Does this role sound like what you are looking for? Do you believe you would be a great fit? 

Below are the lists of tasks candidates will be able to perform, knowledge you should have, and skills & abilities that you can bring into our Security Intelligence Analyst role! 

Tasks 

• Analyze Threat Trends in order to recognize and research various threat actor groups, attack patterns, tactics, techniques and procedures (TTPs), indicators of compromise (IOCs) and attack vectors for an end-to-end understanding of threat landscape. 

• Develop your own test scenarios by performing threat hunts and offensive security tests 

• Identify control gaps that allow threats to enter our network. 

• Provide recommendations for how to improve the controls based on test scenario findings. 

• Monitor and report changes in threat dispositions, activities, tactics, capabilities, objectives, etc. as related to designated cyber operations warning problem sets. 

• Provide current intelligence support to critical internal/external stakeholders as appropriate. 

• Identify and submit intelligence requirements for the purposes of designating priority information requirements. 

• Validate the link between collection requests and critical information requirements and priority intelligence requirements of leadership. 

• Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack. 

• Provide intelligence analysis and support to designated exercises, planning activities, and time sensitive operations (including table top exercises). 

• Provide information and assessments for the purposes of informing leadership and customers; developing and refining objectives; supporting operation planning and execution; and assessing the effects of operations. 

• Provide subject-matter expertise and support to planning/developmental forums and working groups as appropriate. 

• Assess the effectiveness of collections in satisfying priority information gaps, using available capabilities and methods, and adjust collection strategies and collection requirements accordingly. 

• Engage stakeholders to understand their intelligence needs and wants to formulate intelligence requirements. 

Knowledge of/in: 

• Understanding of cloud technologies 

• Current and emerging threats/threat vectors and vulnerabilities  

• Risk/threat assessment. 

• Priority information, how it is derived, where it is published, how to access, etc. 

• Priority information requirements from subordinate, lateral and higher levels of the organization 

• How to leverage research and development centers, think tanks, academic research, and industry systems. 

• System and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code). 

• Insider Threat investigations, reporting, investigative tools and laws/regulations. 

• Laws, regulations, policies, and ethics as they relate to cybersecurity and privacy 

• Attack methods and techniques (DDoS, brute force, spoofing, etc.). 

• Cyber attack stages (e.g. reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks). 

• Network traffic analysis methods 

Skills in/to: 

• Evaluating information for reliability, validity, and relevance. 

• Use collaborative tools and environments for collection operations. 

• Associate intelligence gaps to priority information requirements and observables. 

• Identify when priority information requirements are satisfied. 

• Identifying cyber threats which may pose risk to organization and/or partner interests. 

• Provide intel as a service simultaneously to multiple customers 

Abilities to: 

• Evaluate, analyze, and synthesize information large quantities of data (which may be fragmented and contradictory) into high quality, fused targeting/intelligence gaps 

• Identify intelligence gaps. 

• Think critically. 

• Think like threat actors. 

• Utilize multiple intelligence sources across all intelligence disciplines. 

• Share meaningful insights about the context of an organization's threat environment to improve its risk management posture. 

• Function in a collaborative environment, seeking continuous consultation with other analysts and experts—both internal and external to the organization—to leverage analytical and technical expertise. 

• Develop or recommend analytic approaches or solutions to problems and situations for which information is incomplete or for which no precedent exists. 

• Coordinate, collaborate and disseminate information to subordinate, lateral and higher-level organizations. 

• Teach and mentor others in security threat intelligence. 

• Communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means. 

Additional Requirements: 

• GCTI or GCFA or CCTHP certified. 

• A sitting member of an ISAC TIC.