Threat Intelligence Analyst
Threat Intelligence Analyst
Join an industry leading team performing challenging and soulful work. Trellix is a global company redefining the future of cybersecurity. The company’s open and native extended detection and response (XDR) platform helps organizations confronted by today’s most advanced threats gain confidence in the protection and resilience of their operations. Trellix’ security experts, along with an extensive partner ecosystem, accelerate technology innovation through machine learning and automation to empower over 40,000 business and government customers. More at https://trellix.com.
Trellix Threat Intelligence is a portfolio comprised of solutions and services from our team of experts including our cybersecurity product team and Threat Intelligence Group (TIG). We help defend our customers against everyday threats with the tight collaboration between both our product team and our threat researchers working together in real time.
Trellix’s TIG delivers cyber threat intelligence services to global customers to enable preparation, detection, and response to the wide array of malicious cyber activity that persistently threatens organizations across all industry sectors.
The Threat Intelligence Analyst will collaborate with customers to enhance their cyber threat intelligence capabilities by leveraging the experience, knowledge, tools, and data of the Trellix cyber defense enterprise. The role is responsible for delivering cyber threat intelligence services, which include knowledge of sophisticated threat actors and associated tactics, techniques, and procedures, along with research, collection, analysis, and reporting of finished intelligence. The role will support customer security operations including planning and risk assessment, vulnerability assessment, 24x7x365 monitoring, and incident response.
About the Role:
The Threat Intelligence Analyst will report to the Director of the TIG. This is a hybrid role consisting of remote work and on-site work at a customer facility in North Carolina. As a member of the TIG, the Analyst will collaborate with TIG teammates, members of Trellix’ Advanced Research Center, Trellix Professional Services Consultants, and third-party partners. The analyst will serve as a primary customer interface and will become immersed in customer operations through rapid learning and establishing relationships.
- You will serve as a cyber threat intelligence subject matter expert and trusted advisor.
- You will integrate with customers’ operations-intelligence cycles to inject cyber threat intelligence.
- You will develop information/intelligence requirements and associated priorities.
- You will identify intelligence gaps and opportunities to improve intelligence sharing and utility.
- You will create tailored strategies for research, data collection, analysis, and reporting focused on customers’ areas of interest.
- You will develop comprehensive responses to customer requests for information/intelligence (RFIs).
- You will perform all-source research and analysis using Trellix tools and data sets, third party tools, and open sources.
- You will develop comprehensive written and oral reporting including peer review and quality assurance.
- You will identify relationships between malicious cyber activity and world events such as geo-political events, natural disasters, crises, etc.
- You will deliver oral and written threat intelligence reports and presentations to customer teams comprised of representatives of varying organizational levels up to senior executive level (general officers, flag officers, SES/SIS, and C-Suite).
- You maintain current knowledge of the cyber threat landscape, including advanced persistent threats; including motivations, attack vectors, tools, and tactics, techniques, and procedures (TTPs) of attackers.
- You are self-motivated and passionate about cybersecurity.
- You have a keen interest in tracking threat actors.
- You have a strong understanding of structured analytical techniques, including but not limited to Quality of Information Check, Analysis of Competing Hypotheses, Key Assumptions Check, and Gap Analysis.
- You are a strong critical thinker with the ability to avoid biases.
- You are able to produce clear, complete, and concise reporting in a timely manner with extreme attention to detail.
- You have expertise with cyber threats, attack vectors, detection capabilities, and associated countermeasures.
- You have experience with open-source intelligence collection and associated methods and tools.
- You have experience working with Security Operations Center to monitor security alerts, respond and remediate detected issues.
- You have a clear understanding of organizational Incident Management processes in relation to threats and vulnerabilities.
- You have knowledge and experience with XDR/EDR, Endpoint Security tools (AV, whitelisting, etc.) and Threat Hunting.
- You have a high-level understanding of malware types, malware detection methods, and malware analysis techniques.
- You possess knowledge of MITRE ATTACK and DEFEND frameworks along with Kill Chain methodology and the Diamond Model.
- You have experience with identifying and mitigating cyber threats, including detection and countermeasures strategies and tools.
- You understand technical vulnerabilities and associated risk.
- You have experience with a SIEM tool and working with SIEM Analyst.
- You have experience with event correlation and analysis.
- You are willing to travel.
- At least 10 years of intelligence gathering, analysis, and reporting experience.
- Bachelor’s degree in information security, cyber discipline, political science or a related analytical field.
- DoD 8570.01 Information Assurance Technical (IAT) Level II, required (or a willingness to achieve IAT Level II within six months of hiring)
Clearance Requirement: DOD Top Secret clearance with SCI eligibility
Base Pay Range: $116,000 – $200,000. Actual base pay within this range will depend on varying circumstances, including the work location, individual qualifications, company budget and other operational business needs. Compensation may also include annual bonuses and long-term incentives, subject to various metrics and company policy.
Company Benefits and Perks:
We work hard to embrace diversity and inclusion and encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees.
- Retirement Plans
- Medical, Dental and Vision Coverage
- Paid Time Off
- Paid Parental Leave
- Support for Community Involvement
We're serious about our commitment to diversity which is why we prohibit discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.