Goal of the role:
Threat Intelligence Utilization: Provide actionable insights through the analysis and application of threat intelligence to enhance proactive security measures.
Incident Reporting: Develop key performance and risk indicators for various stakeholder types to report on the health of the program.
Incident Simulation Exercises: Create/Update incident simulation exercises (e.g., tabletops) to test the effectiveness of Incident Response plans.
Defined Metrics: Establish and regularly report on key Incident Response metrics to evaluate health and improvement of the program.
Responsibilities:Monitor external data sources (e.g., cyber defense vendor sites, Computer Emergency Response Teams, Security Focus) to maintain currency of cyber defense threat condition and determine which security issues may have an impact on the enterprise.
Monitor and report changes in threat dispositions, activities, tactics, capabilities, objectives, etc. as related to designated cyber operations warning problem sets.
Monitor and analyze threat intelligence feeds to identify and assess potential threats, providing timely and actionable intelligence to critical stakeholders.
Prepare and delivery detailed incident reports, including findings, impact analysis, and recommendations for remediation.
Write and publish after action reviews.
Coordinate with intelligence analysts to correlate threat assessment data.
Identify, document, and monitor threat vulnerabilities.
Skills & experience requirements:Bachelor’s degree in Computer Science, Information Systems, Cyber Security, Engineering or related discipline with 2+ years of experience in Information Security Proven experience in Incident Response, including incident detection, analysis, containment, eradication, and recovery, or equivalent training and experience equavalent to 5 years of experience.
Strong understanding of threat intelligence analysis, including the ability to identify and interpret IOCs, TTPs, and emerging threats
Familiarity with security tools and technologies, SIEM, and experience in utilizing threat intelligence platforms
Relevant certifications such as GCIA, GCIH, CISSP, or equivalent are desirable
Powered by JazzHR
CBapuKsgNw