Reporting to the Manager, Threat Analysts, the Threat Analyst is responsible for the analysis and processing of phishing threats reported by our customers and providing details and guidance to help customers mitigate identified threats.
- Monitor systems for customer reported emails
- Analyze phishing campaigns and related threats to identify patterns
- Gather intelligence information from analyzed malware for dissemination to customers.
- Assess reported emails to determine if an email poses a threat or is benign
- Identify malicious nature of threats and provide details and guidance to the customer on how to mitigate the threat
- Initiate threat analysis tickets for email threats
- Maintain ownership of tickets opened for customers including updating, communicating and documenting resolutions for customers
- Write rules, signatures, and descriptors for data sharing and automation technologies
- Leverage malware analysis platforms and technologies to identify malware infrastructure and tactics as needed.
- Assist in production of monthly customer reports
- Identify process improvements to add efficiency and effectiveness to our services
Knowledge, Skills, and Abilities Required
- Ability to apply critical thinking to threat investigations
- Ability to recognize the need for prompt escalation of malware review
- Working knowledge of networking, operating systems, email Infrastructures, anti-virus programs, and advanced threat detection systems
- Skilled with common end-user applications, web browsers, and productivity applications such as MS Word, Excel, and PowerPoint that are commonly targeted by malware
- Flexibility to work evening hour shifts as the job necessitates.
- Demonstrate the ability to apply critical thinking to threat investigations
- Strong verbal and written communication and organizational skills.
- Strong critical thinking and operational judgment skills.
- Ability to work in a fast-paced, team-oriented environment.
- Basic understanding of email protocols, headers, and formats.
- Ability to learn new techniques for conducting malware analysis.
- Ability to learn and quickly implement tradecraft standards.
- Ability to exercise independent judgment and creative problem-solving techniques.
- Regex and YARA rule creation nice to have
Education and/or Experience:
- 1+ years of IT security experience or security education
- Degree in Computer Science, Information Systems, Cybersecurity, or equivalent experience
- Demonstrated experience to perform phishing and malware analysis
- Certification in one major technology provider or Malware Analysis and Incident Response preferred
- CEH, GCIA, Security+, MCSA/MCSE, VCP, CCNA/CCNE, Network+, A+, CCSP, AWS Architect, etc.