Remoote.app

Work from anywhere. Start here.

Free resume builderCompaniesLog in
Apply

Principal Threat Analyst | USA, Remote

Posted 1 day agoViewed

View full description

💎 Seniority level: Principal, 6+ years

📍 Location: United States, EST

💸 Salary: 116600.0 - 159900.0 USD per year

🔍 Industry: Cyber Security

🏢 Company: Optiv_Careers

🗣️ Languages: English

⏳ Experience: 6+ years

🪄 Skills: AWSCloud ComputingCybersecurityData AnalysisGCPTableauAzureData visualizationScripting

Requirements:
  • 6+ years operational experience assessing, reviewing, and remediating infrastructure vulnerabilities, CVE’s, and risks
  • Knowledge of third-party software vulnerabilities, security threat landscape, especially network and server threats
  • Knowledge of cyber security threats and risks, vendor computing environments, basic systems, and network technologies
  • Experience with and understanding of CVE’s and CVSS scores
  • Knowledge of compensating controls and mitigating factors
  • Knowledge of Information Security frameworks, guidelines, and standard methodologies
  • Knowledge of the Windows and / or Linux operating systems
  • Knowledge and understanding of Cybersecurity controls and logging and monitoring tools
  • Expertly interact with all levels of personnel
  • Excellent verbal and written communication skills
  • Strong in problem solving and analytical skills
  • Ability to work on multiple projects by prioritizing and results oriented approach
  • Good teammate with flexibility required for support operations
  • Be well versed in the cyber threat landscape; have an advanced understanding and knowledge of what tactics and techniques are being used by adversaries; have an advanced understand and knowledge of what security controls and/or telemetry data is available to detect these tactics and techniques; and be familiar with cyber security incident response terminology, processes, and techniques
  • Moderate to complex investigations (multiple tools) including endpoint, UEBA, public cloud, SAAS and packet analysis
  • Security use case design recommendations for threat detection
  • Threat response activities such as quarantining host and other common response playbook activities
  • Proactive threat hunting using multiple client tools
  • Process development and documentation
  • Application of threat intelligence to improve detection and response capabilities
  • Extensive experience with the MITRE @ttack framework and associated tactics
  • Extensive alert triage and endpoint investigations using technologies such as EDR
  • Phishing analysis
  • Malware analysis (does not include reverse engineering)
  • MITRE attack framework expertise and understanding of common attack tactics used by threat actors
  • Provide recommendations on tuning of security detection platforms and use cases to improve accuracy of detection
  • Knowledge AWS, Azure, GCP cloud service technology
  • Basic fraud and insider threat specific investigation skills
  • Knowledge of metrics and reporting with the use of data visualization tools such as Tableau
  • Demonstrable data analytics skills
  • Must have a passion for data analysis
Responsibilities:
  • Operate independently in a geographically dispersed team, while maintaining situational awareness and keeping the team up to date
  • Perform security monitoring and incident response activities across the networks, leveraging a variety of tools and techniques
  • Detect incidents through proactive “hunting” across security-relevant data sets
  • Thoroughly document incident response analysis activities
  • Review investigations conducted by more junior analysts to ensure quality standards are met
  • Develop new, repeatable methods for finding malicious activity across the networks
  • Provide recommendations to enhance detection and protection capabilities
  • Regularly present technical topics to technical and non-technical audiences
  • Develop and follow detailed operational processes and procedures to appropriately analyze, escalate, and assist in the remediation of information security incidents
  • Prioritize multiple high-priority tasks and formulate responses/recommendations to customers and team members in a fast-paced environment
  • Provide assistance to other security teams
  • Continually develop new technical skills and push overall team capabilities forward
  • Engage with and mentor other team members
  • Work with other teams on major engineering and architecture initiatives
  • Be innovative with their understanding of attack methodologies, malware analysis, malicious toolkits, and how those may manifest within various security technologies
  • Advanced proactive threat hunting
  • Understands advanced adversary emulation concepts
  • Advanced use case design for insider threat, operational, threat detection and response
  • Review of defensive and detective controls to reduce client attack surface
Apply