Description of work
IIT is seeking a Threat Intelligence analyst to work on our Incident Response team on a project for an Atlanta based business. The candidate should have experience working as an analyst in a security operations center type environment and be able to work independently as well as with a group. This position may be worked remotely, although the Atlanta area is strongly preferred.
- Supporting the CSOC through intelligence collection, analysis and/or dissemination, and applying conclusions and judgments derived from threat and fraud intelligence
- Provide tactical intelligence to proactively identify new threats, vulnerabilities, and risks through key strategic alliances, innovative information gathering, and information sharing.
- Provide briefings to the overall security team involving trends, risks, targets, and other pertinent information discovered through intelligence gathering.
- Assist in proactively discovering typosquatted domains that infringe on our brands and issuing takedown requests to website registrars
- Configuring threat intelligence feeds and reports within Threat Intelligence toolset
- Correlation monitoring using multiple SIEM technologies
- Assist in Security Operations projects
- Performing threat hunts within the security tools
- Assist in gathering forensic data and physical equipment
- Support IR analysts during security incidents
- Work extended hours during active investigations/incidents
- Provide investigation data for trending & intel reports
- Assist in completing reports related to security operations
- Assist in training junior security and threat intel analysts on best practices and investigative methodologies
Qualifications & Experience
A Bachelor’s Degree and 3 years of related Cyber experience including demonstrated technical expertise in multiple information security domains, threat intelligence, or an equivalent combination of education, training and experience.
- Experience in proactively combatting Cyber Crime and profiling threat actors targeting certain areas of business
- Fraud and overall Brand Protection experience
- Experience reporting on current trends and threat actors actively targeting company assets
- Experience with Dark Web Personas, Sock Puppet Accounts, and related methodologies
- Experience with proactively threat hunting within a specific environment to identify IOC’s as well as potential attack vectors and vulnerabilities
- Working knowledge of Cybersecurity tools (IPS, AV, Firewall, Netflow, etc)
- Industry certifications (CEH, GCIA/GCIH, Treadstone, GCTI, etc)
- Experience with tools such as Maltego, Shadow Dragons, Recorded Future, Redpoints, Intel 471, etc.
- Experience reviewing security, application, web server, and other various types of logs
- Experience with PCAP analysis
- Demonstrated knowledge of: Linux, Windows
- Ability to multitask and prioritize task
- Expertise with Splunk, Crowdstrike, Exabeam are a plus
- Elevated troubleshooting skills and logical though process
- Ability to work independently and as a team to complete overall goals
- Excellent oral and written communication skills
- Ability to work under pressure and complete task within given deadlines
IIT is an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability, protected veteran status, or any other characteristics protected by applicable law. If you are a qualified job seeker with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access http://www.iit-corp.com/careers as a result of your disability. To request an accommodation, please email us at firstname.lastname@example.org and provide your name and contact information. To request an accommodation by telephone, contact us at 703-478-7600.
Please note: the email and telephone options listed above are only for job seekers with disabilities requesting an accommodation.