Thursday, January 25, 2018

Threat Intelligence Analyst

We are currently seeking a Cyber Threat Intelligence Analyst to join our Information Security Operations team within the Information Technology Services (ITS) department here at the University of Southern California. The Cyber Threat Intelligence (CTI) Analyst identifies, prioritizes and tracks cyber threat intelligence requirements, probes for signs of compromise, and provides initial analyses. Develops models to determine incident-type activities, organizes and contextualizes intel, and communicates the nature, impact and mitigations for applicable security vulnerabilities. Other responsibilities will include parsing large technical data sets, integrating output of technical research, and sharing and escalating severe findings to the team and management.
The ideal candidate must possess three years of experience in Information Security. He/she should also possess experience with security assessment tools such as NMAP, Nessus, Metasploit, and/or Netcat. Experience with log management or security information management tools as well as strong analytical and problem solving skills are also required for this role.
Information Technology Services (ITS) is committed to providing information technology (IT) services and support to the university. ITS provides essential, university-wide services such as:
·         Enterprise information systems
·         University wired and wireless networks
·         Educational Technology
·         Research Computing
·         IT Security

Location:- Los Angeles, California

Qualifications:
·         Must have a Bachelor’s degree or combined education/experience as substitute for minimum education
·         Minimum of 3 years of experience in Information Security
·         Experience with log management or security information management tools
·         Experience with security assessment tools such as NMAP, Nessus, Metasploit, and/or Netcat
·         Demonstrated knowledge of security intelligence threats and threat actors
·         Advanced knowledge and experience with packet capture and analysis
·         Strong analytical and problem solving skills
·         Ability to make information security risk determinations based on threat intelligence analysis
·         Excellent verbal and written communication skills
·         Typically possesses 1 year of direct experience integrating CTI within a Security Operations Center
·         Typically possesses CEH certification
·         Typically possesses one or more of the following: Intrusion Detection In-Depth – SEC503 (optional GCIA certification), Hacker Guard: Security Baseline Training – SEC464, Security Essentials – SEC501 (optional GCED certification) and Hacker Techniques, Exploits & Incident Handling – SEC504 (optional GCIH certification).

Job Accountabilities:
·         Identifies, prioritizes and tracks cyber threat intelligence requirements utilizing both technical and actor information across domains (crime, espionage, hacktivism); formulate and prioritize intelligence requirements according to established risk management framework
·         Hunts for indicators of compromise using various toolsets, and provides initial analysis of security intelligence feeds relative to network traffic analysis, intrusion detection, offensive security, data science and predictive analytics
·         Develops models for identifying incident-type activity, of malware or bad actors, using statistical/advanced analytic tools; shares indicators of compromise (IOC) models with trusted parties for validation and collaboration; synthesizes and places intelligence information into context; communicates the nature, impact and mitigations for applicable security vulnerabilities
·         Sifts through large technical data sets, and identifies intelligence collection requirements that can be met through automated and human collection methodologies
·         Integrates output of technical research, e.g., network forensics and reverse engineering, into intelligence products; communicates and escalates severe intelligence findings to team members and management
·         Collects, assesses and analyzes intelligence reports from multiple sources and disciplines; reviews incident logs/records mining for intrusion patterns; manages documentation and tracking of relevant threats 
·         Collaborates with other cyber intelligence analysts to ensure individual and team goals are met; maintain understanding of unit, department, and university regulations, policies, and procedures
·         Maintains awareness and knowledge of current changes within legal, regulatory, and technology environments which may affect operations. Ensures senior management and staff are informed of any changes and updates in a timely manner. Establishes and maintains appropriate network of professional contacts. Maintains membership in appropriate professional organizations and publications. Attends meetings, seminars and conferences and maintains continuity of any required or desirable certifications, if applicable
·         Performs other duties as assigned or requested. The university reserves the right to add or change duties at any time.

Preferred Qualifications
·         Bachelor’s Degree
·         1 year of direct experience integrating CTI within a Security Operations Center
·         CEH certification
·         One or more of the following: Intrusion Detection In-Depth – SEC503 (optional GCIA certification), Hacker Guard: Security Baseline Training – SEC464, Security Essentials – SEC501 (optional GCED certification) and Hacker Techniques, Exploits & Incident Handling – SEC504 (optional GCIH certification).


Abhishek Shrivastava
Resource Management Executive
(614)553-8532 abhishek.shrivastava@tgtus.com
Trinity Global Tech Inc.
www.tgtus.com