Cyber Threat Operations and Defense Analyst - Perm

Company: Atlantic Partners Corporation
Location: Houston
Posted on: June 25, 2022

Job Description:

Description:

-

Join the Cyber Threat Incident Response (CTIR) team based in our Sydney office as a Cyber Threat Defense Analyst. In this role, you will be working alongside a diverse team in multiple offices around the globe and be responsible for detecting, identifying, triaging, and mitigating threats and risks in our global cyber environment. You will also act to ensure that the company's digital estate is protected from threats both known and unknown.

Your first-class technical skills are required to continuously identify, assess, and manage threats relative to the corporate risk appetite by leveraging technology and your experience to analyze data. Experience in log aggregation and analysis will be crucial in detecting and triaging potential or active security incidents.

Using your attention to detail and data driven approach you will act as an expert for the CTIR function to provide leadership, focus, and accountability for CTIR activities.

Your understanding of cyber threat as a function of human motivation, combined with your experience in actively detecting and defending against that threat utilizing a combination of standard cyber tools and your own system/platform/network knowledge, will be highly beneficial in this role alongside your similarly skilled and experienced peers.

To be successful in this role you must have a minimum of 5 years of related security or operational experience in large enterprise environments, as well as operational experience across Windows, UNIX, networking and hosting domains. Experience and a strong understanding of security technology and defense topologies are imperative to be successful in this role.

What is the job?

Triage active alerts and campaigns for potential systemic threats to our global business

Proactively seek out suspicious activity and threats within the environment, act appropriately to contain and mitigate them

Perform real-time detection, analysis, and response to threats via an EDR tool

Analyze latest malware discoveries/shifts to understand how/if it would be effective in the environment

Create new alerts and investigation methods in relation to the ever-changing threat landscape

Analyze attacks and trends facing the organization and industry to better define proactive defensive measures

Track, provide, and present analysis into observed attacks against the company

Investigate threat actor activity and Client their infrastructure, motivations, and potential future actions

Take proactive actions to have observed brand impersonating and malicious sites removed

Client internal security concerns and raise findings with the appropriate internal teams

Review processes, defense plane, technologies, and alerts in search of improvement

What the ideal candidate should know/have experience with:

Splunk or other large log aggregation system

An Endpoint detection and response (EDR) platform

A Security Orchestration, Automation, and Response platform (SOAR)

Email gateway security controls

How to chase actors beyond these tools

Analyzing Emails (e.g reading and understanding email headers, infrastructure)

Knowledge and experience decoding and deciphering malicious code

Analytical mindset

Offensive Security/Adversarial mindset

Scripting language understanding (Python, Powershell, etc.)

Malware analysis (manual, static, and dynamic)

Familiarity with various network and cloud architectures

Identity and Access Management (IAM)

User and Entity Behavior Analytics (UBA/UEBA)

Familiarity with the MITRE Telecommunication&ck framework

-

Keywords: Atlantic Partners Corporation, Houston , Cyber Threat Operations and Defense Analyst - Perm, Professions , Houston, Texas