200+ applicants

Company

Trustwave · 1 day ago

Sr Cyber Threat Intelligence Analyst

United States

Full-time

Remote

Mid, Senior Level

2+ years exp

Maximize your interview chances

Cloud SecurityCyber Security

Comp. & Benefits

No H1B

Insider Connection @Trustwave

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Source and execute an intel curation methodology to identify, classify and prioritize threats from internal sources, 3rd-party, OSINT, DarkINT, social, etc.

Maintain the MSS Threat Intelligence Platform

Provide advisory support and reporting on threat actors, groups and campaigns to internal teams

Manage and respond to emerging threat activity for MSS

Develop actionable threat intelligence; both tactical and operational

Execute proactive threat actor tracking and build a portfolio of threat profiles and trends from MSS activity

Apply intelligence through collaboration with peers to create use cases and detection rules for MSS

Perform periodic cyber advisory presentations for Trustwave teams

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

MITRE ATT&CK understandingNIST framework knowledgeThreat intelligence productionIncident response experienceSIEM experienceEDR experienceSecurity analysis skillsIntelligence lifecycle knowledgeMISP experienceSTIX/TAXIIUnix/Linux administrationWindows administrationCTI experienceSecurity certificationsComplex critical thinkingAdvanced communication skillsScriptingPythonAPI experienceIncident management skillsSelf-managedCustomer service skills

Required

Complex critical thinking and security analysis skills

Advanced written and verbal communication skills for a wide array of audiences

Ability to communicate technical risk details into easy-to-understand language

Knowledge of intelligence lifecycle

Solid understanding of MITRE ATT&CK, Diamond model, NIST and other relevant frameworks

Ability to prioritize and execute tasks in a high-pressure environment

Experience working in a team-oriented and collaborative environment including cross-functional collaboration

1 – 2 years’ experience using and maintaining MISP or similar TIP solutions

Minimum of 2-years’ experience producing threat intelligence, tracking cyber threats, incident response and/or threat hunting with a focus on attacker TTPs and attribution

Understanding of STIX / TAXII

Scripting, Python, and API experience

1-3 years of SIEM experience with Microsoft Sentinel, Splunk, IBM Qradar or other platforms

1-3 years of EDR experience with solutions from Microsoft, Palo Alto Networks, Sentinel One, Trellix, Crowdstrike or other platforms

Unix/Linux and Windows system administration

Excellent analytical thinking and problem-solving skills

Superb incident management and incident response skills

Strong oral and written communication skills

Self-managed and team oriented

Deadline and detail oriented

Highly motivated with excellent teaming and customer service skills