Cyber Threat & Intelligence Resume Samples

The Guide To Resume Tailoring

Guide the recruiter to the conclusion that you are the best candidate for the cyber threat & intelligence job. It’s actually very simple. Tailor your resume by picking relevant responsibilities from the examples below and then add your accomplishments. This way, you can position yourself in the best way to get hired.

Craft your perfect resume by picking job responsibilities written by professional recruiters

Pick from the thousands of curated job responsibilities used by the leading companies

Tailor your resume & cover letter with wording that best fits for each job you apply

Resume Builder

Create a Resume in Minutes with Professional Resume Templates

CHOOSE THE BEST TEMPLATE - Choose from 15 Leading Templates. No need to think about design details.

USE PRE-WRITTEN BULLET POINTS - Select from thousands of pre-written bullet points.

SAVE YOUR DOCUMENTS IN PDF FILES - Instantly download in PDF format or share a custom link.

Create a Resume in Minutes

B Jacobson

Bulah

Jacobson

46337 Tavares Motorway

Los Angeles

+1 (555) 651 4529

46337 Tavares Motorway

Los Angeles

Phone

p +1 (555) 651 4529

Experience Experience

Philadelphia, PA

Cyber Threat & Intelligence

Philadelphia, PA

Rodriguez, Greenholt and Klocko

Philadelphia, PA

Cyber Threat & Intelligence

Maintaining technical proficiency in the use of tools, techniques and countermeasures
Contribute cybersecurity perspective to discussions and decisions regarding JPMC global technology infrastructure and technology deployments
Work closely with the technology risk teams to assess risk and provide recommendations for improving our security posture
Review threat information and maintain threat repository
Conduct deep dive technical analysis of cyber attack tools, tactics, and procedures
Regularly develop and produce written intelligence reports and white papers constructed from technical analysis results and collected threat information for JPMC internal consumers
Assist CTI peers in regular production and dissemination of intelligence reports

San Francisco, CA

Cyber Threat Intelligence Analytic Analyst

San Francisco, CA

Casper-Homenick

San Francisco, CA

Cyber Threat Intelligence Analytic Analyst

Creates SNORT signatures to detect malicious network traffic
Performs network traffic analysis and event log correlation to identify malicious activity
Perform open source intrusion profiling and campaign tracking for malware code base, extracted code artifacts, and domain/IP address infrastructures
Provides creative and innovative solutions and serve as a thought leader
Works in high pressure situations and within a team environment
Forms and articulates expert opinions based on analysis through report writing, internal and external briefing for various levels of management
Tracking cyber threat activity based off technical analysis and OSINT

present

New York, NY

Principal Cyber Threat Intelligence

New York, NY

Weissnat, Macejkovic and Heller

present

New York, NY

Principal Cyber Threat Intelligence

present

Work with fellow Technology teams to assess and mitigate threats to company assets and employees
Use threat information to create security measures in order to assess vulnerabilities as well as mitigation strategies
Accomplish enterprise and department objectives and develop/deliver metrics
Conduct intelligence analysis by researching data from multiple intelligence sources
Work closely with the Incident Response, Security Delivery and Security Compliance leads to share information and build a strong eco-system for defending the organisation's information resources
Monitor a wide array of information sources to assist in intelligence reporting and network defense activities
Monitor select security events and conduct regular reviews of log files, platforms, products and services

Education Education

Bachelor’s Degree in Computer Science

Kean University

Bachelor’s Degree in Computer Science

Skills Skills

In-depth knowledge of the cyber threat landscape, including cyber espionage, ecrime and hacktivism
Maintains relationships with key executives, companies, and a network of professionals organizations or affiliations within the malware, security and forensic technology industry
Creates ad-hoc scripting tools, various modules and plugins for security related products, which assist in malware/network/host analysis, tracking Internet based activities and expediting various security related tasks
Experience or knowledge of hunting and detecting malware through YARA and OpenIOC signatures
Implements and maintain internal team tools such as malware sandboxes, malware repositories, indicator databases, honeynets, and various internal custom toolsets
Perform open source intrusion profiling and campaign tracking for malware code base, extracted code artifacts, and domain/IP address infrastructures
Performs network traffic analysis and event log correlation to identify malicious activity
Creates SNORT signatures to detect malicious network traffic
Writes intelligence reports based off collected and analyzed information
Fundamental understanding of computer forensics to identify and understand computer intrusions through indicators of compromise

Create a Resume in Minutes

15 Cyber Threat & Intelligence resume templates

Read our complete resume writing guides

Cyber Threat Intelligence Lead Resume Examples & Samples

Ability to recognize and research attacks and attack patterns
Ability to prioritize events so that the most impactful are addressed first Help resolve security incidents by identifying root cause and solutions
Strong network and/or system background
Strong knowledge of information security technologies
Excellent team skills and integrity in a professional environment
Excellent social, communication and technical writing skills Demonstrated integrity in a professional environment
Knowledgeable in legal issues within information security environments (i.e., data privacy)
TCP/IP network expertise
Excellent teaming skills
Exceptional social, communication, and technical and general writing skills
6 years’ experience in one or more of the following
Deep understanding of the TCP/IP protocol stack
Understanding of electronic investigation, forensic tools, and methodologies. Including: log correlation and analysis, forensically handling electronic data, knowledge of the computer security investigative processes
Be familiar with a basic understanding of legalities surrounding electronic discovery and analysis
Be familiar with basic system administration functions for Windows and Unix platforms
Experience with programming languages such as Java, Java script, C, C , C#, ASP, .NET, Unix/Linux and scripting is a plus (perl, python or powershell)

Cyber Threat & Intelligence Resume Examples & Samples

Significant experience in a large, mission-critical environment
Global intelligence operations or related government experience
Complete understanding of national and international security issues and a thorough understanding of the related
Significant Intelligence Community experience and/or experience at an international institution conducting

Cyber Threat & Intelligence Resume Examples & Samples

3+ year's experience in a large, mission-critical environment
2+ year's incident response and or Investigative experience
10+ total years technology experience
Experience in network intrusion methods, network containment, and segregation techniques and technologies experience
IP Protocol Suite; knowledge of IP Routing protocols
Proficiency with Windows & UNIX
Strong written and verbal communication skills; ability to understand complex problems while formally presenting them simplistically
Knowledge of incident response, investigations and crisis management
Knowledge of computer forensics both host and network based
Experience working with various major vendor developed and open source forensic tools
Bachelor's Degree in Computer Science or related field or equivalent experience
Knowledge of Novell, Mac OSX operating systems
Ability to coordinate, work with and gain the trust of business stakeholders, technical resources, and third-party vendors
Experience in safely and legally maintain multi-national network for collection of threat information

Cyber Threat & Intelligence Resume Examples & Samples

Conduct deep dive analysis of global cyber events as they relate to geopolitical currents
Regularly develop and produce written intelligence reports (tactical and strategic) constructed from country level analysis of developing cyber events and norms
Participate with JPMC representatives at industry forums
Contribute to briefing materials and read books for Cyber Threat & Intelligence team briefings on global cyber events and counter-threat concerns to JPMC internal country and business leads
2+ years of experience specific to global cyber threats
4+ years of experience in a large, mission-critical environment
6+ years of overall global intelligence operations or related government experience
Conversant understanding of national and international cyber security issues
Ability to apply knowledge of global historical cyber events and national level responses to inform JPMC Cybersecurity strategies quickly, clearly and effectively
Ability to conduct deep level research in international cyber threat issues and develop draft papers and presentation materials for internal distribution and briefings, and interest in doing so on a daily basis
Very strong written and verbal communication skills; ability to understand complex problems while formally presenting them simplistically
Bachelor's Degree in international relations, economics, politics, or related field or equivalent experience
3+ years Intelligence Community experience and/or 3+ years experience at an international institution conducting cyber or security/intelligence related work
Working knowledge of global threats to international cyber security, and conversant in the tools, tactics, and procedures used by cyber adversaries
Foreign (non-English) Language proficiency

Cyber Threat & Intelligence Resume Examples & Samples

3+ years experience in a large, mission-critical environment
2+ years incident response and or Investigative experience
5-7+ total years technology experience

Cyber Threat Intelligence Summer Intern Resume Examples & Samples

Understanding of the cyber threat landscape
Able to write and present effectively
Extensive research capabilities
Preferred experience in, or knowledge of Java Script, PHP scripting capabilities
Preferred experience in, or knowledge of Big Data solutions (Hadoop, Splunk)

Cyber Threat Intelligence Specialist Resume Examples & Samples

Applicability of different testing tools
Facilitation Skills
Desktop and email security
Design and deployment of Enterprise Cyber Threat Intelligence capabilities and services

Cyber Threat & Intelligence Resume Examples & Samples

Prior intelligence or incident response experience
Experience in a large, mission-critical environment
Significant technology experience
Bachelor's Degree in Computer Science or related field, or equivalent experience
Experience with researching and tracking Advanced Persistent Threat (APT) campaigns

Cyber Threat Intelligence Service Manager Resume Examples & Samples

Provides governance and oversight over the Cyber Threat Management service, including operating models, technology and people
Provide input into the development and improvement of processes and procedures for detecting and responding to cyber threats
Develop, track and communicate metrics and KPIs to measure the performance of the service
Develops strong and productive relationships with industry peers, government and law enforcement intelligence services
Participate in thought leadership, act as an ambassador for the service, attend industry events, forums and be active in the community
Develop Cyber Intel collection integration strategy, and technologies, services and products against current gaps. Define service roadmaps and strategies and drive continuous improvement and projects
Maintains an awareness of attack patterns and detection trends and uses this knowledge to bring solutions to enhance the Security Operations capability
Perform security research and excellence activities
Liaise with intel providers and stakeholders, and conduct presentations, in regards to emerging cyber threats and attacks

Associate Director, Cyber Threat Intelligence Resume Examples & Samples

Leading the identification and implementation of external and internal sources of threat intelligence that provide relevant threat information based on business context
Proven track record implementing and operating a Cyber intelligence service to anticipate and track cyber threats to the business and drive proactive mitigation, detection and response
Enhance incident detection and prevention by applying and integrating threat intelligence into the security operations to enhance their capabilities in the following areas: threat analysis, response, containment, technology protection / effectiveness tuning, reporting. tracking etc
Extensive experience operating Threat Intelligence services that have both a technical “IOC” focus to feed the Security Operations team and a Business focus to link threats to business risks and threats
Experience with methodologies to identify key cyber threat scenarios relevant to the “business” in line with the external threat landscape changes and business context
Identify and tracking high risk cyber threat scenarios that can impact the business, senior executives and the board etc
Experience leveraging: “private intelligence groups and relationships, contact points into other organizations threat & vulnerability detections, contacts and relationships that can leverage “shared” forms of threat intelligence sources and feeds
Delivering Threat Intelligence reporting – Executive summaries, Technical Analyst briefings, metrics for areas of most concern to the business etc
Delivering Threat Intelligence metrics and Key risk indicators (KRI’s)
Leveraging threat intelligence to detect incidents that would otherwise be missed by having more timely and actionable data that can provide advanced warning about impending cyber-attacks
Speed up security incident response methods by driving tight working relationships with the Security Operations teams, to enhance their understanding of the relevance of threats, classifying and providing recommendations on countering threats to minimize impacts from incidents based on Threat Intelligence gathered through various sources
Providing guidance and support for the remediation priority of vulnerabilities and control weaknesses based on threat-targeted information
Providing threat specific advisory and guidance during remediation process
Providing input into the identification and management of internal threat use cases and correlation opportunities and assist in defining use cases for advanced security monitoring and analytics
Provide threat research and intelligence information resulting in situational awareness across industries, criminal techniques, exploits and vulnerabilities
Extensive experience in the acquisition and integration of appropriate intelligence sources
Collecting intelligence information related to threat scenarios and targeted assets, in addition to any emerging threat scenarios which the threat model would need to consider, by leveraging existing intelligence sources in the form of existing external Cyber Threat Intelligence feeds, as well as internal sources such as SOC situation awareness outputs and Vulnerability Management programs
Experience conducting threat research that is relevant to financial services industry and providing threat intelligence that is specific to the financial industry. This includes filtering, processing, tracking and reporting on threat intelligence specific to the business from external sources as well as collecting the most relevant intelligence
Integration with detective and preventive controls - Experience with Security Operations to provide actionable course of actions and integrate intelligence into SIEM platforms and other security technologies
Extensive experience managing teams of Cyber Threat Intelligence Analysts and driving optimization and effectiveness of this function
Experience with Military and Federal Government institutions in the discipline of Cyber Threat Intelligence, Cyber Security, Information Security is a definite asset

Senior Cyber Threat Intelligence Specialist Resume Examples & Samples

Proactively analyze threats that create a risk to the Bank, its employees, shareholders, assets, business operations and clients. Identify and report on events, trends, and evolving and future threats while supporting development of operational, tactical and strategic recommendations to counter those threats
Collect open source information from public sources and analyze the information to identify risks to BMO assets, employees, and clients
Ensure analysis is developed and delivered in order to answer specific business needs through engagement with other LOBs at all levels and differing functional areas
Create and deliver succinct narrative reports and presentations, incorporating where appropriate visual tools to deliver analytical assessments
Tailor reporting to the client and stakeholder level of understanding or expertise and matching products and assessments accordingly to ensure analysis and conclusions are being conveyed and properly understood
Change Management - generate new ideas, concepts, and models to improve methods of obtaining, validating and disseminating information and intelligence
Identify and anticipate the problems and product/solution needs of our clients
Develop effective relationships between the program and LOBs and other relevant analytical, government, law enforcement or regulatory agencies
7-10 years of experience in Information Security
Minimum of two (2) years’ experience with cyber threat intelligence (hands on) is a must
Previous experience with financial services companies is preferred
Proven track record of open and non-open source intelligence gathering
Demonstrated ability to analyse, evaluate and interpret complex sets of information and data with a strong understanding and application of analytical techniques, including predictive analysis
Experience in collecting information from open sources, commercial databases, internal databases and fusing this information together through analysis and critical thinking
Experience with various link analysis and intelligence software applications
Advanced expertise in Microsoft Office products – Publisher, Word, Excel, Access, Outlook, PowerPoint, & SharePoint
Organizational and self-directing skills – ability to initiate, coordinate and prioritize responsibilities and follow through on tasks to completion

Cyber Threat Intelligence Senior Manager Resume Examples & Samples

Collect open source intelligence
Develop regional and/or technical expertise on threat actors, attack trends, and attack tactics, techniques, and procedures TTPs
Inform the development of the team’s operating rhythm
Manage cyber threat vendor relationships
Produce intelligence reporting (ranging from short to longer reports) on threat actor activities
Maintain current knowledge of tools and best-practices in advanced persistent threats; tools, techniques, and procedures (TTPs) of attackers
Identify and hunt for related TTPs and IOCs across all internal/external repositories
Knowledge of current hacking techniques, vulnerability disclosures, data breach incidents, and security analysis techniques
Moderate to advanced technical experience in the following
5 years of experience in incident response or other technical InfoSec positions
2 years in cyber threat analysis
4-7+ years of experience in either
Security researcher
Threat analytics / Link Analysis
Pick up new skills through self-learning and on the job training
Innovate and stay current on security technologies
Manage multiple requirements and deliverables simultaneously

Cyber Threat Intelligence Engineer Resume Examples & Samples

2-5 years of working with cybersecurity threat intelligence
Industry certifications: Security+; CISSP; GIAC; OSCP; CEH; etc
Intermediate experience with some of the following: IDS/IPS; Vulnerability Scanning; Sanboxing; Endpoint Protection; Network Taps; packet capture and analysis
Familiarity working under guidelines and contributing inputs based on NIST 800-30rev1; Guide for Conducting Risk Assessments
Familiarity working under guidelines and contributing inputs based on NIST 800-37rev1; Guide for Applying the Risk Management Framework to Federal Information Systems

Cyber Threat Intelligence Lead Resume Examples & Samples

Ten (10) years of professional experience
Bachelor’s degree in Computer Science, Computer Engineering, Information Technology, Cybersecurity, or a minimum of ten (10) year of work experience in a related field
Five (5) years of experience in incident detection and response, system administration, database administration, network engineering, or software development
Experience leading a SOC team or leading an implementation of a SOC in an enterprise environment
Candidate should have strong communication skills and exhibit a professional demeanor
Ability and willingness to think outside of the box to find creative and innovative solutions to reduce costs with a minimal impact on reliability
Excellent project management skills, ability to work in a fast-paced and hectic work environment, ability to prioritize tasks effectively; and an ability to work seamlessly across organizational boundaries
Must be flexible in outlook and attitude
Excellent Presentation skills and ability to present to senior management
Excellent planning/time management skills
Very good understanding of the compromises between reliability, efficiency and cost
Candidate should possess an expert Knowledge in the following technical skills: Incident Response, Log Analysis, TCP/IP, Network Traffic Analysis, Antivirus/Malware, Intrusion Detection/Prevention, Security Incident and Event Management Systems (SIEM), Packet Analysis Techniques, Event Correlation, and Incident Triage
Candidate should possess the following soft skills: Adaptive to Change, Leadership, Communications, Professionalism, Creativity, and Drive

Cyber Threat Intelligence Analysis Manager Resume Examples & Samples

Manage day-to-day operational aspects of CTI Analysis Team; provide leadership and manage teams that are located in the US, UK and Singapore
Establish strategic vision, work as a mentor, coach and facilitator to develop a world class cyber threat intelligence analysis team that provides follow-the-sun support for the firm
Work in a tactical/strategic role cultivating intelligence sources, analyzing information, creating intelligence, and hunting for exposures or related incidents
Manage cyber threat analysts researching current and emerging threats, campaign assessment, data collection and analysis; collecting, assessing, and cataloguing threat indicators and responsibility for adding context to threat indicators to convey urgency, severity, and credibility
Maintain working knowledge of the broad cyber threat and geopolitical landscape; help drive strategic and tactical priorities globally across the firm
Collaborate with business partners and lines of business to analyze threats
Present findings to internal customers, lines of business, senior leadership and others as needed
Escalate issues to management in a timely manner with appropriate information regarding risk and impact
Exercise independent judgment in methods, techniques and evaluation criteria for obtaining results
Participate in technical discussions to facilitate the identification, mitigation and containment of cyber-security incidents
Work closely with the CTI Collection Manager on intelligence collection tasking in support of ongoing threat collection plans
Excellent organizational and analytical skills
Ability to prioritize conflicting tasks
Ability to coach, mentor and train analyst staff in cyber threat intelligence analytic methods, including effective writing, research, communications, critical thinking, etc
Experience in an operations focused information security role
Experience conducting analysis/investigation and containment of potential data breaches or cyber security incidents
Familiarity with cyber threat landscape, geopolitical issues that could have cyber impacts, security vulnerabilities, exploits, malware, digital forensics, network security vulnerabilities, exploits and attacks
This is an opportunity to work with a best in class global enterprise team
Exposure to the latest developments in technology and latest threats
Fantastic career mobility

Cyber Threat Intelligence Technical Analyst Resume Examples & Samples

Implementing appropriate rulesets to meet defined requirements
Identify and remediate or escalate gaps
Provide support during investigations when required
Work with Information Security teams to manage and maintain security posture
Knowledge of standard change management procedures
Excellent leadership and teaming skills with domestic and internationally located teams

Cyber Threat Intelligence Fusion Analyst Resume Examples & Samples

Production of clear and concise technical threat alerting, malware reports, and other short form
Good teaming skills with local and internationally located teams
Excellent knowledge of global Cyber security issues
Excellent social, communication, technical, and general writing skills
Excellent ability at building relationships with other organizational groups
5+ years’ experience in one or more of the following
General networking knowledge
General knowledge of Windows Server networking and infrastructure
Experience with Cyber Threat information exchange standards

Cyber Threat Intelligence Senior Manager Resume Examples & Samples

Collect and analyze open source intelligence
Inform the development of the team’s operating rhythm and priorities
Provide both technical and executive level intelligence briefings / presentations
Knowledge of current adversary techniques, vulnerability disclosures, data breach incidents, and security analysis techniques
Experience in analyzing malware / offensive tools and threat actor tactics, techniques, and procedures to characterize threat actors’ technical methods for accomplishing their missions
2 years of experience in cyber threat analysis
Work well both independently and within a team environment
Work well under pressure and with short deadlines

Cyber Threat Intelligence Analytic Analyst Resume Examples & Samples

In-depth knowledge of the cyber threat landscape, including cyber espionage, ecrime and hacktivism
Tracking cyber threat activity based off technical analysis and OSINT
Experience in dynamic analysis of malicious code, either manually or through a malware sandbox
Experience or knowledge of hunting and detecting malware through YARA and OpenIOC signatures
Experience in Windows system administration
Fundamental understanding of computer forensics to identify and understand computer intrusions through indicators of compromise
Performs network traffic analysis and event log correlation to identify malicious activity
Creates SNORT signatures to detect malicious network traffic
Writes intelligence reports based off collected and analyzed information
Perform open source intrusion profiling and campaign tracking for malware code base, extracted code artifacts, and domain/IP address infrastructures
Researches and tracks new exploits and cyber threats
Interacts with security community to obtain technical threat intelligence
Implements and maintain internal team tools such as malware sandboxes, malware repositories, indicator databases, honeynets, and various internal custom toolsets
Creates ad-hoc scripting tools, various modules and plugins for security related products, which assist in malware/network/host analysis, tracking Internet based activities and expediting various security related tasks
Works in high pressure situations and within a team environment
Forms and articulates expert opinions based on analysis through report writing, internal and external briefing for various levels of management
Provides creative and innovative solutions and serve as a thought leader
Maintains relationships with key executives, companies, and a network of professionals organizations or affiliations within the malware, security and forensic technology industry
5+ years’ experience in cyber security with hands on experience in all of the following security disciplines: cyber intelligence, malware analysis, computer and network forensics, scripting and tool development
1+ years’ exposure to cyber intelligence analysis and cyber operations
1+ years' tactical experience in malware analysis (dynamic and reverse engineering), including experience with YARA signatures
1+ years' experience in computer and network forensics
In-depth knowledge of TCP/IP and networking concepts, and hands-on experience with network monitoring tools (e.g., tcpdump, Wireshark)
1+ years’ hands on experience analyzing cyber-attacks, persistence threats, and profiling different types of malware families
Experience in researching and investigating exploits and system vulnerabilities
Possesses the ability to work with diverse, integrated, deliverable-driven teams to accomplish the larger mission
A humble expert and a team player, must work well with others
Ability to learn new technologies independently
Able to create and publish in-depth technical reports and executive briefs on computer/network intrusions, intrusion attempts and brief senior leadership
Proven understanding and in-depth knowledge of Microsoft platforms and system administration
Knowledge and hands on experience with regular expressions and other scripting languages (e.g., Perl, Python, Unix/Linux shell, and PowerShell)
Experience with Intrusion Detection Systems (e.g., Snort/Sourcefire), writing specialized and unique detection signatures
Ability to articulate technical concepts to non-technical consumers clearly and concisely
Be able to work occasional nights and weekends (when necessary)
Demonstrated capability to work with little management oversight must have strong personal initiative
Have a strong desire to grow technically and professionally
Familiarity with offensive attack sequences and defensible security
Experience with writing and editing technical documentation and operational procedures
Working with visualization software such as Maltego, and i2
Working knowledge of desktop word processing and communications software (Microsoft Office, Visio, Project, PowerPoint, Excel, etc.)
Possession of one or more industry standard certification such as CISSP, CISM, GCIH, CEH, GCFA, and GREM

Global Head of Cyber Threat Intelligence Resume Examples & Samples

Provide timely and actionable threat intelligence in line with the business objectives of the firm
Provide regular written and verbal threat briefings and presentations to senior executives and the Board of Directors
Develop and implement a proactive program to improve intelligence gathering, analysis and dissemination
Work in close collaboration with peers in the cybersecurity organization to accelerate the ability to uncover and track advanced cyber threats
Adopt and institutionalize standard threat analysis and assessment models
Significant integration with Cyber Technology and Engineering to ensure operational capabilities are aligned to the threat environment

Cyber Threat Intelligence Technical Analyst Resume Examples & Samples

Assist in the resolution of events by identifying root cause and solutions
Ability to locate and assimilate new information to provide context for security events
Bachelor’s degree in Computer Science, Information Systems, Engineering or related field
6+ years experience in one or more of the following
Deep understanding of Event monitoring and SIEM rule creation
Deep understanding of IDS, Firewalls, network monitoring sensors and rulesets
Deep understanding of Endpoint controls and monitoring
General networking knowledge and troubleshooting skills
Experience with Splunk Enterprise Security

Cyber Threat Intelligence Program Consultant Resume Examples & Samples

5+ years of experience in Cyber threat intelligence activities, including technical and strategic analysis, reporting writing, and support to security operations
Experience in a security operations environment
Experience with other security functions that may reside in an organization, including vulnerability and patch management, risk management, penetration testing or red teaming, application security, security architecture, or other areas
Experience with threat intelligence technologies, including graphing and link analysis tools, such as Maltego, commercial or open source collection tools, such as threat intelligence platforms, and industry–standard data sources, such as VirusTotal
Knowledge of standard monitor, detect, and respond security operations
Knowledge of foundational threat intelligence analysis frameworks, inclduing the Diamond Model and Kill Chain
Ability to articulate how intelligence consumes information from or provides information to these various functions to enable better security
Ability to demonstrate analytical expertise, close attention to detail, excellent critical thinking, logic, and solution orientation, and learn and adapt quickly
Ability to be comfortable with briefing managers and C–suite level audiences
BA or BS degree in Computer Science, Cyber Security, or IT
Experience with consulting in fast–paced commercial environments
Ability to develop high–quality, polished client deliverables
Ability to quickly assimilate into a client team and quickly get up to speed on client technologies, personnel, processes, and challenges
Relevant Information Security Certifications, including CEH, CHFI, Security+, Network+, Linux+, GWAPT, LPT, GPEN, GMOB, GAWN, GXPN, GCIA, GCIH, CISSP, or similar

Cyber Threat Intelligence Triage Team Lead Resume Examples & Samples

10+ years experience in cyber threat intelligence
3+ year managing a team
3+ years working in a 24x5 operational environment
Experience working in a Security Operations, Incident Management or Fusion Center operation
Work in a tactical/technical role cultivating intelligence sources, analyzing information, creating intelligence, and hunting for exposures or related incidents
Coordinate triage analysts in a follow-the-sun model to provide consistent support for Cyber Security Operations
Contribute to daily internal stand-up calls, providing intelligence briefings to CSO leadership
Work within the CTOC to facilitate communication with internal teams and minimize response times for critical events
Lead team of triage analysts responsible for collecting, assessing, and prioritizing threats, and then communicating that assessment in a manner that accurately conveys urgency, severity, and credibility
Drive and coordinate recommended actions that strengthen controls
Implement an established Escalation Matrix to determine report priority and messaging to senior executives throughout Global Information Security (GIS) and the lines of business, and escalate issues to management in a timely manner with appropriate information regarding risk and impact
Continually and consistently review triage processes to identify reforms that could add to increased speed, efficiency and accuracy in reporting
Ensure immediate notifications are followed by in-depth coordination and collaboration with control owners and appropriate business partners and lines of business
Participate in technical bridge lines to facilitate the identification, mitigation and containment of cyber-security incidents

Cyber Threat Intelligence Analysis Mgr Resume Examples & Samples

Lead and take action on a diverse range of technical and threat information, conduct deep-dive analysis to draw out trend analysis and context, drawing relevant conclusions and assessment. Continual added value is essential
Increase Barclays ability in the technical analysis of information in order to generate actionable intelligence to prevent cyber-attacks against Barclays
Develop additional skills and capability to deliver team objectives, identifying needs and making opportunities to fulfil these. Contribute to the growth of the team’s technical capability and delivery by utilising (learning if necessary and) suitable tools and analysis
Represent Barclays as part of trusted forums and official information exchanges including at external meetings attended by senior representatives from the finance, cross sector and government as required
Ideally 5-7 years of experience of working with analytical tools and capabilities used for Cyber intelligence Analysis
Knowledge of security network architectures (e.g. Firewalls, DMZ, proxies, DNS, web and mail servers) and the principles of network security
Dynamic, Behavioural malware analysis and being able to interpret their findings as well as from vendor reporting
An understanding of basic log analysis: including web, proxy, windows event logs, NIDS and HIDS logs
Experience in correlating events from different sources in order to draw up the chain of events
Experience of intelligence processes and procedures with experience of multiple source intelligence research, analysis and reporting at both tactical and strategic levels
Familiarity with Python/Perl/Bash scripting and database languages such as SQL
Proven open source intelligence gathering capabilities from a cyber perspective
Experience of interpreting security events and adding context to these
Experience of using data analytical tools and platforms such as i2, Palantir, Maltego

Global Cyber Threat Intelligence Lead Resume Examples & Samples

Strong understanding of networking protocols and infrastructure designs; including routing, firewall functionality, host and network intrusion detection systems, encryption, load balancing, and other network protocols
Experience with log analysis, traffic flow analysis and experience with associated infrastructure and systems to aid in the identification of malware or other malicious behavior
Experience utilizing a broad array of security tools including Security Information and Event Management (SIEM) system, intrusion detection systems, web proxy systems, routers, switches, firewall deployment and other tools used to assess network security
Demonstrated knowledge of techniques used to analyze network traffic for malicious activity and perform packet analysis
Maintain partnership and memberships to coordinate with appropriate sources within the intelligence community regarding possible security incidents
Identify, extract, and leverage intelligence from APT or other advanced intrusion attempts
Construct and exploit threat intelligence to detect, respond, and defeat advanced persistent threats
Manage, share, and receive intelligence on adversary groups
Demonstrated ability to work in a team environment both in-person and remotely
Ability to effectively prioritize tasks and work independently with minimal daily management interaction
Excellent written and verbal communication skills, analytical ability, strong judgment and leadership skills, and the ability to work effectively with peers, IT management and senior leaders
Ability to participate in customer and partner facing meetings and projects, including those that involve technical topics or technical service delivery
Strong analytical skills and ability to creatively challenge current methods and procedures
Ability to operate and contribute effectively as a remote member of a global Information Protection team
Ability to obtain a strong understanding of the technical details involved in current APT threats and exploits involving various operating systems, applications and networking protocols
Scripting in languages such as Python, Perl, Powershell and a deep understanding of command line across Linux, Unix, OSX, Windows, etc
Industry recognized certification in cyber security such as GCIA, GCIH, CISSP or similar are a plus but experience is preferred
Networking certifications (e.g. CCNA - Security, CCNP) and demonstrated practical experience
Military/Government experience performing Cyber Threat Intelligence work
Multi-lingual – Mandarin, Russian, Korean, Arabic

Senior Cyber Threat Intelligence Analystlocation Resume Examples & Samples

Develop and refine new intelligence requirements for specific projects or issues
Provide targeting analysis in support of all source collection activities
Exploit large quantities of data and discover relationships and patterns
Use knowledge, creativity, and analytic tradecraft best practices to obtain solutions to complex problems where analysis of situations or data requires an evaluation of intangible variables under conditions of uncertainty
Research and craft analytic papers on strategic, geographical, and functional topics
Develop a sophisticated understanding of cyber threat capabilities and intentions
Identify new threat TTP and signatures used by cyber threat actors
Participate in trend / correlation analysis and scenario forecasting at both the tactical and strategic level
Participate in red teaming, war-gaming, and/or exercise development and execution
Respond to ad-hoc vulnerability and threat related queries from technology and business users
Ensure timely response to all suspense deadlines and administrative actions
Responsible for maintaining confidentiality and ethics within the framework of the engagement
Understanding of cyber threat issues such as computer intrusions, malicious code, cyber terrorism, threat finance, money laundering / fraud / eCrime, and other criminal activity
LI-MW1

Cyber Threat Intelligence External Liaison Manager Resume Examples & Samples

Sets the global strategy for external liaison management with the goal of improving information and knowledge pertaining to cyber threats that could impact the firm, including its customers, associates and/or facilities
Manage day-to-day operational aspects of CTI External Liaison Team with staff in EMEA and ASPAC; provide leadership and manage staff
Organizes, plans, develops and maintains relationships with new and existing external partners
Actively engages in liaison activities with regional government intelligence communities, financial Industry Associations, peer financial institutions, colleges and universities, researchers and information sharing communities
Facilitates two way information sharing and active collaboration with external partners
Ensures external partners are aware of the firm’s Standing and Priority Intelligence Requirements
Facilitates sensitive information sharing with Intelligence Communities and Law Enforcement Agencies
Maintain a working knowledge of the broad cyber threat and geopolitical landscape; help drive strategic and tactical priorities globally across the firm
Communicate complex topics effectively at all management levels of the organizations and educate and advise internal business and technical leaders regarding cyber threats and possible security solutions
Present intelligence reports to internal customers, lines of business, senior leadership and others as needed
Ability to communicate (verbal and written) with executives and stakeholders in non-technical terms while accurately encompassing risk, impact, likelihood, containment and remediation activities, and threat actor techniques, tactics and procedures
Ability to handle multiple work efforts in a fast-paced environment and to be able to quickly change direction as needed
Proven experience with cyber threat intelligence related activities
Ability to work in a strong team-oriented environment with a sense of urgency and resilience while being a self-starter and able to work independently
Ability to work effectively with technical and non-technical business owners
Bachelor’s degree or higher-level education
Technical or information security certifications are a strong plus
5+ year managing a team
5+ years working in a 24x5 operational environment
Experience working in a Security Operations or Fusion Center operation
TS/SCI clearance a plus. Candidate must be able to obtain a top secret security clearance

Principal Cyber Threat Intelligence Resume Examples & Samples

Create and lead a collaborative private sector intelligence community designed to provide a network of information partners in private industry to serve the global needs of the company
Work with fellow Technology teams to assess and mitigate threats to company assets and employees
Provide threat assessment services by collecting, evaluating and disseminating accurate and timely intelligence to appropriate leadership teams as well as technical staff
Manage relationships and networks of information that collect and analyze relevant tactical information and in turn, to communicate this to stakeholders as needed regarding threats as they develop
Use threat information to create security measures in order to assess vulnerabilities as well as mitigation strategies
Accomplish enterprise and department objectives and develop/deliver metrics
Conduct intelligence analysis by researching data from multiple intelligence sources
Work closely with the Incident Response, Security Delivery and Security Compliance leads to share information and build a strong eco-system for defending the organisation's information resources
Monitor a wide array of information sources to assist in intelligence reporting and network defense activities
Be responsible for the constant enrichment of security sensors with the applicable intelligence feeds
Monitor select security events and conduct regular reviews of log files, platforms, products and services
Perform incident response activities (triage, root cause analysis, escalations, notifications, communication, etc.) and develop strategies to contain and eradicate the incident, and recover operations effectively
Analyse threats to determine their impact to the digital footprint
Research relevant cyber intelligence feeds and contextualise findings to specific business risks
Track cybercrime and advanced threat activity and report on imminent and emerging threats as well as changes to the threat landscape
Administer the threat intelligence repository and ensures it is up to date
Analyse and research known indicators, correlate events, identify malicious activity, and discover new sources to provide early warning related to a variety of cyber threats
Bachelor Degree in any Technology would be highly preferred
Deep expertise in cybersecurity threat intelligence i.e experience as a cyber threat specialist
Formal training as an intelligence analyst would be desired but deemed highly beneficial
Preferred certifications: GIAC Certified Intrusion Analyst (GCIA), Certified Ethical Hacker (CEH), EC-Council Certified Incident Handler (ECIH), GIAC Certified Incident Handler (GCIH), or GIAC Certified Forensic Examiner (GCFE)
Current Government Security Clearance a plus, as candidates will be expected to obtain a high level clearance in this role
Demonstrated English writing and presentation abilities to in turn present the analysis to large groups on a weekly basis
Strong proficiency and recent experience performing NETFLOW and PCAP analysis using common analysis tools (examples include Wireshark, Splunk, ChopShop, Dshell, Network Miner, Moloch,)
Self-starter with the ability to proactively engage and develop relationships with intrusion set subject matter experts and analyst counterparts across the Intelligence and Law Enforcement communities
Experienced with Cyber Kill Chain framework and have previously tracked or traced campaigns
Thorough understanding of malware analysis and detection techniques is required
A Programming background in languages such as Java, Python, Ruby, Javascript and PHP is desirable
Strong technical understanding in the following areas