork individually, with a team, and in a hybrid managing services environment utilization various partners in dynamic waysHelp prioritize and lead cases, investigations, daily work tasks, and projects with management guidanceMentor junior analystsRequirements7+ years’ experience in an intelligence role with 3+ years in cyber threat intelligence roleBachelor’s Degree in computer science, engineering, computer information systems, or 5+ years of experience in an information security-related fieldSecurity certifications such as CISSP or SANS preferredStrong verbal and written communication and presentation skillsIn-depth knowledge of ITExpertise in understanding and applying the intelligence lifecycleIntelligence analysis tradecraft skillsStrong experience in vulnerability, exploitation, penetration testing conceptsStrong experience with information security, host- and network-based forensics, monitoring, detection, and incident response best practicesStrong experience in computer intrusions, malicious code, and technical aspects of associated threat vectors, adversarial TTPs, and their relation to the cyber kill chainIn-depth knowledge of the general cyber threat landscape coupled with the ability to quickly determine how threats can or will affect an organization, based on factors such as confidence, likelihood, impact, and probability.Understanding the MITRE attack framework.Working knowledge of intelligence analysis applications, tools, and systems and the ability to use them on datasets to analyze threatsDesired Skills and ExperienceFive or more years of direct experience actively managing/using threat intelligence to reduce risk and threat exposureExposure to assessing technical intelligence collection and analytic products, including behavioral analysis and reverse engineering outputs from researcher teams or automated sandbox testingFamiliarity with various technologies such as SIEM, IDS/IPS, Proxy, endpoint and enterprise incident management systems, as well as applications such as Microsoft Office, ServiceNow, or comparable productsKnowledge of the cyber threat landscape for manufacturing, brokerage services, business operation, research, supply chain, transportation, etc on a global scaleFamiliarity with world events, geo-politics, etc. and how they often influence the cyber threat.Familiarity with insider threat investigations and programs.Excited about this role but don’t think you meet every requirement listed? We encourage you to apply anyway. You may be just the right candidate for this role or another one of our openings.
ADM requires the successful completion of a background check.
REF:101495BR
Confirmar seu email: Enviar Email
Todos os Empregos de Archer Daniels Midland