Sr. Senior Threat Intelligence Analyst

Trellix•Reston, VA

1d•Onsite

About The Position

Trellix Threat Intelligence is a portfolio of solutions and services from our team of experts including our cybersecurity product team, Trellix Guardians Group, and our Advanced Research Centre (ARC). We help defend our customers against everyday threats with the tight collaboration between both our product team and our threat researchers working together in real time. The Trellix Guardians deliver cyber threat intelligence, assessment, education, and incident response services to global customers to enable them to prepare, detect, and respond to the wide array of malicious cyber activity that persistently threatens organizations across all industry sectors. The Threat Intelligence Analyst will collaborate with customers to enhance their cyber threat intelligence capabilities by leveraging the experience, knowledge, tools, and data of the Trellix cyber defense enterprise. The role is responsible for delivering cyber threat intelligence services, which include knowledge of sophisticated threat actors and associated tactics, techniques, and procedures, along with research, collection, analysis, and reporting of finished intelligence. The role will support customer security operations including planning and risk assessment, vulnerability assessment, 24x7x365 monitoring, and incident response. The Threat Intelligence Analyst will report to the Senior Manager of the threat intelligence branch of Trellix Guardians. This is an on-site role at a customer facility at Fort Belvoir in Virginia. As a member of the Guardians, the Analyst will collaborate with Guardian teammates, members of the ARC, Trellix Professional Services Consultants, and third-party partners. The analyst will serve as a primary customer interface and will become immersed in customer operations through rapid learning and establishing relationships. This is a resident analyst role supporting a customer in a full-time capacity.

Requirements

Self-motivation and a genuine passion for cybersecurity are essential.
A keen interest in tracking threat actors drives your daily work.
Strong proficiency in structured analytical techniques is required, including Quality of Information Checks, ACH, Key Assumptions Checks, and Gap Analysis.
Critical thinking skills allow you to remain objective and avoid analytical biases.
The ability to produce clear, complete, and concise reporting under tight deadlines with extreme attention to detail is a must.
Expertise includes a deep understanding of cyber threats, attack vectors, detection capabilities, and countermeasures.
Experience with open-source intelligence (OSINT) collection methods and tools is vital.
Background working within a Security Operations Center (SOC) to monitor, respond to, and remediate detected issues.
A clear grasp of organizational Incident Management processes as they relate to threats and vulnerabilities.
Technical knowledge of XDR/EDR, Endpoint Security tools (AV, whitelisting, etc.), and Threat Hunting.
High-level comprehension of malware types, detection methods, and analysis techniques.
Familiarity with industry frameworks such as MITRE ATT&CK and D3FEND, the Cyber Kill Chain, and the Diamond Model.
Proven track record of identifying and mitigating cyber threats using various detection strategies.
Solid understanding of technical vulnerabilities and their associated risks.
Hands-on experience with SIEM tools and collaborating closely with SIEM Analysts on event correlation and analysis.
5+ years of intelligence gathering, analysis, and reporting experience.
the candidate needs to have, or be willing to get, the 8140 IAT III and 8140 IASAE II certificates.
Active Top Secret SCI clearance

Nice To Haves

A Bachelor's degree in information security, cyber discipline, political science or a related analytical field is not required but considered an asset.

Responsibilities

Serve as a cyber threat intelligence subject matter expert and trusted advisor.
Integration with customers’ operations-intelligence cycles is required to effectively inject cyber threat intelligence.
Collaborate with Trellix employees, customers, and third parties to collectively support the defense of the customer’s network and mission elements.
Develop information/intelligence requirements and establish associated priorities.
Identify intelligence gaps and uncover opportunities to improve intelligence sharing and utility.
The role involves creating tailored strategies for research, data collection, analysis, and reporting focused on customers’ areas of interest.
Draft comprehensive responses to customer requests for information/intelligence (RFIs).
Perform all-source research and analysis using Trellix tools, data sets, third-party tools, and open sources.
Produce high-quality written and oral reporting, including active participation in peer review and quality assurance.
Map relationships between malicious cyber activity and global events, such as geopolitical shifts, natural disasters, or crises.
Deliver expert threat intelligence presentations to diverse customer teams, ranging from technical staff to senior executives (General/Flag Officers, SES/SIS, and C-Suite).
Maintain an up-to-the-minute understanding of the cyber threat landscape, including APTs, motivations, attack vectors, and TTPs.