Senior Threat Intel Analyst

US-Remote

Applications have closed

The Basics:

The Threat Intelligence Analyst will analyze intelligence information to derive actionable insights tied to the organization’s business objectives to enhance existing capabilities. This cross functional role will work in conjunction with multiple teams across different business units to overlay an evolving synthesis of the threat landscape to help ensure appropriate proactive and reactive countermeasures are incorporated into the organization’s services. As threats evolve, they will be expected to call teams to action to respond or mitigate imminent risks as necessary. Furthermore, candidates will work closely with Security Operations teams to enhance workflows through the incorporation of threat intelligence data. Candidates are expected to be hands-on by conducting regular threat hunting exercises and collaborating with engineers on the development and enhancement of detection and response capabilities.

Candidates must be self-motivated and results oriented. They should be comfortable with ambiguity, limited oversight, and capable of working independently and within a team setting. Candidates are expected to question the status quo to identify opportunities for continuous improvement and are enabled to take action to ensure the effectiveness of a distributed security program operating within DevOps centric workflows.

This position is available for remote workers with flexible working hours. When support for incident response is required, this role may require occasional work outside of normal business hours.

What you'll do:

  • Collaborate with security leadership to enhance the organization’s threat intelligence program
  • Maintain a synthesize of the threat landscape as it pertains to the organization’s evolving business objectives
  • Identify areas of concern that could impact the organization based on evolving threat landscape
  • Track attacker motivations, tactics, techniques, and procedures as it pertains to the organization
  • Participate in cross functional threat modeling exercises to derive proactive and reactive countermeasures
  • Work closely with security leadership to prioritize improvements based on evolving threat landscape
  • Create metrics and reports illustrating the impact of threat intelligence
  • Develop threat briefs, as needed, to security and technology leadership teams
  • Incorporate meaningful threat intelligence insights into security workflows
  • Analyze high volumes of data and distill raw data into actual threat intelligence information
  • Preform threat hunting exercises and review organizational log telemetry to identify signs compromise
  • Derive actionable intelligence through the review and trending historical organization observable
  • Develop process and procedures tied to threat intelligence activities
  • Proactively identify and address proactive and detective countermeasures
  • Develop and maintain relationship within the threat intelligence community

We’re looking for someone with:

  • Education
    • Bachelor's Degree in Computer Science, IT or other relevant degree or equivalent work experience
  • Experience
    • 5+ years in security and incident investigation
    • 3+ years in threat intelligence, risk analysis, or equivalent role
    • Proficiency in threat hunting and developing threat modeling techniques (e.g., STRIDE, DREAD, VAST, PnG)
    • Practical experience processing, analyzing, contextualizing, and making cyber threat intelligence relevant
    • Propensity for making analytical risk-based decisions and recommendations
    • Ability to convey complex information in a clear and concise manner
    • Understanding of threat landscape and the internal and external factors that impact organizational security
    • Familiarity of information security threats, motivations (including geopolitical), tactics, techniques, mitigations, and countermeasures
    • Experience deriving and implementing detective and protective countermeasures based on intelligence data
    • Proficiency with security tools and platforms (e.g., SIEMs, vulnerability scanners, and malware analyzers)
    • Familiarity with IDS/IPS systems, endpoint Antivirus, and EDR products · Familiarity with common frameworks (e.g., Mitre ATT&CK, CIS)
    • Deep knowledge of operating systems and cloud hosting providers (e.g., AWS, GCP, Azure, OCI)
    • Experience with server, workstation, and containerization platforms

About Tanium:

Tanium offers an endpoint management and security platform built for the world’s most demanding IT environments. Many of the world’s largest and most sophisticated organizations —  including nearly half of the Fortune 100, top retailers and financial institutions, and multiple branches of the U.S. Armed Forces — rely on Tanium to make confident decisions, operate efficiently, and remain resilient against disruption. Tanium has been named to the Forbes Cloud 100 list of “Top 100 Private Companies in Cloud Computing” for five consecutive years and ranks 4th on FORTUNE’s list of the “Best Workplaces in Technology 2020.” 

On a mission. Together. 

At Tanium, we are stewards of a culture that emphasizes the importance of collaboration, respect, and diversity. In our pursuit of revolutionizing the way some of the largest enterprises and governments in the world solve their most difficult IT challenges, we are strengthened by our unique perspectives and by our collective actions.   

We are an organization with stakeholders around the world and it’s imperative that the diversity of our customers and communities is reflected internally in our team members. We strive to create a diverse and inclusive environment where everyone feels they have opportunities to succeed and grow because we know that only together can we do great things. 

Taking care of our team members 

Each of our team members has 5 days set aside as volunteer time off (VTO) to contribute to the communities they live in and give back to the causes they care about most. 

Tags: AWS Azure Cloud Computer Science DevOps EDR GCP IDS Incident response IPS Malware MITRE ATT&CK Risk analysis Threat intelligence

Perks/benefits: Career development Flex hours Flex vacation

Regions: Remote/Anywhere North America
Country: United States
Job stats:  30  6  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.