Senior Cyber Threat Intelligence Analyst

SCTIAs, under general supervision, provides support to leaders and cyber security analysts by consuming, analyzing, and reporting tactical, operational, and strategic threat intelligence. The SCTIAs focus their efforts on processing indicators of compromise from known attacks, emerging cyber threats, current events and their potential cyber impacts, threat actors, threat actor tools and techniques, motivations of threat actors, and malware, etc. The SCTIA will need to use intelligence processes and tools to work all of this threat information to develop intelligence products that are useful to leadership and cyber security analysts in the security operations center, incident responders, hunt teams, vulnerability management, etc.

The SCTIA will need to build and maintain a deep understanding of business operations and environment in order to determine the relevance of the threat information, and well as the vectors adversaries may use to attack. The SCTIA will provide direct support and assist in investigations conducted by cyber incident responders, physical security, security operations center, hunt teams, insider threat, legal, etc.

Responsibilities include, but are not limited to:

1. Demonstrate and apply subject matter expertise in a variety of information security disciplines, both technical and non-technical
2. Responsible for the collection, processing, analysis, and production of tactical, operational, and strategic intelligence throughout the organization
3. Prioritize work, collate information from various sources, and move swiftly toward strong analytical conclusions
4. Help develop and maintain CTI processes, procedures, playbooks, etc.
5. Develop, maintain, and execute the threat communication / product distribution processes
6. Author professional-looking reports that can be clearly understood by technical, non-technical, and executive consumers based on the audience
7. Accept and incorporate intelligence product feedback from consumers and stakeholders
8. Accept editorial input from the CTI Manager and higher
9. Readiness to defend analysis in the face of opposing opinions
10. Employ predictive analytic methods to determine changes in adversary’s capabilities, motivations, and intent, while providing recommendations to reduce risk before exposure to threats occur
11. Use intelligence tools to hunt large sets of data to find threat activity and analyze it.
12. Provide direct analytic support to the security operations teams providing context to active risks and threats using intelligence
13. Work individually, with a team, and in a hybrid managing services environment utilizing various partners in dynamic ways
14. Help prioritize and lead cases, investigations, daily work tasks, and projects with management guidance
15. Mentor junior analysts

Requirements

1. 7+ years’ experience in an intelligence role with 3+ years in cyber threat intelligence role
2. Bachelor’s Degree in computer science, engineering, computer information systems, or 5+ years of experience in an information security-related field
3. Security certifications such as CISSP or SANS preferred
4. Strong verbal and written communication and presentation skills
5. In-depth knowledge of IT
6. Expertise in understanding and applying the intelligence lifecycle
7. Strong experience in vulnerability, exploitation, penetration testing concepts
8. Strong experience with information security, host- and network-based forensics, monitoring, detection, and incident response best practices
9. Strong experience in computer intrusions, malicious code, and technical aspects of associated threat vectors, adversarial TTPs, and their relation to the cyber kill chain
10. In-depth knowledge of the general cyber threat landscape coupled with the ability to quickly determine how threats can or will affect an organization, based on factors such as confidence, likelihood, impact, and probability.
11. Understanding the MITRE attack framework.
12. Working knowledge of intelligence analysis applications, tools, and systems and the ability to use them on datasets to analyze threats
13. Ability to lift 25 lbs. and detect color coded events

Desired Skills and Experience

1. Five or more years of direct experience actively managing/using threat intelligence to reduce risk and threat exposure
2. Exposure to assessing technical intelligence collection and analytic products, including behavioral analysis and reverse engineering outputs from researcher teams or automated sandbox testing
3. Familiarity with various technologies such as SIEM, IDS/IPS, Proxy, endpoint and enterprise incident management systems, as well as applications such as Microsoft Office, ServiceNow, or comparable products
4. Knowledge of the cyber threat landscape for manufacturing, brokerage services, business operation, research, supply chain, transportation, etc. on a global scale
5. Familiarity with world events, geo-politics, etc. and how they often influence the cyber threat.
6. Familiarity with insider threat investigations and programs.

EEO Employer

Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at employeeservices@apexsystems.com or 844-463-6178.

Apex Systems is a world-class IT services company that serves thousands of clients across the globe. When you join Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRated's Best of Staffing in Talent Satisfaction in the United States and Great Place to Work in the United Kingdom and Mexico.

Apex Benefits Overview: Apex offers a range of supplemental benefits, including medical, dental, vision, life, disability, and other insurance plans that offer an optional layer of financial protection. We offer an ESPP (employee stock purchase program) and a 401K program which allows you to contribute typically within 30 days of starting, with a company match after 12 months of tenure. Apex also offers a HSA (Health Savings Account on the HDHP plan), a SupportLinc Employee Assistance Program (EAP) with up to 8 free counseling sessions, a corporate discount savings program and other discounts. In terms of professional development, Apex hosts an on-demand training program, provides access to certification prep and a library of technical and leadership courses/books/seminars once you have 6+ months of tenure, and certification discounts and other perks to associations that include CompTIA and IIBA. Apex has a dedicated customer service team for our Consultants that can address questions around benefits and other resources, as well as a certified Career Coach. You can access a full list of our benefits, programs, support teams and resources within our ‘Welcome Packet’ as well, which an Apex team member can provide.