Junior Cyber Threat Intelligence Analyst

About The Position

Requirements

• Experience performing 'deep dive' analysis and correlation of log data from multiple sources including PCAP and forensic artifacts.
• Previous experience as a cyber threat intel analyst (strong skills in tactical cyber threat intelligence preferred).
• Solid understanding of advanced cyber threats targeting enterprises, along with the tools, tactics, and procedures involved in those threats.
• Some experience with vulnerability research, exploit and/or malware investigation.
• Solid understanding of behavioral based threat models, including ATT&CK, Cyber Kill Chain, Diamond Model, etc.
• Experience working with threat intel platforms and SIEM-type platforms.
• Competence in communicating actionable threat intelligence to technical and operational-level audiences.
• Experience writing Python (or PowerShell) scripts to parse datasets, automate routine intelligence tasks, and support existing system integrations.
• Excellent communication skills including oral briefing, training and written analysis.
• Detail-oriented, deadline-driven, adaptable and dependable.
• Personable, professional and driven by a can-do spirit.
• Embrace new challenges and thrive in a matrixed environment.
• Genuine in the desire and willingness to support teammates.

Nice To Haves

• Cyber threat analysis associated with retail and hospitality sector threats preferred.
• Prior experience with MISP a plus.
• SOC experience and or security certifications a plus.

Responsibilities

• Support the configuration, day-to-day operation, and ongoing improvements of the RH-ISAC Malware Information Sharing Platform (MISP) under established standards and guidance.
• Monitor all levels and types of member activities on the MISP platform, applying established data quality standards, taxonomy guidance, and sharing controls.
• Ensure appropriate handling, classification, and sharing of member-submitted intelligence in accordance with RH-ISAC trust principles and information sharing policies.
• Enrich, vet, and maintain technical data, including indicators of compromise, shared from members and key stakeholders.
• Work with member analysts to support intelligence sharing and assist with questions related to RH-ISAC intelligence and tooling.
• Assist members in consuming RH-ISAC-generated data and intelligence, developing use cases to share with broader membership.
• Use analyst tools and OSINT to provide members with more visibility of corroborated RH-ISAC intelligence.
• Provide support for member analysts’ requests for assistance in threat hunt and investigations in a timely manner, as needed.
• Participate in calls for committees, working groups and special interest groups, as necessary, to gain information and member input on relevant topics.
• Participate in RH-ISAC workshops and member visits to build relationships and become more acquainted with member needs and requirements.
• Work collaboratively with RH-ISAC team members to achieve strategic and tactical objectives.
• Encourage active, ongoing collaboration among peers to promote shared goals and initiatives.
• Perform 'deep dive' analysis and correlation of log data from multiple sources including PCAP and forensic artifacts.
• Communicate actionable threat intelligence to technical and operational-level audiences.
• Write Python (or PowerShell) scripts to parse datasets, automate routine intelligence tasks, and support existing system integrations.

Benefits

• Medical insurance
• Dental insurance
• Vision insurance
• Flexible savings account (FSA)
• Health saving account (HSA)
• Short-term disability plans
• 401k plan with a matching contribution