Threat Analyst Resume Samples
4.8
(113 votes) for
Threat Analyst Resume Samples
The Guide To Resume Tailoring
Guide the recruiter to the conclusion that you are the best candidate for the threat analyst job. It’s actually very simple. Tailor your resume by picking relevant responsibilities from the examples below and then add your accomplishments. This way, you can position yourself in the best way to get hired.
Craft your perfect resume by picking job responsibilities written by professional recruiters
Pick from the thousands of curated job responsibilities used by the leading companies
Tailor your resume & cover letter with wording that best fits for each job you apply
Resume Builder
Create a Resume in Minutes with Professional Resume Templates
CHOOSE THE BEST TEMPLATE
- Choose from 15 Leading Templates. No need to think about design details.
USE PRE-WRITTEN BULLET POINTS
- Select from thousands of pre-written bullet points.
SAVE YOUR DOCUMENTS IN PDF FILES
- Instantly download in PDF format or share a custom link.
RM
R McKenzie
Roosevelt
McKenzie
289 Ankunding Branch
Dallas
TX
+1 (555) 124 2908
289 Ankunding Branch
Dallas
TX
Phone
p
+1 (555) 124 2908
Experience
Experience
San Francisco, CA
Threat Analyst
San Francisco, CA
Howe, Becker and Schaefer
San Francisco, CA
Threat Analyst
- Knowledge of IP networking and network security including Intrusion Detection
- Provide responses and explanations to customers who request assistance through our ticketing system
- Work closely with the technology risk teams to assess risk and provide recommendations for improving our security posture
- Promotes standards-based workflow both internally and in coordinating with US-CERT
- Some Splunk query-development expertise
- Advise business partners on issues of suspicious or malicious computer network activity
- Produces high-quality papers, presentations, recommendations, and findings for senior US government intelligence and network operations officials
Chicago, IL
Insider Threat Analyst
Chicago, IL
Ratke-Jerde
Chicago, IL
Insider Threat Analyst
- Analyzes threat information from multiple sources, disciplines, and agencies across the Intelligence Community concerning foreign all-source collection capabilities and activities, i.e., human intelligence (HUMINT), signals intelligence (SIGINT), geo-spatial intelligence (GEOINT) / imagery intelligence (IMINT), and measurement & signatures intelligence (MASINT), specifically addressing foreign intelligence personalities, activities, capabilities, methods of operation/modus operandi (MO), intentions, and relationships with other intelligence services and terrorist networks
- Analyze threat intelligence (e.g. actors, tools, exploits, etc.) and determine techniques, tactics, and procedures (TTPs) of Threat Actors, including detailed technical analysis of the TTPs
- Analyze insider events/ data feeds for event detection, correlation from monitoring solutions, triage and classify the output using automated systems for further investigation
- Contribute to insider threat processes to identify and develop insider threat leads for possible referral to investigators; conduct background IT records reviews to identify past behaviors relevant to the issue under review; provide comprehensive written reports to investigators, supervisors, human resources specialists, personnel security specialists, etc
- Make recommendations to the government project leads on relevant emerging tools to leverage in support of insider threat
- Mine data for unknown linkages in existing information or maintaining integrated database tracking systems and assist in the development of leads for the insider threat program
- Analyze and provide recommendations for the integration and synchronization of insider threat functions by reviewing and providing analysis and recommendations to establish and maintain centralized monitoring, tracking and the resolution of potential threats
present
Philadelphia, PA
Threat Analyst, Senior
Philadelphia, PA
Morissette-Herzog
present
Philadelphia, PA
Threat Analyst, Senior
present
- Perform hunting for malicious activity across the network and digital assets
- Establish and maintain excellentworking relationships/partnerships with the cyber security and infrastructure support teams throughout the Information Technology organization, as well as business units
- Create and continuously improve standard operating procedures used by the SOC
- Perform hunting for maliciousactivity across the network and digital assets
- Create, manage, and dispatch incident tickets
- Establish and maintain excellent working relationships/partnerships with the cyber security and infrastructure support teams throughout the Information Technology organization, as well as business units
- Ensures all pertinent information is obtained to allow for the identification, containment, eradication, and recovery actions to occur in a time sensitive environment
Education
Education
Bachelor’s Degree in Computer Science
Bachelor’s Degree in Computer Science
Ball State University
Bachelor’s Degree in Computer Science
Skills
Skills
- Able to work either independently or as part of a multidisciplinary
- Able to coordinate, work with and gain the trust of business stakeholders, technical resources, and third-party vendors
- Able to work under pressure in time critical situations
- Able to articulate and visually present analysis results
- Strong attention to detail in conducting forensic analysis combined with an ability to accurately record full documentation in support of the investigation
- Detailed knowledge of current international best practices in the incident response arena
- Create and follow detailed technical processes and procedure documentation for time critical events and securely store and transfer evidence for legal authorities
- Ability to identify common false positives and make suggestions on tuning
- Ability to communicate effectively with business representatives in explaining impacts and strategies and where necessary, in layman's terms
- Detailed evidence report writing and legal documentation
15 Threat Analyst resume templates
Read our complete resume writing guides
1
Criminal / Threat Analyst Resume Examples & Samples
- 5+ years of experience with law enforcement in a military, local, state, or federal organization
- Knowledge of a variety of the field's concepts, practices, and procedures, including link analysis
- Ability to rapidly assimilate emerging analytical software tools
- 12 years of experience in a related professional work environment
- Experience in the military at the service component or higher level
- Ability to demonstrated initiative and work with little or no supervision
- Ability to lead and direct the work of others
- BA or BS degree preferred; MA or MS degree a plus
2
Threat Analyst Resume Examples & Samples
- At least 2 years experience in Managing IDPS devices and analyze security threats
- At least 2 years experience in TCP/IP networking and routing fundamentals
- At least 1 year experience in Developing the ability to work in a strictly regulated and time critical environment
- French: Intermediate
- Dutch: Intermediate
3
Threat Analyst Resume Examples & Samples
- Assess security incidents quickly and effectively and communicate a course of action to respond to the security incident while mitigating risk and limiting the operational and reputational impact to JPMorgan Chase & Co
- Manage follow-the-sun coverage in conjunction with other members of the CSIRT Team to respond to computer security incidents
- Identify both tactical and strategic solutions to contain and mitigate security events
- Respond to computer security incidents by collecting, analyzing and preserving digital evidence
- Assemble and coordinate with technical teams and third-party vendors to resolve incidents as quickly and efficiently as possible
- Ensure that all incidents are recorded and tracked to meet audit and legal requirements
- Oversee and conduct root cause analysis to identify gaps and recommendations ultimately remediating risks to the firm
- Partner with all JPMC business lines to mitigate and contain computer intrusions, DoS attacks, social engineering and electronic loss of data
- Advise business partners on issues of suspicious or malicious computer network activity
- Work closely with the technology risk teams to assess risk and provide recommendations for improving our security posture
- Collaborate closely with the Cyber Intelligence and Cyber Investigations teams
- 7+ year's industry experience in a large, mission-critical environment
- 4+ year's incident response experience
- 4+ years managing Geographically dispersed IT Staff
- In-depth knowledge of network intrusion methods, network containment and segregation techniques
- In-depth knowledge of operating systems (Windows & UNIX, Mac OS X a plus)
- Expert understanding of TCP/IP networking, routing protocols and full packet capture analysis
- In-depth network security expertise including firewall, IDS and IPS
- Experience with application security and penetration testing frameworks
- Experience with incident response management frameworks and threat information exchange
- Knowledge of enterprise systems and infrastructure
- Proficiency in malware triage via behavioral and code analysis
- Proven understanding of log parsing and analysis
- Shell, Perl, Python scripting knowledge
- Knowledge of and experience digital forensics tools and procedures supporting incident response
- Experience with open source and commercial investigation tools a plus, examples: Encase, Splunk, Snort, Wireshark, SluethKit, Security Onion, Suricata, Nessus, Metasploit, Kali Linux, Bro-IDS etc…
- Able to work either independently or as part of a multidisciplinary
- Able to coordinate, work with and gain the trust of business stakeholders, technical resources, and third-party vendors
- Able to articulate and visually present analysis results
- Detailed knowledge of current international best practices in the incident response arena
- Create and follow detailed technical processes and procedure documentation for time critical events and securely store and transfer evidence for legal authorities
- Provide risk mitigation and remediation recommendations to technical and business customers
- Ability to communicate effectively with business representatives in explaining impacts and strategies and where necessary, in layman's terms
- Detailed evidence report writing and legal documentation
4
Senior Threat Analyst Resume Examples & Samples
- Have a strong understanding of increasingly sophisticated cyber attacks, hacking techniques and associated defensive techniques
- Be informed and can provide subject matter expertise regarding recent hacks / exploits – especially against web applications, databases and common desktop tools
- Develop strong collaborative relationships with members of the Intelligence Community and payment card supply chain subject matter experts
- Possess moderate to strong technical security skills with hands-on experience
- 5 to 8 years of experience in the Information Security industry, preferably with a concentrated focus on Threat and Risk Analysis or Security Monitoring using SIEM, IDS/IPS, Malware Analysis tools, etc
- Excellent written and verbal communication skills, interpersonal and presentation skills and the proven ability to influence and communicate effectively. Web development skills a plus
- Able to draft, interpret and communicate policies, procedures, technical requirements and corporate communications for internal and external clients
- Technical-related certifications a plus
- Fluency in a foreign language a strong plus, especially Mandarin Chinese
5
Insider Threat Analyst Resume Examples & Samples
- Support the development of new data analytics techniques
- Analyze threat intelligence (e.g. actors, tools, exploits, etc.) and determine techniques, tactics, and procedures (TTPs) of Threat Actors, including detailed technical analysis of the TTPs
- Analyze insider events/ data feeds for event detection, correlation from monitoring solutions, triage and classify the output using automated systems for further investigation
- Translate analytical findings into security ‘use cases’ that can be implemented within available surveillance capabilities
- Recommend changes to Security Information and Event Management (SIEM) policies, filters and rules to improve event analysis
- Assist in managing the requirements for surveillance reports and interfaces with the services providers to enrich hunting efforts
- Recommend improvements and assist in the setup of surveillance, processes, protocols, skills and tools
- Review available surveillance data to further develop and improve the threat scenario’s and use cases
- Analyze and report on threats based on surveillance and intelligence data both internally and externally generated
- Establish a strong working relationship with stakeholders, working across multiple lines of business and service providers to pull together actionable information
- Minimum 5-7 years of overall cybersecurity operations or investigations experience, preferably within financial services
- Detailed knowledge and experience in threat analysis and forensic investigations
- Significant experience analyzing data for Indication of Compromise – IOC, Empirical analysis for trends of compromise, and using threat/vulnerability information to formulate direction on analysis activities that a monitoring function may take
- Significant experience with Perl, R, Python, and the use of regular expressions
- Significant experience with event correlation and big data analytical tools (Splunk, Aster, Hadoop, etc.)
- Creative mindset and proven ability to think as an attacker and to translate this into threat scenario’s and use cases (evidence based analytical ability and attention to detail) to search for evidence of compromise
- A successful candidate will demonstrate an ability to balance the hands-on and very technical cybersecurity role with good communication & relationship skills to ensure technical issues can be translated into business terms for appropriate decision making
- Ability to train and/or is willing to share knowledge and experience within and outside of the Insider Threat Cyber Unit
- Certifications: GIAC Certified Forensic Analyst (GCFA), GIAC Certified Forensic Examiner (GCFE), GIAC Certified Intrusion Analyst (GCIA), CISSP
- Strong working knowledge of system and application logging
- Experience with a visualization software (Tableau, OBIEE, QlikView)
6
Advanced Threat Analyst Resume Examples & Samples
- Network Analysis (Forensics, Malware, static analysis of captured files, etc.)
- SIEM experience (User investigations)
- Knowledge of different threat actor groups
- Previous utilisation of threat intelligence sources
- Experience developing in-depth technical investigations
- Experience with Forensic tools (enCase, MIR, Crowdstrike etc.)
- Big Data analytics (Spunk)
- Scripting/software development
- Knowledge of Intrusion analysis models (Cyber KIill Chain etc.)
7
Senior Insider Threat Analyst Resume Examples & Samples
- Supports the Insider Threat Program on a day-to-day basis to help ensure successful delivery of program objectives through adherence to standards, processes and tools; supporting the identification and management of risks and issues; facilitation of and participation in key meetings, engagement of stakeholders, and on-time completion of deliverables to meet customer expectations
- Provides weekly reporting processes and monthly program reviews, including analysis of project dashboards, metrics, and materials
- Supports the program with communications guidance and assistance to between GIS teams. Undertaking analysis of project plan, identification of areas for enforcement of risk and issue management
- Create and maintain program level material including DMRs (Detailed Milestone Reports), Program Plans, Gantt Charts, Charters, status reports and Program related PowerPoint presentations
- Attend internal team meetings and participate in generation of work stream deliverables, as needed
- Create communications materials including, but not limited to, newsletters, training materials, business requirements documents and awareness PPT presentations
- 8 years’ work experience in Information Security, Risk Management and/or Compliance
- 5 years experience in a senior analyst role for Information Security projects, including cyber security systems
8
CIC Threat Analyst Resume Examples & Samples
- It is essential to perform Threat Intelligence follow-up and perform Alerting on a daily basis
- As a part of the daily work, it is essential to regularly open / update / follow-up threat tickets and liaise with connected teams
- Conduct research and write papers based on the identification of trends, up-an-coming threats, and tailor products to intended customers
- Initiate and participate in host-nation cyber threat intelligence exchanges with private industry financial sector peers, law enforcement personnel, when applicable, and with other Citi lines of business
- Interact daily with the Citi CIC and Cyber Security Fusion Center staff members
- Should possess a basic understanding of the cyber threat Kill Chain methodology to ascertain the impact of an attack and develop threat trends to assist the mitigation work centers and personnel in developing mitigation techniques and countermeasures which can prevent or lessen the effects of future cyber attacks
- Participate in conference calls with third party intelligence providers to review cyber threat deliverables, intelligence gap support requests, guide analytic discussions and nominate topics to be covered during the calls
- Develops, fosters, and furthers relationships with personnel at other financial institutions, government agencies, and other appropriate organizations
- At least completed BSc education in one of the following areas: (cyber) threat / defense / military / intelligence
- 2+ years working in a (cyber) threat / defense / military / intelligence related job function
- Should be familiar with a variety of structured analytic techniques to generate and test a hypothesis, assess cause and effect, challenge analysis, and support decision making. Examples of these techniques include, but are not limited to
9
Cybersecurity Threat Analyst Resume Examples & Samples
- Apply analytical methods to collect, analyze and log various types of network and system data
- Perform network security analysis to discover, handle, and mitigate network intrusions
- Assist in the design of research experiments
- Apply knowledge in networking and cybersecurity to meet emerging needs and challenges
- Work collaboratively with a team on assigned projects to meet deadlines and deliverables
- Bachelor’s degree in Computer Science or related discipline, or 7 years’ of relevant work experience
- 3 years experience in cybersecurity threat analysis
- Ability to obtain and maintain an active clearance
- DoD 8570 compliant certifications or the ability to obtain necessary certifications prior to hire date
- Understanding and proficiency in Linux
- Experience writing scripts and software programs
- Understanding of networking concepts and technologies
- Understanding of complex and emerging topics in cyber security
- Basic systems administration skills
- Ability to adapt and respond to a rapidly changing cyber threat landscape
- Malware handling and reverse engineering experience
- Participation in cyber capture-the-flag exercises or competitions
- Experience developing in Python
- Previous interaction and collaborations with Law Enforcement
10
Senior Threat Analyst / Engineer Resume Examples & Samples
- Analyze binaries generated from various crypter
- Create signatures for generic and heuristic detection
- Perform static and dynamic analysis on different file types like Win32, Batch, VB
- Research on new methods of threat detection
- Author technical whitepapers and web articles
- Review reported leads for threat information and situational awareness to determine severity and escalation
- Stay current on industry trends, mitigation techniques, technologies and emerging threats
11
Threat Analyst, Senior Resume Examples & Samples
- Bachelor's degree in Computer Science or related field, or equivalent work experience
- Formal IT Security/Network Certification such as CompTIA Security +, Cisco CCNA, SANS GIAC Certified Intrusion Analyst (GCIA) or ability to obtain via self-study within one year of hire date
- 6 years of Information Technology experience, with at least 4 years of experience in information security working within security operations, security intelligence or equivalent functions
- Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC) experience
- Deep knowledge of log, network, and system forensic investigation techniques
- Deep knowledge of diverse operating systems, networking protocols, and systems administration
- Deep knowledge of common indicators of compromise and of methods for detecting these incidents
- Deep knowledge of OS management and Network Devices
- Deep knowledge of Intrusion Detection/Prevention Systems
- Significant experience monitoring threats via a SIEM console
- Significant experience performing analysis of log files from a variety of sources, to include individual host logs, network traffic logs, firewall logs, or intrusion prevention logs
- Excellent problem solving, critical thinking, and analytical skills - ability to de-construct problems
- Significant experience with packet analysis (Wireshark) and Malware analysis preferred
- IBM QRadar and Dell SecureWorks experience preferred
- Reverse engineering skills
- Perform detailed investigation and response activities for potential security incidents
- Create and continuously improve standard operating procedures used by the SOC
- Monitor external event sources for security intelligence and actionable incidents
- Write technical articles for knowledge sharing
12
Threat Analyst / Incident Responder Resume Examples & Samples
- Aid in and participate in daily, weekly, quarterly, and yearly production reporting for internal teams
- Work with various intelligence collection and reporting tools and frameworks to produce reports
- Research and analyze content from unindexed areas of the internet
- Write tactical and strategic assessments under deadlines
- Develop trend reports in cyber intelligence collection including dynamic cyber capabilities of foreign and domestic actors – both national and sub-national
- Conduct time-sensitive, actionable intelligence and apply it for continued analysis and collection
- Directly interacting with the public and private sector Intelligence Community to support cyber security operations
- Ability to assess cyber intelligence threat assessment programs in the private sector and develop best analytic practices
- Three or more years of experience in an intelligence analyst role with an emphasis on collection and threat assessment and/or two or more years of direct Cyber Threat Analysis are desired
- Two or more years in a security role with strong working knowledge and understanding of cyber security, frameworks, incident management and cyber security operations
- Develop and maintain cyber intelligence liaison contacts in the public and private cyber intelligence community in the interest of informing Senior Leadership of cyber intelligence threats that may undermine the safe and secure operations of the LVSC enterprise network
- Develops cyber intelligence threat assessment products that support predictive analytics to secure the LVSC enterprise
- Versed on network-borne attack vectors and feasible mitigating controls
- Professional presence to communicate the business impact a cyber threat poses to the reputation and brand of the Sands Corporation
- Subject Matter Expert on Advanced Persistent Threat actors and methods
- Strong leadership skills, problem solving, logical thought processes and analytical abilities
- Maintain a professional, neat and well-groomed appearance adhering to Company appearance standards
13
Sociocultural Threat Analyst Resume Examples & Samples
- 5+ years of experience with sociocultural expertise, including with military forces
- 5+ years of experience with demonstrated analytical skills at the strategic or operational level
- Experience with identity studies, including anthropology, sociology, or political science or development economics
- Ability to travel within Europe and the United States, as necessary
- Ability to be a highly flexible self-starter capable of operating in a high-tempo environment
- BA or BS degree in Social Science
- Experience with supporting military forces
- Experience with integrated Joint technical operations
- Experience with intelligence or operations with Combatant Commands (COCOMs)
14
Cybersecurity Threat Analyst Resume Examples & Samples
- 4+ years of experience with performing as an analyst in a Cyber or information security role
- Knowledge of Cyber or information security technologies
- Knowledge of Federal and DoD computer security directives and commercial best practices
- Ability to collect, correlate, analyze, and report Cybersecurity events
- DoD 8570 IAT Level II, CND A, and CND IR Certifications required
- Experience with government intelligence community
- Experience with working as part of a collaborative or virtual team involved in the collection, correlation, analysis, and reporting of security events
- DoD 8570 IAT Level III Certification
15
Threat Analyst Resume Examples & Samples
- Experience and/or familiarity with Secure Technical Implementation Guides (STIGs), Information Assurance Vulnerability Alert (IAVA), Federal Information Security Management Act (FISMA) and other tools using industry best practices
- Strong understanding of computer science fundamentals, specifically networking, databases and tool development
- Strong understanding of security operations: perimeter defense, forensics, incident response, kill chain analysis, risk assessment and security metrics
- Secret security clearance required
- DoD 8570.1-M Compliance at IAT Level II required
- HBSS Administrator Certification required
16
Threat Analyst Resume Examples & Samples
- A Bachelor’s Degree in a related technical field and a minimum of 5 years related technical experience required
- Active Top Secret Security Clearance with SCI eligibility is required. In addition, selected candidate must be able to obtain and maintain a favorably adjudicated DHS background investigation for continued employment
- Minimum of 5 years Threat Analysis experience required
- Ability to understand and learn technical specifications, system requirements and other application design information as needed
- Basic understanding of Network Administration and Network Security is required
- Active EOD
- Ability to produce results in a fast-paced environment with the ability to meet iterative deadlines
- Previous experience providing on-site consulting support for a technical project, preferably with a federal customer
17
Insider Threat Analyst Resume Examples & Samples
- Support the insider threat program through the technical analysis of the data network and user activity to identify indicators of insider threats
- Mine data for unknown linkages in existing information or maintaining integrated database tracking systems and assist in the development of leads for the insider threat program
- Analyze and provide recommendations for the integration and synchronization of insider threat functions by reviewing and providing analysis and recommendations to establish and maintain centralized monitoring, tracking and the resolution of potential threats
- Provide intelligence and threat analysis of the information that is tailored to the customer's requirements
- Perform research and develop documents, summaries, reports, and presentations. Brief key personnel on related intelligence issues
- Requires Bachelor's degree or equivalent, and four or more years of related experience including comprehensive knowledge of intelligence and or counterintelligence, or 6-9 years of experience in lieu of degree
- The Insider Threat Analyst requires relevant analyst, risk management, or program security experience. The analyst must possess demonstrated successful experience in support of DoD or IC Insider Threat programs and shall possess subject matter expertise with regards to Executive Order (E.O.) 13587, the DNI’s National Counterintelligence and Security Center Insider Threat Task Force Standards, and DoD regulations/guidance regarding Insider Threat
- Experience with the modus operandi of foreign intelligence entities, international threat organizations, and associated Cyber capabilities and operations
- Knowledge of intelligence community roles, responsibilities, organizations, and capabilities in the DoD CI and HUMINT communities
- Credentialed from a recognized CI training school desired
18
Threat Analyst Resume Examples & Samples
- Timely and effective threat analysis and geo-tailored mission data set (MDS) support and will also provide intelligence data and threat information for ASE and Electronic Warfare systems
- Analyze and interpret EWIR database and translating to Threat Analysis Specification (TAS) to support Mission Data Set development for the AN/APR-39 and AN/APR-48 family system
- Perform independent reviews of intelligence briefings, reports and information/issue papers produced by Service Production Center
- Analyze the Order of Battle (OOB) and extracting weapon systems and emitters information from the OOB to create Threat Coordination Package (TCP)
- Analyze and review test sheets and ensuring the outcome of the test results match the system threat requirements from the TAS
- Create MDS Aviator Product documentations for the aircrew
- BS or higher degree in Computer Science, Electrical Engineering, or Computer Engineering or an equivalent technical discipline is required
- Candidate must be a US Citizen with an active DOD Secret Security Clearance
- A minimum of 5 years experience with Electronic Warfare Integrated Reprogramming (EWIR) database
- Experience and knowledge of US Army Aircraft Survivability Equipment (ASE) RF systems
- Knowledge in intelligence data such as EWIR, CED, ELINT, and AFTTP
- Use and knowledgeable of all Orders of Battle
- Able to travel in support of mission requirements
- Understand RF simulations and modeling
- Experience with Aircraft Survivability Equipment and/or Electronic Warfare systems
- Understand the ASE systems, capabilities and limitations
- Prior experience with the software engineering life-cycle development process
- Ability to independently conduct research and gather information related to threats and intelligence data
19
Threat Analyst / APT Overnight Resume Examples & Samples
- Participates in a teamof Security operations engineers investigating alerts, anomalies, errors,intrusions, malware, etc. to identify the responsible, determine remediation,and recommend security improvements
- Follows preciseanalytical paths to determine the nature and extent of problems being reportedby tools, e-mails, etc
- Follows strictguidance on reporting requirements
- Keeps managementinformed with precise, unvarnished information about security posture andevents
- Promotesstandards-based workflow both internally and in coordinating with US-CERT
- Engages with otherinternal and external parties to get and share information to improve processesand security posture
- Supervises and guideteam efforts- Communicates to CISO leadership
- Produces designdocumentation
- Leadsanalyzing/investigating reports or anomalies
- 6+ years of relevantwork experience
- Knowledge ofnetworking protocols and security implications
- Knowledge of IPnetworking and network security including Intrusion Detection
- Ensuring firewallsecurity standards are met
- Extensive Windows,Linux, Database, Application, Web server, etc. log analysis
- Trouble ticketgeneration and processing experience
- Extensive experiencetroubleshooting security reports on Linux, Windows, routers, firewalls,applications, etc
- Experience scriptingwith PowerShell, bash/ksh/sh, Cisco IOS.sh, JunOS sh/csh, Perl, Tcl, Lua
- Some programmingexperience with C, C++, C#, Python, HTML, JavaScript, .NET
- Familiarity withcommon network vulnerability/penetration testing tools including, but notlimited to, Metasploit, vulnerability scanners, Kali Linux, and Nmap
- Some experience withsystem hardening guidance and tools
- Security documentationexperience (DIACAP/RMF)
- Some Splunkquery-development expertise
- Experience on anIncident Response team performing Tier I/II initial incident triage
- Experience guidingjunior analysts
- Experience guidingjunior Security operations teams in incident response
- Strong verbal/writtencommunication and interpersonal skills to effectively communicate findings,escalate critical incidents, and interact with Sec Ops leadership
- Must be highlymotivated with the ability to self-start, prioritize, multi-task and work in ateam setting
20
Maritime Counter Threat Analyst Resume Examples & Samples
- 6+ years' of analytical experience, including some support to SOF
- 4+ years' experience in support of Civil Maritime missions
- Ability to foster excellent working relationships with others
- Current US passport and ability to travel throughout Europe and the US, as necessary
- Experience working in Naval Special Warfare
21
Threat Intelligence / Threat Analyst Resume Examples & Samples
- Leverage knowledge of vulnerabilities, exploits, and malware to research, document, and update client- and internal stakeholder-facing threat information deliverables
- Understand the countermeasure creation process and be able to draw conclusions into a well-formatted technical write-up based on existing signatures
- Participate in peer review of day-to-day quality of work for other Threat Analysts
- Effectively communicate subject matter expertise for curated threat content to the CTU research and CTOC operation teams
- Contribute to the identification of process inefficiencies and improvement of threat intelligence services, methodologies, or proprietary tools through short- to moderate-term projects
22
Threat Analyst, Senior Resume Examples & Samples
- 6+ years of experience with software development, enterprise architecture, statistical modeling, and data modeling
- 2+ years of experience in threat detection, threat ranking, algorithm design, analytic implementation, or similar threat discovery
- 1+ years of experience with technical leadership and people management and with defining, refining, and iteratively expanding analysis and presentation requirements for an engineering team
- Experience with authoring white papers or user training guides and defining and communicating multi-period engineering visions and strategic goals
- Experience with DoD networks and DoD theater network operations (NETOPS) centers
- Knowledge of intelligence analytical methods and sources
- Ability to integrate Cybersecurity-related data from host or network audits, central analysis, and other related sources into investigative or analytical products and perform event analysis by examining network traffic data, host sensor data, and boundary or security sensor data
- BA or BS degree in CS, Statistics, Engineering, or MIS
- IAT Level II Certification, including Security+ CE, GSEC, CCNA-Security, or SSCP
- 2-4 years of experience as a DoDIN analyst or other network analyst tasked with monitoring, threat discovery, or forensic response to incidents
- 1-3 years of experience with developing an analytic program and capabilities within the DoD or intelligence agencies
- Experience with performing in big data or analytics engineering on large scale data sets
- Experience in user behavioral activity (UBA) with tools, including Splunk UBA or Caspida, Interset, ExaBeam, Securonix, Niara, Gurucul, or ArcSight UBA
- Experience with assessing network sensor feeds, including data loss prevention (DLP), host intrusion prevention (HIPS), or network intrusion detection (IDS) from any of the major vendors
- Experience with advanced user activity monitoring (UAM) sensors output for threat discovery, data synthesis, and risk ranking
- Experience with Hadoop or HDFS implementation and management, Accumulo analysis implementation and data layer security, Elasticsearch, LogStash, and Kibana (ELK), or other open source big data analytic capabilities, such as Apache Metron
- Experience in interpreting DoD and federal government policies and released laws influencing the rules around computer network defense, defensive Cyber operations, and threat detection, mitigation, and response
- Knowledge of response and escalation workflows for analysts to interpret threats discovered
- MA or MS degree in CS, Math, Statistics, Engineering, or MIS
23
Advanced Threat Analyst Resume Examples & Samples
- Network Analysis; Host Forensics Analysis; Malware Analysis (Static Analysis of captured files, Dynamic Analysis of captured files, Reverse Engineering)
- SIEM Experience; User investigations; Incident Response experience
- Knowledge of different threat actor groups and their characteristics
- Experience of utilising threat intelligence sources
- Experience of developing in-depth technical investigations
- Experience with Forensics tools (enCase, MIR, Bit9/CarbonBlack, RSA ECAT, Crowdstrike); Experience with Network sensors (Fireye, Cisco, Fortinet, TrendMicro)
- Splunk experience or experience using other big data analysis platforms and the development of advanced queries used to interrogate big data sources
- Scripting/Software development skills and experience
- Has a working understanding of common Intrusion Analysis models (e.g. Cyber Kill Chain®) and can apply them to enhance their analysis or reporting
24
Cybersecurity Threat Analyst Resume Examples & Samples
- 10+ years of experience in an IT or IA related field
- 10+ years of experience with information assurance and Cybersecurity practices
- 5+ years of experience with DoD
- 3+ years of experience with User Activity Monitoring
- Experience with Microsoft Word and Excel
- Experience with briefing clients and team members on technical, policy, and functional issues
- Ability to work with a diverse team and other DoD contractors in a fast-paced environment
- Experience with supporting an OSD-level organization
- Knowledge of NIST 800 series publications
- Possession of excellent organization skills
25
Risk & Threat Analyst Internship / Co-op Resume Examples & Samples
- Fast Learner.Master multiple information streams and technical disciplines. You’ll fuse open source research, social media monitoring, technical tools, internal data, and geopolitical events to develop original assessments driving physical security mitigation measures and supporting cross-business insights
- Communications. Produce well-written, accurate, concise, and objective written reports. Deliver impactful presentations to ensure the team is an authoritative voice within the security organization
- Academic Focus. Pursuing a degree in international relations, security studies, political science, areas studies, or a related field
- High interpersonal skill. Interface with security counterparts, build strong rapport and constantly improve your support. Work with geographically dispersed team and stakeholder base; fearlessly support and defend your findings
- Team Player. You believe that you can achieve more on a team — that the whole is greater than the sum of its parts. You rely on others’ candid feedback for continuous improvement
- Fearlessness. You think a working proof-of-concept is the best way to make a point. You strive on proving that speed and quality are not conflicting; that you can achieve both at the same time
- Hustle. Tenaciously pursue threats to the business. Research and analyze complex information from a variety of sources, often under time constraints, and beat deadlines. Find efficiencies in research techniques and tools; develop new capabilities and processes for scalable solutions. Actively monitor potential threats and possible disruptions to the business with an unblinking eye
- Previous research experience (qualitative or quantitative)
- Intestigative curiosity
- Experience with or interest in social media applications to surface timely information in the event of a crisis or disaster
26
Threat Analyst Resume Examples & Samples
- Follows precise analytical paths to determine the nature and extent of problems being reported by tools, e-mails, etc
- Follows strict guidance on reporting requirements
- Keeps management informed with precise, unvarnished information about security posture and events
- Engages with other internal and external parties to get and share information to improve processes and security posture Supervises and guide team efforts
- Communicates to CISO leadership
- Produces design documentation
- Knowledge of networking protocols and security implications
- Knowledge of IP networking and network security including Intrusion Detection
- Ensuring firewall security standards are met
- Extensive Windows, Linux, Database, Application, Web server, etc. log analysis
- Trouble ticket generation and processing experience
- Extensive experience troubleshooting security reports on Linux, Windows, routers, firewalls, applications, etc
- Security documentation experience (DIACAP/RMF)
- Some Splunk query-development expertise
27
Advanced Persistent Threat Analyst Resume Examples & Samples
- Experience with tracking Advanced Persistent Threats (APT) and threat operations
- Experience in an intelligence-focused operational environment, including defense, national security, or law enforcement
- Experience with performing analysis of security event logs, malware, intelligence reports, forensics, and media analysis
- Experience with reporting and sharing threat information both internal and external
- Experience with tracking threat ops using link analysis
- Knowledge of threat operations, including identifying, preventing, detecting, containing, deterring, and resolving threat activity
- Experience in a SOC or NOC environment
- Experience with Palantir analysis tools
- Experience with providing mentorship and guidance to junior analysts
- Experience with performing technical analysis of SIEM logs, malware, and PCAP
- Experience with Splunk, Arcsight, and other SIEM tools
28
Insider Threat Analyst Resume Examples & Samples
- Analyzes threat information from multiple sources, disciplines, and agencies across the Intelligence Community concerning foreign all-source collection capabilities and activities, i.e., human intelligence (HUMINT), signals intelligence (SIGINT), geo-spatial intelligence (GEOINT) / imagery intelligence (IMINT), and measurement & signatures intelligence (MASINT), specifically addressing foreign intelligence personalities, activities, capabilities, methods of operation/modus operandi (MO), intentions, and relationships with other intelligence services and terrorist networks
- Conducts comprehensive research scouring finished intelligence products and reviewing raw intelligence (from CI, counterterrorism (CT), human, signals, geo-spatial, imagery, technical, law enforcement (LE) and open-source intelligence collection); compiles relevant data and integrates data into a coherent whole
- Produces finished intelligence which provides comprehensive assessments of threats posed by foreign entities engaging in intelligence collection, terrorist, and/or other clandestine/covert activities directed against US/DoD interests
- Identifies and evaluates assets, trends and patterns of intelligence activities of foreign intelligence and security services (FISS) and international terrorists
- Performs tailored analysis to develop comprehensive target definition of far-reaching strategic threats to support operational planning and to identify opportunities for CI action to penetrate, exploit, manipulate, neutralize or degrade intelligence activities of FISSs, international terrorists, and other threats
- Integrates large amounts of intelligence information on foreign intelligence threats into context in order to draw insights about the possible implications
- Conducts in-depth analysis of on-going foreign intelligence activities to determine the significance of information relative to intelligence already known, to identify significant facts, and draw deductions about the probable meaning of newly evaluated information
- Identifies intelligence gaps, specifies collection requirements to fill gaps in information, evaluates resulting intelligence collected in response to requirements and determines analytical approach; identifies significant CI trends and proposes new or revised analytical projects to alert decision-makers to new developments and to meet client requirements
- Prepares relevant assessments on emerging threat issues to identify gaps and seams, as well as vulnerabilities and opportunities, provides input to client decision makers on key CI analysis trends, evaluates and prioritizes threat targets, and develops actionable products to facilitate aggressive CI response
29
Insider Threat Analyst Resume Examples & Samples
- Maintains, populates, and manages intelligence records, information files, and a variety of databases
- Identifies, evaluates, and recommends solutions to complex CI issues and/or problems; devises solutions for complex situations that impact the client
- Provides team leadership to other Analyst
30
Senior Threat Analyst Resume Examples & Samples
- BA or BS degree in International Relations, Security Studies, Intelligence Studies, Political Science, Cyber Security, Information Management or related field
- Ability to produce when working independently with minimum structure and supervision
- Solid project management and small team leadership skills
- Ability to take on additional tasks as incidents arise and demand warrants
- Thorough knowledge of security practices, procedures, and capabilities in order to perform non-repetitive, analytical work, providing solutions to a wide range of difficult problems
- Thorough understanding of the Information Security Common Body of Knowledge
- Demonstrated experience with all-source information analysis
- Experience with collecting, analyzing, and interpreting qualitative and quantitative data from multiple sources
- Ability to write high-quality intelligence assessments and briefings for a senior-level audience
- Ability to discern patterns of complex threat actor behavior and communicate an understanding of current and developing cyber threats
- Exposure to and familiarity with different malware families, botnets, threats by sector, and various attack campaigns
- Experience collecting, analyzing, and validating open source intelligence
- Demonstrable prior experience publishing complex technical information security content for external consumption
- Knowledge of current hacking techniques, vulnerability disclosures, data breach incidents, and security analysis techniques
- Familiarity with link-analysis methods and software (Maltego, Palantir, Analyst Notebook)
- Ability to apply a variety of structured analytic techniques to generate and test a hypothesis, assess cause and effect, challenge analysis, and support decision making
- Experience with targeting or analysis
- Experience with Industrial Control System Security
- Experience with common host and network security tools CISSP, GCIA, GCIH, GICSP, GNFA, or GLFA
31
Insider Threat Analyst Resume Examples & Samples
- Develop IT pilots, user activity monitoring, and other IT architecture requirements, to include deployment of high-speed guard, cross domain solution and migration to the private enclave. The individual must have a strong understanding of how to configure and deploy user activity monitoring agents. They would further provide the following services
- Develop lifecycle concept, capability, policy, procedures and IT tools to stand up an IT/Audit Analysis and Reporting capability to support insider threat warning and detection
- Conduct requirements analyses, assess configuration alternatives, and conduct cost-benefit, risk, and impact analysis in support of identifying the most effective insider threat tools for DoJ across a wide range of competitors
- Conduct data analysis of insider threat auditing and monitoring software systems to detect, identify and refer threats to the appropriate entities, including reviews of data sources for a centralized analysis, reporting, and response capability
- Contribute to insider threat processes to identify and develop insider threat leads for possible referral to investigators; conduct background IT records reviews to identify past behaviors relevant to the issue under review; provide comprehensive written reports to investigators, supervisors, human resources specialists, personnel security specialists, etc
- Interface with CSS and other OCIO offices to conduct analysis of IT systems including log reviews and coordinate forensic support as needed
- Make recommendations to the government project leads on relevant emerging tools to leverage in support of insider threat
- Bachelor’s degree and 9 years of applicable experience developing lifecycle concept, capability, policy, procedures and IT tools to stand up an IT/Audit Analysis and Reporting capability to support insider threat warning and detection
- Requires a minimum of nine (9) years of experience working in an operational insider threat program for the government or industry
- 9 years IT Security experience with extensive knowledge in security regulations and security assessments having developed numerous security C&A (or SA&A) and ATO on a range of systems including classified systems
- Strong working knowledge with NIST Special Publications and the NIST SP 800-37 SA using CSAM system
- Additional education, training, and/or certifications
- An advanced degree or significant equivalent experience
32
Threat Analyst Resume Examples & Samples
- 1 year of Cyber Security
- Experience performing risk/vendor assessments or policy development
- Experience with Intrusion detection systems (IDS)
- Experience with in-plane switching (IPS)
33
Cybersecurity Threat Analyst Resume Examples & Samples
- Perform analysis to discover, handle, and mitigate network intrusions
- Work with Senior Cyber Threat Analyst to focus on Insider Threat topics
- Bachelor’s degree in Computer Science or related discipline, or 4 years’ of relevant work experience, 2 years having been spent in a cybersecurity position
- Ability to obtain and maintain an active Top Secret/SCI clearance
- Experience with Elastic Search, Logstash, and Kibana
34
Threat Analyst Resume Examples & Samples
- Conduct all-source research and intelligence analysis to baseline threats and vulnerabilities against remote sensing technologies and applications
- Evaluate current threat TTPs and COAs; recommend improvements
- Provide operational insight to procedure definition and testing
- Evaluate viability of potential mission protection technologies and concepts
- Characterize system threats over multiple operating conditions and environments
- Provide analytic insight to potential sensor degradation and mitigation approaches
- Conduct modeling and simulation exercises
- Collaborate with SETA team members, development contractors, and customer forums
- Develop customer briefings and other documents as necessary, to include: SOPs, TTPs, COAs, CONOPS, and test plans
- Conduct technical research and summarize findings
- Investigate innovative and emerging technologies to incorporate into analysis
- Refine and develop measures of effectiveness, improvements to system environments, and creation of new procedures to support all facets of testing and operations
- Conduct user outreach and research new sensor operation techniques to solve hard problems
- High school diploma or GED (Bachelor's and Master’s Degrees preferred)
- 9+ years of related experience in threat analysis and/or mission protection
- Familiarity with multiple types of remote sensing technology and threat capabilities
- Experience in mission operations environment – operations tempo, situational awareness reporting, and anomaly support
- Working proficiency using MS Office (Word, PowerPoint, Excel), MS Outlook
- TS/SCI security clearance is required (with polygraph preferred)
- ICAF*
35
Threat Analyst, Senior Resume Examples & Samples
- Network and at the boundaries. Mature to be the subject matter expert (SME) on the delivered analytic capability, performing operational demonstrations, analyst training, and supporting response and escalation workflows in the analyst community, as needed. Coordinate with senior GS
- 15+ leadership and intra
- DoD client or inter
- DoD component for requirements, analyst onboarding, and data feed aggregation. Provide documentation and leadership to an engineering team to influence future analytic development and the government off
- The
- Shelf (GOTS) anomaly detection suite roadmap
- Experience with authoring white papers or user training guides and defining and communicating multi
- Period engineering visions and strategic goals
- Ability to integrate Cybersecurity
- Related data from host or network audits, central analysis, and other related sources into investigative or analytical products and perform event analysis by examining network traffic data, host sensor data, and boundary or security sensor data
- IAT Level II Certification, including Security+ CE, GSEC, CCNA
- Security, or SSCP
- 4 years of experience as a DoDIN analyst or other network analyst tasked with monitoring, threat discovery, or forensic response to incidents
- 3 years of experience with developing an analytic program and capabilities within the DoD or intelligence agencies
36
Threat Analyst Resume Examples & Samples
- Participates in analyzing/investigating reports or anomalies
- 2+ years of relevant work experience required for salary grade E02
- 4+ years of relevant work experience required for salary grade E03
- Experience with Windows, Linux, Database, Application, Web server, etc. log analysis
- Experience troubleshooting security reports on Linux, Windows, routers, firewalls, applications, etc
37
Senior Threat Analyst Resume Examples & Samples
- Proactively research threats discovered during evaluations and provide detailed analyses of these threats to the sales team and prospective customers
- Integrate into the larger organization’s threat research processes and culture
- Stay current on the latest email and web threats and attack techniques
- Deliver ongoing training on the current threat landscape to the worldwide sales engineering team
- Work closely with Product Management and Engineering to maintain deep proficiency on Proofpoint’s advanced threat protection solutions
38
Threat Analyst Resume Examples & Samples
- Member of a creative, enthusiastic, and geographically-distributed team (in a 24/7/365 "follow the sun" model) that is responsible for identifying, parameterizing, and responding quickly to spam attacks levied against some of the world's largest organizations
- Provide responses and explanations to customers who request assistance through our ticketing system
- Analyze email messages reported by customers in order to determine correct classification (spam, threat, bulk, ham)
- Be available in an on-call basis to analyze e-mail messages to determine correct classification (spam, threat, bulk, ham)
- Perform deep analyses of spam message headers & structures to identify novel spam features, and design regular-expression (regex) based rules to detect those features
- Analyze misclassified messages (spam and legitimate) and make updates to spam definitions to correct their classifications
39
Threat Analyst / Cikr Senior Resume Examples & Samples
- Process incoming requests for information and preparing responses
- Conduct research concerning cases/incidents of interest that have a direct or indirect nexus to terrorism, police officer safety threats, threats to critical infrastructure
- Attend and participate in meetings on a regular and sometimes ad-hoc basis
- Serve as a liaison and expert advisor with mid and upper-level management within Fairfax County Police Department (host agency for the NVRIC)
- Research, synthesize, and analyze large amounts of data from diverse sources of information with a demonstrated ability to understand articulated stakeholder information needs, as well as anticipate and proactively address unarticulated information needs
- Ability to establish and maintain effective relationships with others and work effectively with minimum supervision
40
Advanced Persistent Threat Analyst Resume Examples & Samples
- Experience in an intelligence–focused operational environment, including defense, national security, or law enforcement
- Experience with reporting and sharing threat information, both internal and external
- Experience with tracking threat operations using link analysis
41
Threat Analyst, Senior Resume Examples & Samples
- Bachelor’s degree in Computer Science or related field, or equivalent work experience
- Formal IT Security/Network Certification such as CompTIA Security +, Cisco CCNA, SANS GIAC CertifiedIntrusion Analyst (GCIA) or ability to obtain via self-study within one year of hire date
- 6 years of Information Technology experience, with at least 4 years of experience in information security working within security operations, security intelligence orequivalent functions
- Deep knowledge of TCP/IP Networking and knowledgeof the OSI model
- Significant experience performing analysis of log files from a variety of sources, to include individual host logs, network traffic logs, firewall logs, or intrusion prevention logs
- Excellent problem solving, critical thinking, and analytical skills -ability to de-construct problems
- IBMQRadar and Dell SecureWorks experience preferred
- Ability to build rapport and cooperationamong teams and internal stakeholders
- Conductsanalysis using a variety of tools and data sets to identify indicators of malicious activity on the network
- Provide accurate and priority driven analysis on cyberactivity/threats
- Ensures all pertinent information is obtained to allow for theidentification, containment,
42
Threat Analyst, Expert Resume Examples & Samples
- Bachelor’s degree in Computer Science or relatedfield, or equivalent work experience
- GREM and GCFA or GCFE or GREM or GNFA or EnCE or ACE or CCE or related Degree
- 8 years of Information Technology experience, with at least 6 years of experience in information security working within incidentresponse/forensics or equivalent functions
- Previous experience withGuidance EnCase or other digital investigations tools
- Strong technical skills including malware reverse engineering, memory forensics, live response techniques, registry analysis, scripting, and other relevant technical security skills such as memoryforensics
- Experience investigating and mitigating APT style attacks
- Deep knowledge of diverse operatingsystems, networking protocols, and systems administration
- Deep knowledge of IT core infrastructure andcyber security components/devices
- Significant experience performing analysis of log files from a variety of sources, to include individual host logs, network traffic logs, firewalllogs, or intrusion prevention logs
- Significant experience with packet analysis(Wireshark) and Malware analysis preferred
- Utility Industry experience
- Experience with scriptingin Perl/Python/Ruby
- Strong sense of professionalism and ethics
- Ability to buildrapport and cooperation among teams and internal stakeholders
- Actively seeks to enhance the group through the sharing of knowledge
- Utilizes digital forensic tools including Guidance EnCase, SIFT Workstation, IEF, and Responder Pro to execute digital investigations and perform incident response activities
- Investigate and mitigate APT/nation statethreats and attacks
- Advanced computer memory analysis
- Registry analysis
- Establishes links between suspects and other violators by piecing together evidenceuncovered from a variety of sources
- Establishes and maintains defensible evidentiary process for all investigations
- Uses & maximizes relevant investigative tools, software and hardware
- Coordinates with IT to leverage skills and resources insupport of investigations
- Conducts analysis using a variety of tools and data sets to identify indicators of malicious activity on the network
- Provide accurate and priority drivenanalysis on cyber activity/threats
- Recommends implementation of counter-measures or mitigating controls
- Ensures all pertinent information is obtained toallow for the identification, containment, eradication, and recovery actions to occur in a time sensitive environment
- Collaborates with technical and threat intelligence analysts to provide indications and warnings, and contributes to predictive analysis ofmalicious activity
- Develop innovative monitoring and detection solutions using PG&E tools and other skillsets such as scripting
- Resolve or coordinate the resolution of cybersecurity events
- Participate in root cause analysis or lessons learned sessions
- Writetechnical articles for knowledge sharing
43
Insider Threat Analyst Resume Examples & Samples
- Develop an insider threat program for client organization
- Develop, execute, and maintain standard operating procedures (SOPs) for the insider threat program
- Create TTPs for identifying insider threats
- Perform gap analysis of current security tools and make recommendations to improve the enterprise security posture
- Perform technical investigations in support of Counter Intelligence in pursuing potential inside threats
- Ability to maintain an active DOD Secret clearance
- Minimum of three (3) years information assurance, incident response, or cybersecurity experience
- Intelligence analyst/community experience
- Certified Information Systems Security Professional (CISSP)
44
Threat Analyst / Incident Responder Resume Examples & Samples
- Key Performance Objectives
- Significant written and verbal communication is required for this role, including site notices, analysis reports and executive summaries of cyber threats and APT activity, and formal and informational briefings
- Proficient at analyzing and interpreting network traffic for indications of malicious activity
- Proof of authorization to work in the United States
45
Senior Threat Analyst Resume Examples & Samples
- To find unknown cyber security threats active within Shell and weaknesses in our security controls by applying data analysis techniques to large, diverse sets of internal and external data
- Analyse threat intelligence (e.g. actors, hack tools, exploits, malware, etc) using a wide variety of sources and determine impact to Shell, including detailed technical analysis and verification of the intelligence
- Translate intelligence into threat scenario’s / security use cases that can be implemented within available surveillance capabilities. Recommend changes to Splunk policies, filters and rules to improve event detection
- Review available surveillance data to further develop and improve the threat scenario’s and use cases. Use your clearance with intelligence agencies to attend classified ("secret") briefings and investigate applicability of obtained intelligence to Shell
- Ensure completeness of threat information sources used and evaluate whether additional sources must be included for daily analysis
- Setup and continuous improvement of threat intelligence processes, protocols, skills and tools
- Minimum of ten years IT security experience with deep knowledge and experience of advance analysis (e.g. malware analysis, forensic investigations, packet level analysis, indication of compromise, etc)
- Understanding of attack activities - scans, man in the middle, sniffing, (D)DoS, phishing, and abnormal activities such as worms, Trojans, viruses, privilege escalations, etc
- Experience working in a complex global environment with common security device functions and countering a variety of attack vectors
- Ability to use various security technologies for topics such as packet analysis, intrusion detection (including signature development), exploitation of vulnerabilities, searches in event data using Splunk, etc
- Knowledge of common operating systems and network device functions
- Creative mind-set and proven ability to think as a hacker and to translate this into threat scenario’s and use cases (evidence based analytical ability and attention to detail)
- Broad experience in technical IT security topics and hold certifications like: Offensive Security Certified Professional (OSCP), GIAC Certified Forensic Analyst (GCFA), GIAC Certified Reverse Engineering Malware (GREM), GIAC Certified Forensic Examiner (GCFE), GIAC Certified Intrusion Analyst (GCIA), CISSP; Broad understanding of all stages of Information Risk Management
- Excellent verbal and written communication skills and the ability to interact professionally with a diverse group: executives, managers, and subject matter experts
- Effective and persuasive in both written and oral communication in English; strong interpersonal skills, with the ability to network across boundaries
- Existing clearance with DHS/FBI or AIVD, or is willing to go through the clearance process
- Pro-active and self-starter
46
Senior Threat Analyst Resume Examples & Samples
- Triage and short-term analysis of real-time data feeds (such as system logs and alerts) for potential intrusions
- Understanding and experience with incident analysis, log analysis, how malwares function and a good understanding of adversary TTP’s
- Penetration testing activities which includes validating and prioritizing vulnerability findings
- Owning and initiating a Threat Intelligence Program and projects related to it
- Be an integral part of the Incident Response Team, contributing to the content building and contribute to any major incident response
47
Senior Insider Threat Analyst / DLP Resume Examples & Samples
- Bachelor’s degree in Computer Science or related field, or the equivalent combination of education, professional training, or work experience
- 3-5 years hands of experience in the field of information assurance, incident response, or cybersecurity
- Demonstrable experience working in an Insider Threat program
- Hands on experience with a Data Loss Prevention tool (Symantec, McAfee, etc.)
- Hands on experience with an Incident Management Tool (RSA Archer, ServiceNow)
- Ability to liaise with business and technology peers
- Certification in Security+, SANS SEC 301 or 401, or CEH
48
Threat Analyst, Senior Resume Examples & Samples
- Formal IT Security/Network Certification such as CompTIA Security +, Cisco CCNA, SANS GIAC CertifiedIntrusion Analyst (GCIA)
- Computer Incident Response Team(CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC) experience
- Deep knowledge of OS management andNetwork Devices
- Significant experience performing analysis of log files from avariety of sources, to include individual host logs, network traffic logs, firewall logs, or intrusion prevention logs
- Candidate must have familiarity with regulatory requirements, such as NERC/CIP, NIST SP 800, SOX, etc
- Experience with both desktop-based andserver-based forensics
- Respects others and demonstrates fair treatment to all
- Perform hunting for maliciousactivity across the network and digital assets
- Conducts analysis using a variety of tools and data sets to identify indicatorsof malicious activity on the network
- Ensures all pertinent information is obtained to allow for the identification, containment,
49
Cybersecurity Threat Analyst, Senior Resume Examples & Samples
- 3+ years of experience with IT Infrastructure
- 3+ years of experience with operational security, including SOC, Incident Response, Malware Analysis, and IDS/IPS Analysis
- Experience with several of the following topics: Malware analysis, APT/Crimeware ecosystems, and analysis
- Experience with exploit kits, Cyber threat intelligence, software vulnerabilities and exploitation, and data
- Experience with Snort, Bro, or other network intrusion detection tools
- Knowledge of Linux/UNIX and Windows operating systems
- Knowledge of the Splunk search language, search techniques, alerts, dashboards, and report building
- Knowledge of the TCP/IP networking stack and network technologies
- Knowledge of full packet capture PCAP analysis and accompanying tools, including Wireshark
- Knowledge of regular expression and at least one common scripting language, including PERL, Python, or Powershell
- Ability to work in a diverse global environment
- Ability to analyze malware and extract indicators
- Possession of excellent collaborative skills
- Relevant Technical Security Certifications, including GIAC, EC-Council, and Offensive Security
50
Cybersecurity Threat Analyst Resume Examples & Samples
- Demonstrated experience with Service and Joint system architectures, to include JTF, COCOM, and component level detailed knowledge
- Ability to perform Joint Staff and Combatant Command-level staff coordination
- Comprehensive knowledge of the principles, methods, processes, and applicable regulations involved in supporting military operations
- Comprehensive knowledge of relevant technology and equipment
- Bachelor’s Degree in a related technical or military discipline. MA or MS degree desired
- 5-8 years of related experience supporting military operations
- Strong military operational background and experience
- Strong communications and writing skills
- TS clearance, SCI eligibility
- DoDD 8570.01M IAT/IAM Certified
- IA System Security Engineering
- Cybersecurity Threat Analysis
- Certification and Accreditation Analysis
- IA Subject Matter Expertise
51
CI Threat Analyst Resume Examples & Samples
- Integrate Foreign Intelligence Entity-related threat assessments in support of operators, managers and planners and provide recommendations on planning issues
- Plan and advise on implementation of new ideas, procedures, processes, or methods
- Participate in working groups involving intelligence assessments and planning issues,
- Assist in planning and developing internal strategies; organize and support meetings and teams to accomplish assessment and planning tasks
- 3 years counterintelligence experience with a military or government agency
- 4 years of experience working with USSOCOM HQ, SOF components, TSOCs, or SOF units
52
Counterintelligence Threat Analyst Resume Examples & Samples
- Provide support in assessing and planning guidance, interpretation and advice for identifying CI threats to military operations
- Provide subject matter expertise in planning and coordinating intelligence planning production and implementation
- Identify strategy and recommend operational requirements for COCOM military operations to include collection capabilities, structure, manpower, communications and logistics
- Conduct studies of intelligence planning programs to evaluate effectiveness of current programs, feasibility of future programs and development of planning efforts
- Assist in briefing senior level officials concerning planning efforts; provide advice and assistance to resolve problems and develop recommendations for leadership concerning planning issues
- Three (3) years counterintelligence experience with a military or government agency
- Bachelor’s degree from an accredited university in any field
- Four (4) years of experience working with USSOCOM HQ, SOF components, TSOCs, or SOF units
- Five (5) years’ experience producing CI analytic products
- Current (within 5 years) CI Scope Polygraph
53
Threat Analyst Resume Examples & Samples
- Experience with collecting, analyzing, and interpreting qualitative and quantitative data from multiple sources for the purposes of documenting results and analyzing findings to provide meaningful products
- Ability to monitor and analyze logs and alerts from a variety of different technologies, including IDS/IPS, Firewall, Proxies, and Anti-Virus, across multiple platforms
- Ability to develop specific expertise, discern patterns of complex threat actor behavior, and communicate an understanding of current and developing Cyber threats
- Ability to leverage online research tools to identify and navigate online forums, specialized Web sites, social media, and traditional source
- Security+ and Certified Ethical Hacker (CEH) Certifications
- Experience with progressively responsible roles in Cybersecurity analysis, incident response, or related areas
- Experience with leveraging all source intelligence analysis
- Experience with HBSS, Splunk, or ArcSight
- Possession of excellent oral and written communication skills in a professional consulting environment
- BA or BS degree in Information Security, CS, or Cyber Security
54
Threat Analyst Resume Examples & Samples
- Bachelor’s degree in Engineering, Computer Science, or relevant technical field
- 10+ years of Counterintelligence experience to include the following areas
- Master’s degree in Engineering, Computer Science, or relevant technical field
- 15+ years of DoD experience
- 4+ years management experience
55
Threat Analyst, Senior Resume Examples & Samples
- Deepknowledge of TCP/IP Networking and knowledge of the OSI model
- Significant experiencemonitoring threats via a SIEM console
- Excellent problem solving,critical thinking, and analytical skills – ability to de-construct problems
- Working knowledge ofPG&E infrastructure preferred
- Reverseengineering skills
- Respects others and demonstrates fairtreatment to all
- Perform hunting for malicious activity across the network and digitalassets
- Detonate malware to assist with threatresearch
56
Threat Analyst, Senior Resume Examples & Samples
- Significant experience monitoring threats via a SIEM console
- Excellent problem solving, critical thinking, and analytical skills – ability to de-construct problems
- Experience with both desktop-based and server-basedforensics
- Respectsothers and demonstrates fair treatment to all
- Perform hunting for malicious activity acrossthe network and digital assets
- Conducts analysis using a variety of tools and data sets to identify indicators of maliciousactivity on the network
- Detonate malwareto assist with threat research
57
Threat Analyst Resume Examples & Samples
- One or more years of full-time professional experience in the Information Security field
- Experience working in a Security Operations Center (SOC), Managed Security Service (MSS), or enterprise network environment
- Excellent time management, reporting, and communication skills
- Ability to generate comprehensive written reports and recommendations
- Write professional emails
- Understanding of contemporary security architectures/devices such as firewalls, routers, switches, load balancers, remote access technologies, anti-malware, SIEM and AV
- IDS monitoring/analysis with tools such as Sourcefire and Snort
- Experience with SIEM platforms preferred (Arcsight, QRadar, Mcafee/Nitro, Splunk) a plus
- Familiarity with web based attacks and the OWASP Top 10 at a minimum
- Attack vectors and exploitation
- Mitigation
- Direct (E.g. SQL Injection) versus indirect (E.g. cross-site scripting) attacks
- Familiarity with SANS top 20 critical security controls
- Understand the foundations of enterprise Windows security including
- Windows security architecture and terminology
- Privilege escalation techniques
- Common mitigation controls and system hardening
- Anti-Virus (AV) and Host Based Intrusion Prevention (HIPS)
- Experience in monitoring at least one commercial AV solution such as (but not limited to) McAfee/Intel, Symantec, Sophos or Trend Micro
- Ability to identify common false positives and make suggestions on tuning
- Malware
- Understanding of root causes of malware and proactive mitigation
- Propagation of malware in enterprise environments
- Familiarity with web based exploit kits and the methods employed by web based exploit kits
- Familiarity with concepts associated with Advanced Persistent Threats and “targeted malware”
- Experience with malware protection tools such as FireEye a huge plus
- Understanding of malware mitigation controls in an enterprise environment
- Network Based Attacks / System Based Attacks
- Denial of Service Attacks
- HTTP Based DoS Attacks
- Network Based DoS Attacks
- Brute force attacks
- Covert channels, egress and data exfiltration techniques
- Familiarity with vulnerability scoring systems such as CVSS
- Experience working with Incident Ticketing Systems (i.e. Remedy, Service Now, Heat, etc.)
- General security knowledge (GCIA, CISSP, CCSE, CISA, HBSS, NSA, CEH, Cisco Security, Security +, OSCP or other security certifications)
- CCNA, CCDA, CCSA, CCIE, CISSP, CEH, or MCSE
58
Vulnerability & Threat Analyst Resume Examples & Samples
- Consistent implementation of security solutions at the enterprise level
- Strong understanding of security issues on both Microsoft and *NIX operating systems
- Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS)
- Requires availability to work in a 24/7 environment with overtime hours required
- Strong understanding of ethics in business and information security
- Results oriented, high energy, self-motivated and the ability to work in team environment
- Bachelors degree in Computer Science, Information Systems Management or equivalent experience
- CISSP, CEH, OSCP, or similar IT security certification
- At least 3 years experience in performing infrastructure and application level security vulnerability assessments and penetration testing
- At least 3 years of experience working with development teams that deliver enterprise level web applications
- Receipt of the appropriate government security clearance card applicable for your position
- Due to the client contract you will be assigned, this position requires you to be a U.S. citizen
- Ability to relocate to Kansas City, MO
- Experience with vulnerability assessment and exploit tools (e.g., Qualys, Nessus, Nexpose, HP Webinspect, Burpsuite Pro, Kali)
- Experience with high level programming languages (e.g., Java, C, C++, .NET (C#, VB))
- Experience with web application development (e.g., PHP, J2EE, JSP, Python, Ruby)
59
Threat Analyst, Senior Resume Examples & Samples
- Formal IT Security/Network Certification such as CompTIA Security +, Cisco CCNA, SANS GIAC Certified Intrusion Analyst (GCIA)
- 6 years ofInformation Technology experience, with at least 4 years of experience in information security working within security operations, security intelligence or equivalent functions
- Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT),Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC) experience
- Deep knowledge of TCP/IPNetworking and knowledge of the OSI model
- Significant experience monitoring threats via aSIEM console
- Excellent problem solving, critical thinking, andanalytical skills – ability to de-construct problems
- Working knowledge of PG&E infrastructurepreferred
- Methodical and detail oriented
- Respond tocomputer security incidents and conduct threat analysis
- Perform detailedinvestigation and response activities for potential security incidents
- Recommends implementation of counter-measures or mitigating controls