Cyber Threat Intelligence Analyst II (US Remote)
Remote, United States
Reporting to the Manager, Intelligence Analysis, the Cyber Threat Intelligence Analyst II will work alongside threat intelligence experts that are focused on tracking real-time phishing threats and malicious payloads targeting Fortune 500 companies around the globe. You will analyze complex phishing campaigns, trends, and malware to produce timely and actionable reporting for our customers with minimal supervision.
Essential Duties/Responsibilities
- Produce context-rich analyses on sophisticated phishing and malware campaigns.
- Perform analysis of malware collected from phishing campaign emails, as they emerge.
- Leverage malware analysis platforms and technologies to identify malware infrastructure and tactics.
- Contribute to the production of tactical intelligence to rapidly deliver IOCs of emerging phishing campaigns to Cofense customers.
- Clearly communicate actionable strategic intelligence to customers with minimal supervision, through written reports and verbal briefings.
- Share in a team collaborating on the research and development of analysis techniques for malware varieties encountered in the wild.
- Identify new TTPs used by cyber threat actors in phishing attacks.
- Produce in-depth strategic reporting on attacker trends with minimal supervision.
- Foster collaboration with members of other organizations performing threat research, as well as other teams within Cofense.
- Document analytic processes and maintain evolving profiles of malware and threat actor tactics, techniques and procedures (TTPs).
- Maintain understanding of major APT and cybercrime threats identified by the intelligence community.
- Other duties as assigned.
Knowledge, Skills and Abilities Required
- Strong written and verbal communication skills; can write analytic assessments with minimal editing required.
- Excellent critical thinking skills.
- Extensive familiarity with email protocols, headers, and formats.
- Strong proficiency with packet capture and investigation software, e.g. Wireshark, HTTP debuggers, DNS query interception utilities.
- Significant ability to use and modify command line script applications and utilities.
- Substantial understanding of the nature of malicious software, and ability to extract IOCs from samples of known malware families.
- Knowledge of the MITRE Att&ck framework, as well as the intelligence life cycle.
- Ability to conduct open-source research on emerging phishing TTPs.
- Collaborative disposition and willingness to contribute to team-oriented goals.
Preferred Education and/or Experience:
- Proficiency and experience using one or more common programming languages (Python, Javascript, etc) to automate analytic tasks and processes, strongly preferred.
- Bachelor’s or Master’s degree in a related field such as Computer Science, Software Engineering preferred, Computer Forensics, or Criminal Justice, preferred but not required.
- Experience with debuggers and de-compilers strongly preferred.
- At least two years of experience in malware analysis and intelligence analysis, strongly preferred.
- Some experience with data analysis and visualization, specifically in the use of Kibana and Maltego (SQL, Splunk, I2 Analyst Notebook, and other experience also appreciated), preferred.
- Prior experience in all source analysis preferred.
- Disclaimer-
The above statements are neither intended to be an all-inclusive list of the duties and responsibilities of the job described, nor are they intended to be a listing of all of the skills and abilities required to do the job. Rather, they are intended only to describe the general nature of the job. This job description is not a contract of employment, either express or implied. Employment with Cofense will be voluntarily entered into and your employment is considered at will. Cofense reserves the right to alter the job description at any time without notice.
Cofense is committed to equal employment opportunity. We will not discriminate against employees or applicants for employment on any legally recognized basis [protected class] including, but not limited to: veteran status, uniform service member status, race, color, religion, sex (including pregnancy), gender identity, sexual orientation, national origin, age, physical or mental disability, marital status, genetic information or any other status or characteristic protected by applicable national, federal, state or local laws and ordinances. We adhere to these commitments in all aspects of employment, including recruitment, hiring, training, compensation, promotion, benefits, and discipline.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: APT Compilers Computer Science Cyber crime DNS Forensics JavaScript Malware MITRE ATT&CK Python Splunk SQL Threat intelligence Threat Research TTPs
Perks/benefits: Gear
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Product Security Engineer jobs
- Open Senior Cybersecurity Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cloud Security Architect jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Senior Network Security Engineer jobs
- Open Senior Product Security Engineer jobs
- Open Security Specialist jobs
- Open Cyber Security Architect jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Information System Security Officer jobs
- Open Security Consultant jobs
- Open Information Systems Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Information Security Architect jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Security Architect jobs
- Open CISA-related jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open Analytics-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open GCP-related jobs
- Open ISO 27001-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open DoD-related jobs
- Open DevOps-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Vulnerability management-related jobs
- Open Security Clearance-related jobs
- Open Kubernetes-related jobs
- Open CEH-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Security assessment-related jobs
- Open SQL-related jobs
- Open PowerShell-related jobs