Cyber Threat Investigator Jobs

Knowledge of security technologies, such as, firewalls, IDS/IPS, AV, SIEM, DLP, Vulnerability Management, Web and Email Content Filtering.

This role is fully remote, offers a generous base salary & bonus plus excellent benefits.

SANS training / GIAC certifications / Offensive Security OSCP or equivalent /w enterprise mature security experience

Complete open source threat collection and analysis activities identifying indications of cyber threats, malicious code, malicious websites, and vulnerabilities.

Experience in analyzing malware, hacking tools, and threat actor tactics.

Senior Cyber Threat Analyst - Incident Response | 100% remote

Independent self-starter: Strong analytical and problem-solving skills with the ability to think critically and creatively in a fast-paced environment.

Excellent communication skills: Written and verbal, with the ability to effectively convey complex technical concepts to both technical and non-technical stakeholders.

Experience analyzing large security data sets

Experience with one or more data types (Log, PCAP, EDR, Cloud)

Experience with a broad range of best-in-class security tools that may include:

Knowledge of attacker tactics, techniques, and procedures

At least 7 years of cybersecurity, information security, or other relevant experience.

Excellent analytical, collaboration, communication, and problem-solving skills.

Experience with cloud and container environment security.

Experience delivering results working across multiple teams.

Knowledge of the threat landscape and MITRE ATT&CK.

Cloud or offensive security certifications.

Stay up to date with current adversary tactics and apply this knowledge to internal operational countermeasures.

Utilizing proven Incident Response skills including host/network forensics, log analysis, timeline correlation;

Conduct monitoring, and in some cases lead in-depth analysis of Security Operations Center (SOC) oriented alerts.

Update and maintain a repository of self created security alerting rules.

Brief peers and above on current Threat Response themes derived from the SOC.

Participate, and in some cases lead long term security operation projects with peers.

Previous Experience with SOC, Threat Hunting, Threat Intelligence, Red Team

Experience using Decoys or Honeypots (preferred but not required)

Soft skills in environment discovery and documentation

Ability to collaborate on strategic and tactical use of lures/decoy objects

Familiarity with MITRE ATT&CK and Engage

Scripting in Powershell or Python

Experiences And Skills You’ll Use To Solve

Stay up to date with current adversary tactics and apply this knowledge to internal operational countermeasures

Demonstrating foundational knowledge in computer networking, operating systems (both Windows and Unix based operating systems), and virtualization (cloud and on-premise)

Working knowledge of MITRE ATT&CK and Cyber Kill Chain frameworks

Conduct monitoring, and perform in-depth analysis of Security Operations Center (SOC) oriented alerts

Help update and maintain a repository of self created security alerting rules

2 years of experience leading investigations into and generating novel leads on espionage activity.

Experience with writing and presenting on various topics and assessments for an audience with mixed backgrounds.

Experience correlating and attributing malicious activity based on technical and geopolitical factors.

Experience tracking adversaries via network infrastructure and malicious artifacts.

Experience developing tools to uncover targeted activity leveraging large data sets.

Experience identifying and prioritizing cyber threats for investigation.