onsite

Threat analyst

Threat analyst position — see original posting for full details.

About the role

Roles & Responsibilities:

Prior experience administrating IT systems or networks (~3+ years), preferably with experience in both public cloud environments and physical data center locations.
Solid understanding of SQL-like query languages and proficiency in data manipulation and analysis techniques to extract actionable insights from large and complex cybersecurity datasets.
Ability to maintain a collected demeanor under high-pressure security incident response scenarios.
Knowledge of the MITRE ATT&CK framework and its application to threat-hunting campaign scenarios, especially in hybrid cloud environments (preferred).
Hands-on experience professionally administrating and securing both Windows and Unix/Linux operating systems, and an understanding of the common threats each is susceptible to.
Thorough understanding of the OSI model and a wide range of common network protocols, enabling effective analysis, detection, and mitigation of security threats at various layers of the network stack.
Experience, or exceptional aptitude, working with Security Information and Event Management (SIEM) platforms, including building and optimizing custom detection rules.
Ability to monitor various security tools, logs, and threat intelligence feeds to detect potential cyber threats, including malware, phishing attempts, and unauthorized access attempts.
Excellent communication skills with the ability to translate complex technical concepts and findings into clear and concise insights for non-technical stakeholders, fostering collaboration and informed decision-making across cross-functional teams.
Solid understanding of scripting languages such as Python (preferred), Bash scripting, or PowerShell; prior experience using scripting to automate tasks.
Familiarity with modern defense-in-depth security tools and technologies such as Intrusion Detection and Prevention (IDS/IPS), Endpoint Detection and Response (EDR) solutions, Cloud Native Application Protection Platform (CNAPP), and Web Application Firewalls (WAF).
Enthusiasm for security automation and creative technical ability to identify time-saving or novel automation workflows.
Proven understanding of cloud infrastructure concepts, paradigms, and associated security threats.
Proven understanding of common web-based attacks at runtime (e.g., those listed in the OWASP Top 10), and how to respond/mitigate them operationally. Must have strong cloud security and log investigation skills.
Proven understanding of identifying and mitigating email-based threats, including phishing, malware, and spoofing. Hands-on experience with administering and configuring email security tools and protocols to safeguard against these threats is a bonus.
Analyze security events and incidents to identify threats, attack vectors, and potential impact. Utilize threat intelligence to improve

About the role

Roles & Responsibilities:

Prior experience administrating IT systems or networks (~3+ years), preferably with experience in both public cloud environments and physical data center locations.
Solid understanding of SQL-like query languages and proficiency in data manipulation and analysis techniques to extract actionable insights from large and complex cybersecurity datasets.
Ability to maintain a collected demeanor under high-pressure security incident response scenarios.
Knowledge of the MITRE ATT&CK framework and its application to threat-hunting campaign scenarios, especially in hybrid cloud environments (preferred).
Hands-on experience professionally administrating and securing both Windows and Unix/Linux operating systems, and an understanding of the common threats each is susceptible to.
Thorough understanding of the OSI model and a wide range of common network protocols, enabling effective analysis, detection, and mitigation of security threats at various layers of the network stack.
Experience, or exceptional aptitude, working with Security Information and Event Management (SIEM) platforms, including building and optimizing custom detection rules.
Ability to monitor various security tools, logs, and threat intelligence feeds to detect potential cyber threats, including malware, phishing attempts, and unauthorized access attempts.
Excellent communication skills with the ability to translate complex technical concepts and findings into clear and concise insights for non-technical stakeholders, fostering collaboration and informed decision-making across cross-functional teams.
Solid understanding of scripting languages such as Python (preferred), Bash scripting, or PowerShell; prior experience using scripting to automate tasks.
Familiarity with modern defense-in-depth security tools and technologies such as Intrusion Detection and Prevention (IDS/IPS), Endpoint Detection and Response (EDR) solutions, Cloud Native Application Protection Platform (CNAPP), and Web Application Firewalls (WAF).
Enthusiasm for security automation and creative technical ability to identify time-saving or novel automation workflows.
Proven understanding of cloud infrastructure concepts, paradigms, and associated security threats.
Proven understanding of common web-based attacks at runtime (e.g., those listed in the OWASP Top 10), and how to respond/mitigate them operationally. Must have strong cloud security and log investigation skills.
Proven understanding of identifying and mitigating email-based threats, including phishing, malware, and spoofing. Hands-on experience with administering and configuring email security tools and protocols to safeguard against these threats is a bonus.
Analyze security events and incidents to identify threats, attack vectors, and potential impact. Utilize threat intelligence to improve

Threat analyst

About the role

Threat analyst

About the role

Skills