Cyber Threat Intelligence Analyst

About The Position

Requirements

• 2+ years of experience with a combination of cyber threat intelligence or research AND threat detection or incident response work, at least 1 year of which should be in a large multinational company
• Knowledge of how fake domains are used by threat actors
• Knowledge of threat intelligence tools & management platforms
• Intimate knowledge of the MITRE ATT&CK Framework, Cyber Kill Chain, Diamond Model of Intrusion Analysis, or other relevant network defense and intelligence frameworks
• Experience with collecting, analyzing, and interpreting data from multiple sources, documenting the results and providing meaningful data on domains to detection and fraud reduction teams
• Knowledge of the principal methods, procedures, and techniques of gathering information and producing, reporting, and sharing intelligence
• Demonstrated knowledge of common adversary tactics, techniques, and procedures (TTPs)
• Knowledge of enterprise level ticketing systems, SLA management, and processes found within cyber fusion centers

Responsibilities

• Maintain and be the primary subject matter expert on threat modeling methodology such as Kill Chain, Diamond Model, and MITRE ATT&CK framework to identify, classify, prioritize and report on domain related cyber threats using a structured approach.
• Lead global intelligence team’s daily task management and operations on domain reviews so that threat actors cannot easily stand up fake PepsiCo infrastructure to attack employees or internal systems.
• Develops a risk-based model of threat activity, trends and common fake domain themes to support automated threat detection, blocking, blacklisting, and reporting.
• Provides data driven research to internal teams and leadership on changes to the domain threat landscape through various internal and external tools to support broader domain management within the company.
• Builds and manages domain repository within the organization through feed integration with partner institutions, mailing lists, open source news, and industry partnerships.
• Establish relationships between the GTMR team and other groups, both internal (e.g., other CFC teams) and external (e.g., paid partnerships, and trust groups) managing domains and network operations across the company.
• Build digital integrations and share relevant domain findings to variety of internal audiences (Senior Leadership, IT Teams, User communities, etc.) and with external trust groups.
• Participation in after hours on-call rotation when required.

Benefits

• The expected compensation range for this position is between $80,200 - $134,250.
• Bonus based on performance and eligibility target payout is 8% of annual salary paid out annually.
• Paid time off subject to eligibility, including paid parental leave, vacation, sick, and bereavement.
• Medical, Dental, Vision, Disability, Health, and Dependent Care Reimbursement Accounts, Employee Assistance Program (EAP), Insurance (Accident, Group Legal, Life), Defined Contribution Retirement Plan.