Thursday, September 19, 2019

Cyber Security Threat Analyst

Client: Pacific Gas and Electric (PG&E)
Role: IT - Cyber Security Threat Analyst /Specialist- Expert
Duration: 06+ months (With Possible extension)
Location: Concord, CA 94518
ID: 11324

College degree in Cyber Security, Technical Intelligence, or a related technical field; equivalent work experience; or a combination of education, training, and relevant work experience
• Certificate of completion in an area of technical study (WCNA, GMON, GCIA, CCNA, etc)
• 6 years of Technical Intelligence, Information Technology or Science and Technology experience, with at least 4 years of experience in technical security working with security tools, technical analysis tools, security operations, security intelligence or equivalent functions
• Strong technical understanding of vulnerabilities and how attackers can exploit vulnerabilities to compromise systems
• Knowledge of vulnerability sources such as the NVD, OSNVD, and commercial vendors
• Strong analytical ability with readiness to defend analysis in the face of countervailing opinions
• Knowledge of public intelligence sources such as ICS-CERT, FBI Infragard, HSIN
• Knowledge of paid intelligence sources such as iSight, CrowdStrike, and Digital Shadows
• Ability to work effectively with an incomplete data set; willing to apply logic and academic rigor to make sound analytical assessments
• A quick study of new technologies, industries, threats, and scenarios
• Strong, concise communication skills with an easy to understand writing style; able to build a compelling and effective narrative
• Knowledge of APT Groups
• Knowledge of TTPs related to groups targeting the energy sector

• Government intelligence community from a directorate of science and technology
• Experience in the utility industry
• Experience working in cross agency task forces
• Previous experience with investigative and analytical software tools

• Supports the Director, SIOC and Manager, SIOC/Threat Intelligence drive the Intelligence Driven Defense model
• Researches and writes in-depth reports and advisories on threats to employees and operations
• Provides rapid assessments of potentially imminent security situations, sensitive developments and complex threat issues
• Identifies, tracks, and monitors emerging security threats, vulnerabilities and trends
• Keeps current with changing technologies, threat actors and geopolitical events which could impact stability and operations
• Perform hunting for malicious activity across the network and digital assets
• Respond to computer security incidents and conduct threat analysis
• Identify and act on malicious or anomalous activity
• Conducts analysis using a variety of tools and data sets to identify indicators of malicious activity on the network
• Perform detailed investigation and response activities for potential security incidents
• Provide accurate and priority driven analysis on cyber activity/threats
• Perform payload analysis of packets
• Detonate malware to assist with threat research
• Recommends implementation of counter-measures or mitigating controls
• Provide cogent intelligence analysis and make recommendations based on findings to PG&E decision makers in both written and oral form
• Maintain a high state of situational awareness regarding threats to the Corporation, the industry and US critical infrastructure
• Alert decision makers to emerging threats in a timely manner
• Leverage existing expertise and knowledge in order to improve the intelligence deliverable
• Support and participate in crisis events with intelligence collection, analysis and/or dissemination
• Establish and ensure the maintenance of PG&E Security Intelligence best practices
• Provide professional advice, guidance and mentorship to team members
• Build strong, cooperative relationships across the entire PG&E organization, and in the broader intelligence/law enforcement world
• Continuously identify new and innovative threat monitoring, visualization, and detection solutions
• Mentor junior staff in cybersecurity techniques, processes, and modus operandi, especially related to malicious cyber actors, to include APT and hacktivists
• Perform pro-active hunting for intelligence related to malicious activity that can impact PG&E’s network and digital assets
• Become a subject matter expert for PG&E and the Utility Sector for threat intelligence

Comments/Special Instructions
We would prefer local candidates, just easy for in house interviews but open for good non local candidates. This job requires the candidate to be working onsite in concord.
Top 3 things we are looking for in a candidate: Strong analytical skills and network forensics skills Threat Intel background which includes and not limited to performing link analysis and attribution Threat alert response experience (incident response via a SIEM, EDR and PCAP).

Paramjot Singh Marva
Specialist-Talent Acquisition
Ampcus Inc.
14900 Conference Center Dr, Suite 500,
Chantilly, VA 20151
703-997-9540 (Direct) (
703-822-4475 Ext (1258) (V)
703-956-6996 (Fax)