Wednesday, February 8, 2017



  • Collaborate and share information with R-CISC members on a daily basis
  • Identify and prioritize emerging threats and potential attack campaigns
  • Build contextual threat analysis using open and private intelligence sources
  • Produce or contribute to the development of in-depth situational intelligence briefs covering emergent threats and attack campaigns
  • Produce threat bulletins that keep customers informed
  • Define threat intelligence collection, analysis and presentation requirements to drive continuous improvement and enhanced capabilities
  • Maintain and grow subject matter expertise and trust group connections
  • Support technologies and systems that comprise the R-CISC’s sharing platform and contribute to the threat analysis resources

Key Objectives

  • Perform daily operational activities related to information sharing and analysis for threat information to enable R-CISC Member sharing
  • Identify trends and behaviors that can help R-CISC Members prioritize detection and response to critical threats
  • Contribute to the production of R-CISC Threat Intelligence products and reports

Required Skills and Experience

  • An understanding of how threat actors exploit vulnerabilities in networks, protocols, operating systems, and applications, including malware, social engineering, and other hacking methods
  • Exposure to and familiarity with different malware families, botnets, threats by sector, and various attack campaigns
  • Experience collecting, analyzing, and validating Open Source Intelligence
  • Demonstrable prior experience creating and publishing complex technical information security content for external consumption, as an individual contributor and in a collaborative context
  • Excellent verbal skills including the ability to communicate effectively when working remotely
  • Ability to produce when working independently with minimum structure and supervision
  • Ability to take on additional tasks as incidents arise and demand warrants
  • Be capable of achieving a security clearance

Preferred Skills and Experience

  • Foreign language fluency a plus, preferably Chinese (Mandarin/Other) or Russian
  •  Prior experience in an operational security role, preferably incident response or experience with common host and network security tools
  • Ability to network traffic generated by malware
  • Experience working within the retail industry, or for retail industry clients
  • Existing security clearance a plus


Bachelor of Science in Computer Science preferred


Contact Dan Holden, Intelligence Director at