Senior Threat Analyst

Senior Threat Analyst

Salary: $140k-$160k + bonus

Location: Hybrid role in either location

Chicago, IL/Dallas, TX

Qualifications

• Bachelor's degree in Computer Science, Engineering, or another related field.
• 3-5 years of information security experience, preferably in the financial services industry.
• Minimum one-year hands-on security operations experience including interdisciplinary experience with four or more of the following: Cyber Threat Analysis, Digital Computer Forensics, Incident Response, Application Security, Operating Systems Security, Cryptographic Controls, Networking, Programming languages, Incident Response
• Familiarity with computer network exploitation and network attack methodologies
• Strongly prefer at least one of the following certifications: CISSP, GCTI, GCIA, GCIH, GCFA, CHFI, CCE, CFE

Proficient in

• Intelligence analysis
• Adversary TTP analysis in network and host-based attacks
• Vulnerability assessment tools (Qualys, Nessus, nmap, etc.)
• Incident Response activities
• Log analysis technologies (SIEM, network sniffers, etc.)
• Other Security preventative and detective technologies (EDR, network-based analysis, etc.)
• Standard technical writing tools including MS Word, Excel, Project and Visio

Familiar with

• Directory services, LDAP, and their inherent security (Active Directory, CA Directory).
• Proxy and caching services.
• Client Server platforms including Sun Solaris, Windows, Linux.
• Operating system hardening procedures (Solaris, Linux, Windows, etc.)
• LAN/WAN routing and high availability (OSPF, BGP4/iBGP, EIGRP and NSRP).
• Web Application Firewalls.
• Cloud based security tools and techniques (AWS, Azure, GCP, etc.)

Responsibilities

• Develop and report threat hunting hypotheses based on applicable security threats to the organization.
• Execute threat hunting operations based on hypotheses reports across varied environments.
• Identify enhancements of current threat and situational intelligence sources leveraging proprietary enterprise data, as well as a variety of external sources and open-source data.
• Perform security incident response activities including investigation, coordination, review, and reporting.
• Execute technical analysis of security events while coordinating incident response activities with internal and external teams.
• Ensure collection and preservation of data associated with cyber security incident response activities follow industry best practices and established procedures.
• Develop and support briefings to senior management as a trusted incident responder.
• Oversee process of monthly reporting to Security management on Threat, Vulnerability, and Incident management metrics.
• Proven team player will be working primarily with other staff members, on both long-term projects and rapid response under tight deadlines.
• Technical understanding of adversarial activities to support threat hunting and purple team operations.