Cyber Threat Resume Samples
4.6
(87 votes) for
Cyber Threat Resume Samples
The Guide To Resume Tailoring
Guide the recruiter to the conclusion that you are the best candidate for the cyber threat job. It’s actually very simple. Tailor your resume by picking relevant responsibilities from the examples below and then add your accomplishments. This way, you can position yourself in the best way to get hired.
Craft your perfect resume by picking job responsibilities written by professional recruiters
Pick from the thousands of curated job responsibilities used by the leading companies
Tailor your resume & cover letter with wording that best fits for each job you apply
Resume Builder
Create a Resume in Minutes with Professional Resume Templates
CHOOSE THE BEST TEMPLATE
- Choose from 15 Leading Templates. No need to think about design details.
USE PRE-WRITTEN BULLET POINTS
- Select from thousands of pre-written bullet points.
SAVE YOUR DOCUMENTS IN PDF FILES
- Instantly download in PDF format or share a custom link.
VM
V Murazik
Velva
Murazik
979 Jonas Stravenue
Los Angeles
CA
+1 (555) 422 1459
979 Jonas Stravenue
Los Angeles
CA
Phone
p
+1 (555) 422 1459
Experience
Experience
Detroit, MI
Cyber Threat Hunter
Detroit, MI
Purdy Inc
Detroit, MI
Cyber Threat Hunter
- Familiarity with performing Ethical Hacking of both web applications and their associated platforms (e.g., J2EE, .Net, Apache, IIS, Websphere, etc.) and infrastructure elements (e.g., Windows/Linux operating systems, Oracle/SQL servers, firewalls, routers, switches, etc.)
- Routinely conduct investigations into security data analytics use case findings; provide feedback to and work with data engineer and data scientists in order to develop and harden models
- Contribute to the tuning and development of security information and event monitoring systems (SIEM) use cases and other security control configurations to enhance threat detection capabilities
- Familiarity with threat modeling, development of attack plans, performing manual & automated Ethical Hacking, & develop proof of concept exploits
- Create scripts to automate and improve manual processes
- Perform risk analysis, attack simulation, application-level automated & manual Ethical Hacking and develop proof-of-concept exploits
- Proactively 'hunt' for potential malicious activity and incidents across multiple customers using advanced threat network and host-based tools
San Francisco, CA
Cyber Threat Engineer
San Francisco, CA
Rempel and Sons
San Francisco, CA
Cyber Threat Engineer
- Implementing and managing the tools necessary to support the team’s mission
- Analyzing potential threats against the bank’s computing environment
- Perform cyber security threat engineering activities with specific focus on countermeasure Tactics, Techniques and Procedures (TTPs)
- Participate in team problem solving efforts and offer ideas to solve client issues
- Develops new detective and investigative capabilities using current technical solutions
- Identify opportunities for efficiencies in work process and innovative approaches to completing scope of work
- Provide technical engineering support and research in the area of advanced persistent threats (APT), software assurance (SwA) and threat replication
present
Los Angeles, CA
Cyber Threat Specialist, Associate
Los Angeles, CA
Weber, Shields and Abernathy
present
Los Angeles, CA
Cyber Threat Specialist, Associate
present
- Perform hunting for malicious activity across the network and digitalassets
- Create, manage, and dispatch incident tickets
- Create and continuously improve standard operating procedures used by the SOC
- Create and continuouslyimprove standard operating procedures used by the SOC
- Perform hunting for malicious activity across the network and digital assets
- Perform payload analysis of packets
- Collaborates with technical and threat intelligence analysts to provide indications and warnings, and contributesto predictive analysis of malicious activity
Education
Education
Bachelor’s Degree in Computer Science
Bachelor’s Degree in Computer Science
University of Delaware
Bachelor’s Degree in Computer Science
Skills
Skills
- Able to travel up to 25%
- Working knowledge of threat intelligence
- Integrate vulnerability management program into other related disciplines where appropriate
- Working knowledge of vulnerabilities, exploitation, and threats to an organization
- Improve and expand vulnerability detection methods and processes across traditional and extended network perimeters
- Create and supports metrics that vulnerability status and progress over time
- Ability to script and write programs for automation and processing of data
- Ability to generate Indicators of Compromise or Experience with systems the create, store, or process threat intelligence
- Ability to analyze exploits
- Ability to execute and perform penetration tests
15 Cyber Threat resume templates
Read our complete resume writing guides
1
Cyber Threat Engineer Resume Examples & Samples
- Common lines of business middleware applications
- Desktop operating systems and MS Office applications
- In depth understanding of troubleshooting applications and operations systems with many interdependencies
- Application platform area
- Information security tools such as vulnerability scanners
2
Cyber Threat Engineer Resume Examples & Samples
- Responsible for threat detection and prevention
- Maintains knowledge of security laws, principles, practices, and best practices. Must remain current with emerging threats and trends
- Assists teams in various security and privacy risk mitigation efforts; including incident response
- Evaluates new security technologies and products and performs engineer-level work and analysis to determine if solutions should be pursued
- Acts as a mentor to train and develop our Cyber Threat Center staff
- Conducts forensic investigations for HR, Legal, or incident response related activities
- Develops new detective and investigative capabilities using current technical solutions
- Grows cyber intelligence capabilities and networks
- Works with various business units and technical disciplines in a security consultant role for cyber threats
- Performs data analysis and threat research/hunting activities
- B.S. in Computer Science, MIS, or related degree and a minimum of seven (7) years of related experience in Information Security or an equivalent combination of education, training and experience
- Network and endpoint forensic technologies: e.g. FTK, EnCase, NetWitness
- SIEM technologies: e.g. SecurityAnalytics, Nitro, Q1, EnVision, SPLUNK
- Malware analysis technologies: e.g. FireEye, GFI ThreatTrack, ThreatGrid, debuggers
- Threat and vulnerability analysis and assessment technologies: e.g. QualysGuard, Rapid7/Metasploit, OpenVAS)
- Penetration testing and vulnerability exploitation
- Technical knowledge of operating systems: Windows, UNIX, and Macintosh
- Middleware applications
3
Cyber Threat Response Resume Examples & Samples
- Investigate computer security incidents
- Improve the detection, escalation, containment and resolution of incidents
- Enhance existing incident response methods, tools and processes
- Maintain knowledge threat landscape
- Monitor open source intelligence (OSINT)
- Perform malware analysis and reverse engineering
- Experience in web site and web application security assessment or penetration testing
- Ability to develop and maintain professional contracts in the security community
- Excellent writing and presentation skills are required to communicate findings and status
- Security tools development
- Foreign Language skills in Russian or Chinese
4
Cyber Threat Manager Resume Examples & Samples
- Oversee, maintain and direct the capabilities related to the Managed Security Services Provider (MSSP) services and solutions provided to Disney
- Conduct threat, trend and intelligence analysis of network traffic from multiple network devices as well as host based IPS and Antivirus
- Conduct a cyber threat assessment of incident and commercially available information to identify potential company wide detective measures for suspicious or network anomaly behaviors
- Identify detective security gaps within the network with a recommended approach to fill the gap
- Monitor and advise on information security issues related to the systems and workflow at TWDC to ensure the internal security controls are appropriate and operating as intended
- Drive the research, test, create, and recommend Intrusion Detection System signatures and user-defined events
- Recognize and assess network behaviors that are indicative of hacker exploitation methods
- Use a SEIM tool to find network anomalies, create graphical representations and trend reports of network traffic
- Provide subject matter expertise in signature development and tool usage in support of customers, and/or other business partners
- Test, evaluate and recommend new software tools from multiple vendors to aid with enhanced and effective detection
- Prepare and present network threat briefs to team members and leadership on new signature development and detection status based on ongoing threats
- Develop, distribute or share detective measures and ideas with other BU’s to increase their detection effective
- Collate security event data to produce monthly systemic Trends or issues requiring correction or potential investigation
- Evaluate new requirements and exercise judgment in recommending procedures for using the SEIM to solve advanced system security problems
- Coach security analyst on optimal ways to implement core SEIM solutions including, reporting, rule development, and analysis
- Recommend approaches in SEIM to create baselines, implement endpoint groupings and configure essential relationships between different technical platforms
- Provide technical guidance to resolve complex security related threats regarding detection or prevention
- Be acutely familiar with Standard Security Frameworks and Repositories (NIST NVD, OVAL, CVSS, CVE, CCE)
- Provide data analysis support to the Incident Response Team when analytical support is needed
- Support investigations with respect to forensics (including disk, email and web history), as appropriate
- Respond to and, where appropriate, resolve or escalate reported security incidents
- Provide input to project plans for implementation of additional capabilities or enhancement
- Minimum 10 years of practical technology experience with 7 years in an information security discipline
- Must have thorough knowledge of information security components, principles, practices, and procedures
- Must have thorough knowledge of web application, infrastructure, and Internet security along with a general understanding of common operating systems, networking protocols, database, and application development
- Must have experience in digital analysis, such as computer and network forensics
- Ability to manage multiple priorities and work effectively in a fast-paced, high volume, results driven environment. Ability to rapidly assess a situation and identify, isolate and communicate problems and issues
- Excellent communication skills (both oral/written) including ability to clearly communicate risks and risk management issues to technologists and non-technologists
- Ability to investigate complex scenarios and solve problems
- Must be a strong technical writer
- Experience operating and leveraging a SIEM
- Experience with DLP platforms
- Experience with industry standard forensic and digital analysis tools
- One or more Information Security certifications (e.g. CISSP or GIAC) preferred
- Certifications and training in incident response, computer forensics and related is preferred
5
Lead Consultant, Cyber Threat Management Resume Examples & Samples
- PAR process and financial knowledge related to technology
- Conflicts and issues resolution and escalation
- Strong negotiation skills
- Design, deployment, optimization of Enterprise Security solutions and services e.g. Cyber Threat Management & Intelligence, Security Analytics solutions, SIEM, Malware detection & analytics, APT detection and containment etc
- May have to manage staff… dependent on portfolio
6
Tower Lead-cyber Threat Reduction Resume Examples & Samples
- Assisting AM’s CISO in developing the AM Information Security organization
- Identifying cyber threats and risks
- Conducting impact assessment
- Conducting vulnerability assessment
- Prioritizing responses
- Mitigating third party security risks
- Performing security assessments
- Prioritizing enhancement activities
- Reducing and responding to cyber vulnerabilities
- Experience with Risk Management systems and methodology
- IT experience with the ability to articulate and document infrastructure support and operational processes, tools and monitoring agents
- Proven track record within infrastructure threats and risks, impact assessments and incident response tactics, as well as security assessments
- Ability to drive cyber and data protection programs and evolve with the ever-changing threat landscapes
- Must demonstrate efficiency and speed in finding, assimilating and synthesizing information, while under pressure
- Strong team player who collaborates well with others to solve problems and actively incorporates input from various sources
- Excellent written and verbal communications and organizational skills
- In-depth knowledge of information lifecycle management and data loss prevention implementation
- Knowledge of the following regulations / regulatory bodies: Swiss PI, MAS, HKMA, FIA, Bahamas Banking Authority
- Experience within the Brokerage Investment Management and Banking space, a plus
- Solid understanding of mobile devices security
- Proficient in Microsoft Office Suite including Word, Excel and PowerPoint
- Proficient in SharePoint and other documentation management systems
- In-depth knowledge and understanding of defense , layered network and data security architectures
- Information Security lifecycle experience
- Data leak prevention implementation experience
- In-depth understanding of regulatory policies and requirements within the Privacy and Data Domiciles
7
Senior Program Manager for Cyber Threat Management Resume Examples & Samples
- Managing all aspects of a program, which includes project planning, execution, timing, quality, cost and early identification of potential issues
- Providing the stakeholders with transparent, accurate and regular information regarding the program status
- Managing a team of experienced Project Managers, either directly or as part of a matrix organization, ensuring efficient use of resources
- Identifying and managing senior stakeholders and clients, evaluate their interests and establish effective communication
- Ensuring compliance with SDLC principles and standards
- Embed Risk Awareness by designing and operating an effective control environment, proactively identifying and raising control deficiencies and driving diligent and sustainable risk remediation
- We are looking for candidates who think and act beyond own area of responsibility and actively drive and support the organizational development (e.g. transformation programs, process-and product improvements, coaching of staff, etc.)
- The role holder contributes considerably to the achievement of financial results, secure cost and efficiency savings and progress the bank's reputation and consider associated risks. They have strategic impact through a key function within a business unit or a major department and have extensive (technical) expertise within their functional area
- 10+ years of IT Program / Project Management experience in Infrastructure and/or Security department
- 5+ years' experience managing large scale IT Change Programs (30+ people)
- 5+ years' experience managing complex projects and programs
- Strong understanding of Software Development Lifecycle (SDLC); including operating within a SaaS environment
- Extensive leadership, strategic and execution level experience combined with a strong record of delivering results and impact
- Strong infrastructure understanding
- Strong IT Security understanding
- Strong negotiating, influencing and change management skills
- Fluent in English and German
- Willing to travel (Zürich, London, Singapore, New York) around 5-10%
8
Cyber Threat Management Manager Resume Examples & Samples
- Have responsibility for delivering cyber engagements to our clients. This includes deliverables, budgets and timeframes are align to the quality standards of EY
- Be a trusted member of our well established and industry respected Cyber Security team
- Project Management across multiple concurrent technical Cyber Security engagements
- Work effectively as a self-managed team member; develop, coach and supervise team members, share responsibility, provide support, maintain communication and update senior Cyber management on engagement progress
- Evolve your skills to match cutting edge Cyber Threat Management trends
- Prepare and review client reports and presentations to an exceptional standard
- Prepare and deliver client proposals and other sales supporting materials to an exceptional standard
- Manage and develop client stakeholder relationships
- Manage and drive Cyber security staff recruitment, retention and development activities
- Work with business leaders to develop the cyber threat management and execute go-to-market plans
- A drive to build and grow your technical cyber security career to the next level
- A methodical approach to cyber threat management (designing and building capabilities)
- Security operations centre experience (in particular design and build)
- Threat intelligence experience (in particular threat intelligence framework)
- Threat modelling experience
- Attack and Pen testing experience
- Security analytics
- Network and host anomaly detection
- Operational Technology/Industrial Control Systems experience
- Security operations skills in assessment, design, architecture, management and reporting
- Experience with managing and delivery of technical security projects
- You'll have a minimum of 8+ years IT Security and 4+ years penetration testing or security operations experience, A Bachelors and/or post graduate degree in computer science, information systems, engineering, or a related major
- You should hold or be willing to pursue related professional certifications such as CISSP, OSCP, SANS, CISM etc
9
Cyber Threat Engineer Resume Examples & Samples
- Role is focused on long term vision for the overall Cyber Threat Center (CTC) and accomplishing the goals set forth to ensure the group is successful in protecting the firm
- Heavy involvement in project based initiatives that support the various sub –units in the CTC
- Incumbents will need to understand how the CTC works and apply that knowledge to define problems, design solutions, engineer systems and deploy products for the benefit of the CTC
- Daily responsibilities include
- B.S. in Computer Science, MIS, or related degree and a minimum of three (3) years of related experience in Information Security or an equivalent combination of education, training and experience. Preferred experience includes a minimum of two (2) years in conducting Cyber Network Defense, security engineering and experience with incident response methodologies, scripting and content creation across varied technologies
10
Cyber Threat Management Lead Resume Examples & Samples
- Minimum Bachelor Degree
- Minimum 10 years of experience
- Possess CISSP, CEH, or equivalent professional experience
- Deep IT security expertise, including familiarity with all aspects of cyber incident management, offensive and defensive technologies, intelligence gathering, forensics, reverse engineering, malware, attack patterns, abuse cases, and past incidents
- Business understanding sufficient to correlate attackers’ motives to business impacts for risk management
- Management of a regional part of a 24/7 operation in cyber threat management
11
Cyber Threat Management Lead Resume Examples & Samples
- Lead the area of cyber threat management across the region, providing direction in collaboration with Legal, HR, corporate security, and leadership across brands and functions. 20% of time
- Operate the Cyber Threat Management function in the region with complete accountability. The APAC Regional Head of Cyber Threat Management is expected to operate the function independently under the oversight of the Global Head of Cyber Threat Management. 20% of time
- Stop and mitigate complex attacks to protect ELC. This will require emergency decisions in response to active attacks outside of routine technology processes. 30% of time
- Execute on key operational decisions with potentially high impact affecting attacks and threats facing ELC. These include but are not limited to spam campaigns, malware campaigns, criminal operations, and nation-state operations. 20% of the time
- Manage the regional budget covering the Threat Management space. Budget management includes assessing growth (or contraction) needs and making appropriate business cases to justify changes with support from business leadership. 10% of time
12
Cyber Threat Defense Analyst Resume Examples & Samples
- Review alerts escalated by end users
- Initial and advanced alert analysis
- Coordinate with SOC response team to accept feedback on previous escalations
- Working in 24/7 shifts (12 hours)
- Knowledge of network security zones,Firewall , ID/PS and other security technologies
- Knowledge of log formats
- Experience with SIEM tools
- Experience with security assessment tools and their reports
- Experience with Qradar SIEM solutions
13
Cyber Threat Vulnerability Manager Resume Examples & Samples
- Risk Management: Interact with management to determine acceptable levels of risks as the business model and risk profile changes and align the security program accordingly
- Security policies for the bank: Be aware of and review the security features of new information security practices, systems and business services to ensure that they meet the security requirements of the existing policies. Review and propose changes to existing policy as external emerging issues and conditions warrant
- Support or direct enterprise level information security related functions such as: Firewall Administration, Intrusion Detection, Communications, Incident Response, RACF, Encryption, Access Control, Threat Management, Cyber Forensics, and other security related functions as required. . Make recommendations for improvements to the program, respond to alleged policy violations and act as participant in event of a breach. Ensure communications to the CISO, and other senior level officers, are accurate and timely
- Plans and develop departmental budgets in accordance with established guidelines; administer compliance to meet budgetary goals and negotiates changes as required
- Demonstrated SME level knowledge in one of the following areas: Firewall Administration, Intrusion Detection, Communications, Incident Response, RACF, Encryption, Access Control, Threat Management, or any other security-related field
- Strong oral and written communications skills; strong presentation and marketing skills
14
Director Cyber Threat Response Resume Examples & Samples
- Assessment of program maturities; help drive planning for improvements; track telemetry and metrics
- Implement and operationalize a new counter threat capability within CME Group, providing a standard set of intelligence-based products from foundational and extended services that preempt, respond, assess, and pivot among threat intelligence sources, internally generated data and correlated analysis among all services
- Develop a robust communications plan for all levels of the organization
- Support information security risk processes with threat data and value-add analysis
- Locate and develop CTR staff and expand CTR operations capabilities, including globalization, 24X7 coverage, and disaster recovery ability. Leverage external firms where necessary to gain deeper understanding of counter intelligence best practices and develop a road map for future improvements to the program
15
Principal Engineer, Cyber Threat Hunter Resume Examples & Samples
- Network and system integrity testing (i.e., searching for possible unauthorized behavior/signs of compromise)
- Identify and perform escalations to the Security Incident Response team
- Provide support in the detection, response, mitigation, and reporting of cyber threats affecting client networks with the ability to evaluate IT environments and identify security goals, objectives and requirements
- Routinely conduct investigations into security data analytics use case findings; provide feedback to and work with data engineer and data scientists in order to develop and harden models
- Collaborate with security data analytics and security intelligence team
- Demonstrated coding experience in at least one of the following Bash, Powershell, Python, Javascript, PERL, or Ruby
- Demonstrated technical experience with Networking (eg. data flows, architecture, protocols, traffic analysis, wireless, etc)
- Familiarity with performing Ethical Hacking of both web applications and their associated platforms (e.g., J2EE, .Net, Apache, IIS, Websphere, etc.) and infrastructure elements (e.g., Windows/Linux operating systems, Oracle/SQL servers, firewalls, routers, switches, etc.)
- Experience working with security intelligence, data analytics, security incident response, and forensic investigation teams
- Red Team/Blue Team/Pen-Testing experience required
16
Cyber Threat Assessment Risk Analyst Banking Resume Examples & Samples
- Establish firm wide Cybersecurity risk policies
- Map the banks network systems for cyber security risk, build out key measures to provide a picture of cyber risk and establish a policy to identify and prioritize cyber risk
- Write the firms Cybersecurity risk assessment plan and implement a risk audit methodology
- Write the firms risk oversight and assessment plans for information technology related functions including information security, cyber security, information systems, data management, and IT operations
- Provide the leadership, analysis skills, and innovative thinking necessary to enhance and carry out the Company’s Enterprise-wide Risk Management (ERM) Cybersecurity Policy and Risk Framework
- Review and analyze risk and control self-assessment results
- Perform risk assessments and control analysis
- Provide risk reporting for key stakeholders that includes metrics, emerging risks, industry trends, and other risk indicators
- Advise the business lines on matters regarding technology risk and controls
- Work with others in Operational Risk Management to ensure that risks related to technology functions are being adequately covered throughout the organization
17
Cyber Threat Mitigation Analyst Palo Alto & Wildfire Resume Examples & Samples
- Manages Palo Alto with Wildfire and Cisco ASA security platforms
- Looks for threat and create mitigation scenarios and strategies
- Analyzes firewall rules for risk and exposure rankings
- Works with vulnerability and incident teams to discover and eliminate attack vectors
- Manages segmentation access control initiatives based on business needs
- Continuously assesses network traffic for normality and look for anomalies
- Makes recommendations on network access control practices
- Updates Risk tracking system with rules risk rankings
- Mentors fellow crew on PAN and Cisco systems
- Bachelor’s degree in information technology, computer science or related field or equivalent experience
- 5 years minimum with enterprise network security systems
- Must have expert level experience with Palo Alto enterprise security platform with Wildfire
- Must be able to create threat mitigation scenarios based on attack models and attack vectors, experience creating threat mitigation system requirements
- Ability to analyze and design network systems to achieve efficient and secure operations
- Expert level experience with other network security platforms, such as Cisco, BlueCoat, McAfee, F5 or Sourcefire
- Experience with Skybox Solutions
- Expert level experience with enterprise-level network threat mitigation design and deployment
- Expert level experience with network routing protocols (ex. OSPF, EIGRP, BGP) and security protocols (ex. SSL, TLS, IPSEC, PKI, Kerberos, PGP)
- Expert knowledge of TCP/IP, including packet-level traffic analysis
- Confident in preparing materials and presenting them to senior management
- Design, setup and monitoring of DMVPN cloud over global BGP MPLS and regional internet DMVPN clouds
- Engaging problem solving, and verbal/written communication skills
- Experience working in large enterprise networks is desired
- CISSP is required along with one of the following Networking Security certifications CCIE (Security Preferred) or PCNSE6
- Ability to remain calm and professional while working in a high pressure incident situation
18
Cyber Threat Resistance, VP Resume Examples & Samples
- Responsible for security operations; cyber threat defense; incorporation of intelligence feeds; selection, installation, care and feeding of information security technologies; participation in security audits and assessments
- Assist the Deputy CISO in the education of company staff on security risks, cyber threats, vulnerabilities, and mitigation methodologies and strategies
- Stand in for the Deputy CISO as required in executive meetings, customer interactions, government briefings, and other meetings as assigned
- Work closely with other VP members of the Global Security team to accomplish team goals and objectives, and liaise among corporate compliance, audit, legal and HR management teams as required
- Lead, recruit, manage, mentor a team over multiple geographic locations
- 10+ years combined experience in information security, IT, risk management
- 5+ years experience leading cross-functional, interdisciplinary teams to achieve tactical and strategic goals
- 5+ years experience working with global security issues, such as privacy and country specifics risks on intellectual privacy
- Professional security management certification required, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA)
- Active Security Clearance: Top Secret or Top Secret-SCI
- US Government or US Military experience
- Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and nontechnical audiences
- Executive presence and ability to interface with senior company leaders as well as senior management of Customers; ability to explain and defend the security posture, actions and strategies
- Excellent analytical skills, the ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives
- High level of personal integrity, as well as the ability to professionally handle confidential matters, and show an appropriate level of judgment and maturity
19
Cyber Threat Vulnerability Manager D Resume Examples & Samples
- Privacy/Protection: Provide the necessary subject matter expertise and ensure the implementation of the information security architecture, risk management standards, best practices and systems/processes to ensure information privacy/protection
- Monitoring of security procedures and practices: Review on a timely basis the various analyses of the reports and logs available. Review the recommendations for noted irregularities
- Ensure adequate security for new business services and systems: Assist in the development of scenarios of usage, test for abnormalities or exposures. Prepare documentation to augment vendor materials that include local enhancements and implementations
- Regulatory/Legal/Corporate Compliance: Stay abreast of all information security related laws and regulations to ensure compliance to them. Ensure compliance to corporate policies
- Make recommendations for assigned personnel regarding employment, career development, performance evaluations, salary changes, promotions, transfers and terminations within established policies and guidelines
- Bachelor's degree in computer science, business, or related discipline, or equivalent education and related training
- Certification in information security fundamentals (GISF or higher)
- Seven years experience in IT, of which at least three years was in the information security field in a leadership/supervisory position
- 30%/70%business/technology acumen
20
Cyber Threat Intel Analyst Resume Examples & Samples
- Tracks, reports, manages, and remediates threats against the Agency
- Performs assessments of the Agency’s security posture
- Participates on Incident Response teams as a threat/forensic subject matter expert
- Manages multiple investigation requests through the entire life cycle of initiation, data collection, analysis, and data production
- Recommends and tracks the application of fixes, security patches and updates at an Agency level
- Produces reports on exploits, vulnerabilities, and patches
- Works with customers, vendors and NASA Centers for problem resolution
- Standardizes process and procedures and provides input for continual improvement
- Develops and maintains comprehensive documentation
- Maintains expert knowledge of current attack vectors, attacker techniques, and threat tactics
- Experience producing reports and briefs on the current threat landscape and associated risks
- Experience monitoring third party security related websites, forums and social media sites for information regarding vulnerabilities and exploits
- Familiarity with Splunk, Maltego, Qradar, ArcSight, Snort, Wireshark
- Programming skills a bonus: Python, Java, Perl
- CISSP, CEH, GPEN, OSCP or similar security certifications
21
Cyber / Threat Fusion Analyst Resume Examples & Samples
- Demonstrate experience in IC reporting of cyber threats
- Demonstrate expert-level knowledge of network traffic and communications, including known ports and services
- Demonstrate a knowledge of the Windows operating system, knowledge in various Linux distributions and the Unix framework
- Demonstrates knowledge of the following security related technologies: IPS, IDS, SIEM, firewalls, DNS, encryption, HIDS, NIDS, proxies, Network Packet Analyzers, malware analysis, forensic tools, and enterprise level appliances
- Demonstrate an understanding of various open source and commercial analysis tools used for incident analysis, both network and host based
- Expert proficiency in conducting research and analysis, compiling relevant all source intelligence to incorporate in products briefings
- Demonstrate the capability to deliver presentations to senior leaders and in a conference setting
- Demonstrate expert ability to analyze and identify relationships and trends between incidents in the short term and patterns across incidents in the long term and report trend analysis in quarterly and yearly trend analysis reports
- Demonstrate the expert ability to write detailed technical reports that can be consumed by multiple types of consumers
- Demonstrate the capability to mentor junior analysts to incorporate intelligence into incident reporting to show relationships to known actors and significance of activity related to known world events
- Ability to extract actionable information and indicators from intelligence reporting and articulate to network defenders to update network security posture
- Bachelors of Science in Computer Science or Information Systems (6+ years experience in Incident Response in lieu of a degree)
- CEH or Sec+ or CND-IR or GCIA or GCIH certification
22
Cyber Threat Specialist Resume Examples & Samples
- Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC) experience
- Utility Industry experience
- Respects others and demonstrates fair treatment to all
- Perform hunting for malicious activity across the network and digital assets
- Respond to computer security incidents and conduct threat analysis as directed
- Identify and act on malicious or anomalous activity
- Perform initial investigation and triage for potential security incidents
- Provide accurate and priority driven analysis on cyber activity/threats
- Detonate malware to assist with threat research
- Provides input to assist with implementation of counter-measures or mitigating controls
- Ensures all pertinent information is obtained to allow for the identification, containment, eradication, and recovery actions to occur in a time sensitive environment
- Collaborates with technical and threat intelligence analysts to provide indications and warnings, and contributes to predictive analysis of malicious activity
- Create, manage, and dispatch incident tickets
- Maintain incident logs with relevant activity
- Establish and maintain excellent working relationships/partnerships with the cyber security and infrastructure support teams throughout the Information Technology organization, as well as business units
23
Cyber Threat Hunter Resume Examples & Samples
- Exploration and integration of new cybersecurity testing tools, processes, and capabilities
- Hands-on, collaborative cybersecurity testing of critical IT environments, applications, systems, etc
- Perform in-depth investigation of events of interest identified during threat hunt activities or security alerts received from various security technologies
- Proactively 'hunt' for potential malicious activity and incidents across multiple customers using advanced threat network and host-based tools
- Maintain and employ a strong understanding of advanced threats, continuous vulnerability assessment, response and mitigation strategies used in Cybersecurity operations
- Knowledge of malware families, botnets, threats by sector, and various attack campaigns and attacker methods, tools/techniques/practices
- Demonstrated experience with Windows and/or Unix/Linux operating systems including command-line tasks and scripting
- Familiar with common commercial and/or open source vulnerability assessment tools and techniques used for evaluating operating systems, networking devices, databases and web servers
24
Cyber Threat Data Engineer Resume Examples & Samples
- 5+ years of experience with working in software development or testing, enterprise architecture, and Linux, Hadoop, and Accumulo system administration
- 2+ years of experience with one or more software development languages, including Python, Scala, Java, Map/Reduce, or Spark
- 2+ years of experience with hands-on data research and data feed management
- 2+ years of experience with leading or coordinating software development, systems engineering, or network engineering
- Experience with using an Agile software development process, including daily scrums, sprint planning or review, backlog management, and collaborative development
- Experience with Linux administration commands and system navigation
- Knowledge of DoD theater NetOps centers
- BA or BS degree in CS, Engineering, or MIS
- IAT Level II Certification, including Security+ CE, GSEC, CCNA-Security, or SSCP
- 1-3 years of experience with developing an analytic program and capabilities within the DoD or an intelligence agency
- 1-2 years of experience as a DoDIN analyst or other network analyst tasked with monitoring, threat discovery, or forensic response to incidents
- 1-2 years of experience with one or more of the following: Map/Reduce, R or R/Shiny, Spark, ELK, including Elasticsearch, LogStash, or Kibana, Metron, or other open-source analytic capabilities that operate on a Hadoop or Accumulo cluster
- Experience with the setup and maintenance of transport from data source to central analysis cluster and working collaboratively with other teams, including data owners or infrastructure
- Experience with data research in a production environment using available tools, including Linux, Hadoop, or Accumulo
- Experience with personally executing or supporting inquiries, access issues, and data interpretations directly on a classified network
- Experience with engineering or configuring data triggers, models, and risk assessment scores based on detection requirements from operational experience and analyst feedback
- Ability to define missing tools and capabilities for the management of the analytic suite and data research tasks
- Ability to document analyst experience for reports of successful capability application or backlog features to implement improvements to overall capability
- Hadoop or HDFC Implementation and Management, Accumulo Analysis Implementation and Data Layer Security, Elasticsearch, LogStash, or Kibana (ELK), or other Open Source Big Data Capability Certification, including Apache Metron
- Scrum Master or other Agile Software Development Certification
25
Cyber Threat Intel Standards Intern Resume Examples & Samples
- Developing prototype systems and open source tools
- Familiarity with Python, Java, Ruby, or other programming languages
- Analyst experience in cyber threat intelligence
26
Managing Director, Cyber Threat Risk Manager Resume Examples & Samples
- Establishing the strategic direction and budget for the Threat Risk Management team
- Serving as a risk subject matter expert and point of contact for cyber risk officers
- Oversight of threat risk management at Citi including
- Establishing the taxonomy for standardizing the classification of cyber risks and management of the cyber risk threat library for the firm
- Assessment of threat impact to key information assets to calculate risk
- Identification of emerging threats and consumption of threat intelligence
- Key participant in various forums and other first line committees
- Developing processes for gathering, consuming, and sharing emerging threat information
- Strong understanding of cyber risk management and ability to effectively communicate cyber risk functions to executives
- Proven experience in identification of emerging and existing cyber risk themes across the industry
- Experienced with developing processes for gathering, consuming, and sharing threat intelligence
- Advanced understanding of intelligence analysis tradecraft and structured analytic techniques
- Demonstrated ability to develop and apply methodologies to assess threat issues
- Connectivity with the FS industry on emerging topics through industry associations and other focus groups
- Proven knowledge and experience in the area of cyber threat intelligence, incident response and malware research
- Experience with assessing potential impact of cyber threats to critical assets
- Deep understanding of threat mitigation tools and techniques
- Strong understanding of specific business areas and specific threats that may impact these areas
- Proven ability to communicate to all levels of audiences including Board of Directors, clients and business leaders
- Extensive liaison networks within and external to the financial services industry
- Ability to carry a security clearance to participate in government forums and private/public information sharing relationships
27
Cyber Threat Modeling Lead Resume Examples & Samples
- Develop an innovative enterprise threat model for the Intelligence Community
- Evaluate the existing community environment, government, and industry methodologies and tools
- Work with other IC components to enlist their support for a common method of exchanging cyber threat information
- Familiarity within the IC and the IC ITE shared services concept
- Understanding of current threat models available in government and industry
- Familiarity with IC ITE
28
Cyber Threat Engineer Resume Examples & Samples
- Relevant experience in a highly regulated industry (e.g. Govt., Energy and Utilities, Healthcare etc.)
- Knowledge of web application security and scripting languages (Python, PERL, PHP, and Shell)
- One or more industry recognized technical or security certifications such as SANs GSEC, Cisco Certified Network Associate (CCNA), Network +, Security +, etc
29
Cyber Threat Hunting & Analytics Lead Resume Examples & Samples
- Lead and prioritize incidents and cases escalated to the Cyber Security Threat Hunting Team and Content Development Team
- Train and onboard additional Team Members
- Create and maintain SLAs and metrics for Cyber Threat Hunting and content development
- Review and analysis of incidents escalated from Incident Response Team and conduct additional advanced investigative measures including content creation for tools
- Work closely with Threat Intelligence and Incident Response teams to proactively and reactively identify IOCs and additional content needed for hunting and response
- Create test content used for hunting and detection based on findings, threat intelligence and other sources for proactive threat identification
- Work closely with Threat intelligence team to create threat models and maps for operational and tactical threat identification and hunting
- Perform gap assessment reviews on network and system resources to identify threat vectors, this includes conducting a tooling reviews and providing recommendations
- Examine artifacts from network traffic and hosts to determine 0-day attack evidence
- Perform malware and deep dive analysis on incidents to determine all IOC’s and other technical activities occurred from the incident
30
Cyber Protection Team Cyber Threat Emulator Resume Examples & Samples
- Demonstrate an ability to methodically and pro-actively analyze problems and offer solutions
- Develop and employ TTPs and methodologies for emulating attack vectors and conduct in-depth forensics analysis on AF/DoD systems
- Understand and be well versed in common cyber threat terminology, vulnerability and penetration test principles and methodologies; possess basic knowledge of cyber incident and response, forensics and related current events
- Travel up to 30% with trips varying in length, as dictated by the customer
- Must possess or be willing to obtain GSEC or Security+ and have or be eligible for a TS/SCI
- Completion of the Offensive Security Certified Professional (OSCP) course a plus
- Must complete self-assessment questionnaire, customer pre-screen, skills assessment lab, and pass the training and certification program(s) as dictated by the customer, and remain mission ready qualified
- Travel up to 30% a year with trips varying in length, as directed by the customer
- Must possess/willing to obtain a Microsoft Certified System Administrator (MCSA) and Network+ certification within 6 months of hire
- Intermediate “hands on” experience with PowerShell and WMI capabilities; ability to operate and navigate the operating system from the command prompt with ease.System Architect-UNIX Role
- Intermediate “hands on” experience with Linux, SED, AWK, Perl, Python, Batch, or similar; ability to operate and navigate the operating system from the command prompt with ease
- Must possess/willing to obtain a Cisco Certified Network Associate (CCNA) or CCNA-Security
- Intermediate knowledge in packet analysis using Wireshark, TCPDump, Splunk, Elk, Bro, etc
- Must possess/willing to obtain a forensics (i.e., GCFA, GCFE, EnCE) certification within 6 months of hire
- Ability to operate and navigate the Windows and UNIX/Linux operating system from the command prompt/line with ease
31
Cyber Threat Data Engineer Resume Examples & Samples
- 4 engineers supporting a variety of tasks, including custom script creation, SQL query generation, and failed feed investigation. Review the full scope of data source needs, design the final end state for successful availability in the analytic platform, and define all tasks for execution by the team. Support the strategy lead in the effort and provide guidance and advice for delivery
- 2+ years of experience with hands
- On data research and data feed management
- IAT Level II Certification, including Security+ CE, GSEC, CCNA
- Security, or SSCP
- 3 years of experience with developing an analytic program and capabilities within the DoD or an intelligence agency
- 2 years of experience as a DoDIN analyst or other network analyst tasked with monitoring, threat discovery, or forensic response to incidents
- 2 years of experience with one or more of the following: Map/Reduce, R or R/Shiny, Spark, ELK, including Elasticsearch, LogStash, or Kibana, Metron, or other Open-source analytic capabilities that operate on a Hadoop or Accumulo cluster
32
Engineer, Cyber Threat Discovery Resume Examples & Samples
- Contribute to the tuning and development of security information and event monitoring systems (SIEM) use cases and other security control configurations to enhance threat detection capabilities
- Have a formal understanding on how to discover and analyze vulnerabilities
- Continuously improve processes for use across multiple detection sets for more efficient operations
- Liaise with appropriate internal stakeholders during the investigation process to determine whether a security incident has occurred, identify the root cause and provide appropriate recommendations for remediation
- Perform risk analysis, attack simulation, application-level automated & manual Ethical Hacking and develop proof-of-concept exploits
- Familiarity with threat modeling, development of attack plans, performing manual & automated Ethical Hacking, & develop proof of concept exploits
33
Cyber Protection Team Cyber Threat Emulator Resume Examples & Samples
- Bachelor’s or Master’s Degree in Computer Science, computer engineering, or technical relevant field
- Other degrees with strong computer technology curriculum may be considered
- Expert knowledge of physical computer components and architectures, including the functions of various components and peripherals, basic programming concepts, assembly codes, TCP/IP, OSI models, underlying networking protocols, security hardware and software
- Proficiency in writing, editing, executing scripts on Windows, Linux, Unix systems
- Certifications such as CEH, Security+, SANS GPEN, LPT (Licensed Penetration Tester), OSCP (Offensive Security Certified Professional)
- Experience with toolsets such as Wireshark, Metasploit, tcdump, NMap, Nessus, Snort, BRO, EnCase, Forensic Toolkit, Windows Fundamentals, UNIX fundamentals, exploitation theory, privilege escalation, evidence removal
- Proficiency with command line interface
- Experience with encryption and decryption such as PGP, DES, AES, RSA, PKI
- Certifications such as GXPN, GREM CCNA, CCNP, CCIE, RHCE, CompTIA
- Correlation environment tools (ArcSight)
- Linux Operating Systems
- GIAC Certification (GCIA)
34
Cyber Threat Engineer Resume Examples & Samples
- Security Information and Event Management (SIEM) management
- Web Application Firewall (WAF) management
- Unix / Linux and Windows system administration
- Information security best practices & network security architecture
- Sourcefire/Snort based security products
- Current exploit and remediation techniques
- Web Services Administration
- TCP/IP networking
- Vulnerability Scanning technologies
- Endpoint security concepts and products
- Information security or networking
- Intrusion analysis experience
- Excellent analytical thinking and problem solving skills
- Self-managed and team oriented
- Deadline and detail oriented
35
Cyber Threat & Development Analyst Resume Examples & Samples
- Apply expertise to ascertain the impact of an attack and create threat record to propose mitigation techniques and countermeasures that can prevent future attacks
- Innovate and collaborate with university, external organization partnerships and internal stakeholders to develop emerging and cutting edge cyber security solutions to align with NIST security framework core function for advanced cyber threats detection
- Perform cyber threat analysis, alert, and report based on intelligence and information gathered
- Provide understanding of Advanced Persistent Threat (APT) actors, their motivations, skill sets, tool sets and intent
- Leverage log management tool to conduct research and threat analysis
- Hunt down and respond to targeted threats and intrusions
- Perform security analysis and present analysis through use of Log management tool such as Splunk, SIEM
- Assist to develop security requirements and standards, select, test and deploy security products providing encryption, data leakage protection and database security capabilities as a primarily responsibility
- Assist to create a standard set of requirements, technical designs, recommended configurations and drawings necessary to design, implement and deploy our current and future state security capabilities
- Ability to self-learn and develop business and technical knowledge quickly and apply these to the business problems
- Education: BS in Information Security, Computer Science or Engineering or equivalent experience
- Minimum of 5 years’ experience in IT, with 1 year in network and 1 year in cyber security
- Experience in conducting threat analysis, threat intelligence, adversary hunting, anomaly detection and analysis, and the discovery of previously undiscovered cyber threats or attacks
- Develop and engineer novel solutions with emerging technologies to combat computer security threats
- Demonstrate positive attitude, willing to learn and take on new challenges
- Various general technical skills including knowledge of networking (i.e. TCP/IP) and security product experience
- Willingness to acquire in-depth knowledge of network and host security technologies and products
- Excellent verbal and written communications skills
- Experience presenting ideas and analysis to stakeholders
- Demonstrate the ability to work independently and as part of virtual teams in a fast paced environment
36
SOC Manager Vigilant Cyber Threat Management Resume Examples & Samples
- Experience in global delivery operations support model (e.g. 24*7/16*8)
- Should have managed a team of at least 8 to 10 professional which includes performance management. Should have experience in mentoring professionals with technical subject matter as well as professional growth
- Should have experience in service delivery capacity planning, resource management and service level optimization
- Should have experience in establishing and managing quality processes and measurement metrics (KPIs) for information security operational services. Should have good knowledge of quality processes/frameworks such as Six Sigma
- Should have good knowledge of industry standard service delivery and management process frameworks such as ITIL
- Should have experience in developing and operationalizing periodic service delivery and service management reports and dashboards
- Should have experience in leading IT security operational meetings with key internal and client stakeholders e.g. participation in CAB meetings, Periodic IT security operational meetings etc
- Should have experience in leading security incident response and handling such as security device outages, breaches, worm/virus outbreaks etc
- Should have experience in knowledgebase development and management
- Should have deep technical experienced in monitoring, troubleshooting and management (Change, Capacity, performance etc.) of security tools and technologies such as SIEM (e.g. ArcSight ESM, RSA enVision, QRadar etc.) Firewall (Cisco, Juniper, Checkpoint), Content Filtering Systems (Websense, Ironport, Blue Coat), Intrusion Detection and Prevention Systems (Snort, Cisco, McAfee), Antivirus (McAfee, Symantec), Threat Management Solutions (FireEye, Mandiant, Netwitness), Data Loss Protection (RSA, Symantec), GRC Solutions (Archer, Open Pages) etc
- Should have experience in maintaining and managing security configurations for network devices and Servers
- Should have good knowledge of various network and server platforms such Cisco IOS, Cisco NX-OS, Junos, FortiOS, Windows 2008/2012 Platforms, *NIX Platforms, Web servers (Apache, Windows Web Services)
37
Cyber Threat Specialist Resume Examples & Samples
- At least 12 years of experience in operating Threat Intelligence based incident response processes
- Experience in data analytics and threat intelligence collection
- Strong background in scripting (Shell/Python/Perl/Power-Shell), packet analysis, host and network security tools and encryption protocols
- Strong Unix/Linux and Visualization experience
- Extensive knowledge on Security Information and Event Management (SIEM) platforms, and Snort/IPS/IDS
- Extensive knowledge of SMTP, DNS and TCP/IP protocols
- Cyber threat situational awareness and the ability to adapt to the changing threat landscape
- Key knowledge areas include an in depth understanding of network topologies and core network communications protocols
- Ability to understand a network packet trace
- Working knowledge of IPS, IDS, HIPS and the ability to handle multiple tasks under tight deadlines
- Experience working with security vendors including submitting feature requests, evaluating products, and analyzing security functionality of a diverse set of products
- Excellent analytical skills, ingenuity and the ability to work on teams
38
Cyber Threat Manager Resume Examples & Samples
- Lead a team responsible for conducting automated and manual tests of information systems, including internal and external network penetration testing, vulnerability scans, threat modeling, information system architecture assessments and Web application testing
- The candidate will assist in development of the remediation plans for the business units
- Integrate vulnerability management program into other related disciplines where appropriate
- Develop communications program for threats and external and internal security events
- Improve and expand vulnerability detection methods and processes across traditional and extended network perimeters
- Create and supports metrics that vulnerability status and progress over time
- Develop and maintain relationships across EGSO, the security industry, peer organizations and other entities as necessary to benchmark Experian’s program and keep current in vulnerability management best practices
- Develops and mentors staff and managers to achieve career goals and maintain leadership succession planning
- Leads cross-functional teams to define objectives, strategies and domain performance metrics
- Evaluates and utilizes outside consultants to support security capabilities
- Bachelor’s degree in related field (Business, Information Services, IT, Information Security, etc.); Master’s preferred
- 5 years of escalating managerial work-experience in a highly diversified organization. 5+ years of increasing responsibility and work complexity to include progressive management roles in large, complex organizations
- Expert knowledge of existing and emerging threats
- Experience and exposure to large organizational implementations of vulnerability management programs, with specific emphasis on application security and vulnerability scanning
- Strong expertise in the collaboration, facilitation and coordination of the mitigation of risks
- Understanding of metrics development and reporting
- Strong problem solving and program execution skills. Ability to prioritize and drive difficult decisions among business partners
- Ability to lead and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals
- Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials, is desired
39
Cyber Threat Analysis Engineer Resume Examples & Samples
- Experience with Windows Server 2008 R2, Windows 7 domains or Windows Server 2012 R2, and Windows 10 domains, including GPOs and AD
- Experience with DoD IA security tools, including ACAS or HBSS
- Experience with scanning and remediating systems to maintain DoD compliance
- Knowledge of the DoD incident handling life cycle
- HS diploma or GED and 3 years of experience with working as an information security engineer
- Experience with DNS administration
- Experience in a VMware virtual environment
- Experience with Shavlik and Splunk
- DoD 8570.1M IAT Level II or III Certification, including Security+ or CISSP
40
Cyber Threat Analysis Engineer Resume Examples & Samples
- 2+ years of experience in software code development
- Experience with collecting, analyzing, and interpreting qualitative and quantitative data from multiple sources for the purposes of documenting results and analyzing findings
- Ability to monitor and analyze logs and alerts from a variety of different technologies, including IDS or IPS, firewall, proxies, and antivirus across multiple platforms
- Ability to coordinate and respond to events on networks and the systems on those networks
- Current Top Secret clearance
- BA or BS degree or 5+ years of experience in a professional work environment
- Experience with leveraging all source intelligence analysis preferred
41
Cyber Threat Siem Analyst Resume Examples & Samples
- Provides direct administration and ownership of SIEM and Data Platform technologies to include configuration, access controls, tuning, integration, and continuous improvement activities
- Works with Information Technology tools and concepts (Firewalls, data flows, Proxy, etc.)
- Collaborates with the Threat Management Center (TMC) to provide advanced functionality within current toolsets
- Coordinates integration capabilities with internal TMC and external Verizon networking/toolset groups
- Leverages Verizon policies and industry best-practice concepts to ensure proper integration design and integration of SIEM infrastructure
- Identifies innovative capabilities leveraging existing Verizon security resources and tools
- Provides leadership and guidance to enhance and advance the defensive capabilities of the Threat Management Center (TMC) and its subsequent ability to defend the Verizon Enterprise
42
Cyber Threat Architect, Darc Resume Examples & Samples
- Industry leading cyber security frameworks
- Capability maturity modelling
- Experience architecting and deploying one or more of the following SIEMs: Splunk, QRadar, and LogRythm
- Security operation center tooling workbench architecture
- Threat intelligence operations
- Attack surface mapping
- 5 or more years with deployment experience with information security tooling. Including but not limited to SIEM, IDS, WAF, DLP, and Database monitoring
- 10 or more years in cyber threat detection and response operations or consulting
- Client facing delivery experience (presenting to executive level audiences)
- Big Data architecture in security operations
- User behavior and advanced analytics
- Self-starter, self-managed, and detail oriented
- Leadership experience managing small teams and/or large security implementations
43
Cyber Threat Manager Resume Examples & Samples
- Ability to analyze malware
- Ability to execute and perform penetration tests
- Ability to analyze exploits
- Developed or participated in the development of a cyber threat management program
- Ability to generate Indicators of Compromise or Experience with systems the create, store, or process threat intelligence
- Ability to script and write programs for automation and processing of data
- Active in one or more intelligence or information sharing communities
- Minimum five (7-10) years experience with IT systems security and/or vulnerability identification through related employment or education
- Working knowledge of vulnerabilities, exploitation, and threats to an organization
- Working knowledge of threat intelligence
- Ability to work 8am-5pm with occasional off-hours support required at Elkridge, MD office
- Able to travel up to 25%
44
Cyber Threat Hunter Resume Examples & Samples
- Enhancing the Security Operations and Threat Intelligence workflow by redesigning process and approach to operationalize the sharing and utilization of actionable intelligence and indicators
- Assist in identifying (hunting) and profiling threat actors and TTPs
- Custom tool design to assist in analysis and investigation. (Related experience in programming, database, system administration, etc.)
- Implementing integration/orchestration of existing security infrastructure and indicators
- Design and run custom analysis models on (centralized) security event information to discover active threats, including collaboration on the development of use cases when appropriate
- Perform as an Information Security SME in the following areas
- Bachelors and/or Masters Degree in Engineering, Computers Science, or related field
- 10+ years overall technical experience in either threat intelligence, incident response, security operations, or related information security field
- 5+ years experience in application design/engineering, including but not limited to programming/scripting, Windows/Linux system administration, RDBMS/NoSQL database administration, etc
- 2+ years experience in penetration testing, ethical hacking, exploit writing, and vulnerability management
- Deep understanding of common network and application stack protocols, including but not limited to TCP/IP, SMTP, DNS, TLS, XML, HTTP, etc
- Strong and recent experience with malware analysis and reverse engineering
- Advanced experience with security operations tools, including but not limited to
- At least hobbyist experience in “maker”/hardware hacking, e.g. Raspberry Pi, Arduino, etc
- Experience with incident response workflow (or other case management “ticketing”) tools such as RSA Archer, ServiceNow, Remedy, JIRA, Resilient, Best Practical Request Tracker, etc
- Obtained certifications in several of the following: SANS GIAC courses, CEH, CISSP, OSCP, or tool-specific certifications
45
Cyber Threat Resistance Analyst Resume Examples & Samples
- Identify and prioritize active threat activity in client environments based on analysis from security instrumentation
- Identify and prioritize current vulnerabilities in client environments based on analysis from security instrumentation
- Assist in the development of orchestration and automation logic to enable proactive mitigation of vulnerabilities and interdiction of threats
- Take, direct, or recommend countermeasure actions to mitigate vulnerabilities and interdict threat activity
- Maintain state on current cyber threat actor techniques, tactics, and procedures
- Work with security architecture and engineering partners to develop and improve current and future analytic needs
- Establish and maintain analytic repeatable processes and assist in continuous improvement of those processes
- Perform quality assurance functions to ensure client satisfaction
- Participate in client service calls to assist in successful client outcomes
- Provide technical expertise and recommendations to partners across the managed security services practice
- Three or more years of professional experience in the Information Security field or demonstration of technical excellence commensurate with this experience
- Demonstrated experience contesting cyber threat actors and/or mitigating vulnerabilities exploited by threat actors
- Excellent time management, reporting, and communication skills
- Ability to generate comprehensive analytic reports and countermeasure recommendations
- Ability to conduct professional client facing communications
- Understanding of modern cyber security instrumentation to include threat and vulnerability tools
- Network based monitoring/analysis to include, but not limited to IDS/IPS, content filtering, sandboxing, anomaly, and behavioral tools
- Host based monitoring/analysis tools to include, but not limited to forensic, anti-virus, end point detection, and cyber threat actor hunting tools
- Vulnerability monitoring/analysis via modern vulnerability discovery tools
- Experience with SIEM platforms (Arcsight, QRadar, LogRhythm, Mcafee/Nitro, Splunk)
- Understanding of current cyber security maturity models, i.e. NIST Cybersecurity Framework
- Foundational understanding of network and application layer communications mechanisms
- Understanding of identity, access management, and authentication mechanisms
- Understanding of modern operating system technologies to include server and end point
- Understanding of SaaS and IaaS cloud technology implementation, application, and use
- High level understanding of major industry and regulatory controls such as PCI-DSS and HIPAA and the relationship to information security
- Ability to develop methodologies, training and processes for use by other team members in managed services
- Domain expertise in cloud technologies, incident response, malware analysis and/or reverse engineering
- Security certifications (GCIA, CISSP, CCSE, CISA, HBSS, NSA, CEH, Cisco Security, Security +, OSCP or other security certifications)
46
Cyber Threat Specialist, Associate Resume Examples & Samples
- Knowledge of TCP/IP Networking and knowledge of the OSI model
- Knowledge of OS management and Network Devices
- Knowledge of Intrusion Detection/Prevention Systems
- Knowledge of Antivirus Systems
- Some experiencemonitoring threats via a SIEM console
- Some experience performing analysis of log files from a variety of sources, to include individual host logs, network traffic logs, firewall logs, or intrusion prevention logs
- Excellent problem solving, criticalthinking, and analytical skills – ability to de-construct problems
- Strong customer service skills and decision-making skills
- Some experience with packet analysis (Wireshark) and Malware analysis preferred
- Working knowledge of PG&Einfrastructure preferred
- IBM QRadar and Dell SecureWorks experience preferred
- Experience with both desktop-based and server-based forensics
- Reverseengineering skills
- Strong sense of professionalism and ethics
- Acts with integrity and communicates honestly and openly
- Respects others and demonstrates fairtreatment to all
- Perform hunting for malicious activity across the network and digitalassets
- Conducts analysis using a variety of tools and data sets to identify indicators of malicious activity on the network
- Detonate malware to assist with threatresearch
- Collaborates with technical and threat intelligence analysts to provide indications and warnings, and contributes to predictive analysis of malicious activity
- Develop innovative monitoring and detection solutions using PG&E tools and other skillsets suchas scripting
- Mentor junior staff in cybersecurity techniques and processes
- Resolve or coordinate the resolution of cyber security events
- Monitor incoming eventqueues for potential security incidents
- Monitor external event sources for security intelligence and actionable incidents
- Document investigationresults, ensuring relevant details are passed to senior analysts and stakeholders
- Participate in root cause analysis or lessons learned sessions
- Write technical articles for knowledge sharing
- Establish and maintain excellent workingrelationships/partnerships with the cyber security and infrastructure support teams throughout the Information Technology organization, as well as business units
47
Cyber Threat Specialist, Expert Resume Examples & Samples
- Deep knowledge of TCP/IP Networking and knowledge of the OSI model
- Deep knowledge of OS management and Network Devices
- Deep knowledge of Intrusion Detection/Prevention Systems
- Deep knowledge of Antivirus Systems
- Significantexperience monitoring threats via a SIEM console
- Significant experience performing analysis of log files from a variety of sources, to include individual host logs, network traffic logs, firewall logs, or intrusion prevention logs
- Excellent problemsolving, critical thinking, and analytical skills – ability to de-construct problems
- Significant experience with packet analysis (Wireshark) and Malware analysis preferred
- Workingknowledge of PG&E infrastructure preferred
- Experience with scripting in Perl/Python/Ruby
- Ability to build rapport and cooperation among teams and internal stakeholders
- Respects others anddemonstrates fair treatment to all
- Methodical and detail oriented
- Actively seeks to enhance the group through the sharing of knowledge
- Perform hunting for malicious activity across thenetwork and digital assets
- Respond to computer security incidents and conduct threat analysis
- Conducts analysis using a variety of tools and data sets to identify indicators of maliciousactivity on the network
- Perform detailed investigation and response activities for potential security incidents
- Perform payload analysis of packets
- Detonate malwareto assist with threat research
- Recommends implementation of counter-measures or mitigating controls
- Ensures all pertinent information is obtained to allow for the identification, containment, eradication, and recovery actions to occur in a timesensitive environment
- Develop innovative monitoring and detection solutions using PG&Etools and other skillsets such as scripting
- Create and continuously improve standard operating procedures used by the SOC
- Resolve or coordinate the resolution of cyber securityevents
- Monitor incoming event queues for potential security incidents
- Maintain incident logs with relevantactivity
- Establish andmaintain excellent working relationships/partnerships with the cyber security and infrastructure support teams throughout the Information Technology organization, as well as business units
48
Cyber Threat Specialist, Associate Resume Examples & Samples
- Knowledge of OS management and Network Devices
- Some experience monitoring threats via a SIEM console
- Some experience performing analysis of log files froma variety of sources, to include individual host logs, network traffic logs, firewall logs, or intrusion prevention logs
- Excellent problem solving, critical thinking, and analytical skills – ability to de-construct problems
- Strong customer serviceskills and decision-making skills
- Working knowledge of PG&E infrastructure preferred
- Utility Industryexperience
- Acts with integrity and communicateshonestly and openly
- Actively seeks to enhance thegroup through the sharing of knowledge
- Identify and act on maliciousor anomalous activity
- Provide accurateand priority driven analysis on cyber activity/threats
- Ensures all pertinentinformation is obtained to allow for the identification, containment, eradication, and recovery actions to occur in a time sensitive environment
- Collaborates with technical and threat intelligence analysts to provide indications and warnings, and contributesto predictive analysis of malicious activity
- Develop innovative monitoring and detection solutions using PG&E tools and other skillsets such as scripting
- Create and continuouslyimprove standard operating procedures used by the SOC
- Monitorexternal event sources for security intelligence and actionable incidents
- Document investigation results, ensuring relevant details are passed to senior analysts and stakeholders
- Participate in rootcause analysis or lessons learned sessions
- Establish and maintain excellent working relationships/partnerships with the cyber security and infrastructure support teams throughout the Information Technologyorganization, as well as business units
49
Deloitte, Cyber Threat Detection Resume Examples & Samples
- Consuming Threat Intelligence and building an understanding of how attacks progress (use cases)
- Developing hypotheses about how these use cases would manifest in customer datasets and developing tests to prove this
- Developing rules or analytics to enable these attacks to be detected as early in the life cycle as possible
- Defining new data sources to improve the quality of our service, and supporting the on-boarding of new data sources through the development of parsers if necessary
- Refining existing rules and analytics to improve detection and reduce false positives
- Working alongside analysts and support teams to support them in their investigations, train them when releasing new content, and identify ways to improve the service
- Experience in a Threat Hunting or Security Analysis role
- Experience in using mathematical approaches to identify patterns in data sets
- At least a 2:1 in a numerical subject
- Experience with one or more of the following: Python, SQL, R, Java, Scala
- Naturally inquisitive, with a strong interest in Cyber Security
- Proactive approach to problem solving and identifying improvements
- Ability to gain SC clearance
- Experience with the following technologies would be advantageous
