Job Details:
The SOC Threat Intelligence
Analyst will be responsible for collecting and disseminating CTI. They will
compile reports and translate the content into actionable activities for SOC
analysts, threat hunters, information technology staff, leadership etc
Service Definition:
This position supports
the Department of Management Division of Information Technology Security
Operations Center (SOC).The purpose of this position is to collect, review and
analyze data to produce reports to identify threats to state and local
government. Responsibilities include:
- •Develop and maintain priority intelligence
requirements.
- •Collect and maintain intelligence data.
- •Analyze threat data and assess threat/risks to state
and local government, and other partners.
- •Identify tactics, techniques, and procedures(TTPs)
used by threat actor.
- •Use and maintain CTI tools and
platforms.
The SOC Threat Intelligence Analyst will be responsible for collecting and
disseminating CTI. They will compile reports and translate the content into
actionable activities for SOC analysts, threat hunters, information technology
staff, leadership and other stakeholders. The position will also be responsible
for coordinating and communicating CTI with external partners. Demonstrated
detailed technical knowledge of threat actor motives, targets, and tactics and
how to investigate, mitigate and defend against them.
Candidate Requirements:
- •Strong problem solving and critical thinking skills.
- •Five years’ experience with threat intelligence and analytics
techniques.
- •Must be an individual of high integrity and be a model
of unwavering integrity to others.
- •Strong understanding of cyber security technologies
and strategies, including but not limited to: MITRE ATT&ACK framework,
attack surface management, security processes, best-practice
logging/monitoring, OSINT and incident response.
- •Demonstrated ability to work effectively with
customers to solve business challenges while balancing the need for
confidentiality, integrity, and availability.
- •Strong understanding of common and emerging attack
vectors, penetration methods and countermeasures.
- •Demonstrated ability to work independently, as part of
a team of peers, and also to support and make assignments in
multidisciplinary team environment.
- •Takes initiative to develop threat intel products that
match the organization’s general and priority intel requirements.
- •Demonstrated ability to solve complex problems,convey
both oral and written instruction, and handle multiple task interruptions
while providing services in a professional and courteous manner.
- •Excellent communication and presentation skills with
the ability to address both technical and non-technical audiences.
- •Capable of documenting and explaining technical
details/efforts in a concise, actionable manner
- •Certified Information Systems Security Professional
(CISSP), Certified Information Security Auditor (CISA), GIAC Security
Essentials(GSEC), or other information security certification is
preferred.