Security Threat Analyst Resume Samples
4.8
(122 votes) for
Security Threat Analyst Resume Samples
The Guide To Resume Tailoring
Guide the recruiter to the conclusion that you are the best candidate for the security threat analyst job. It’s actually very simple. Tailor your resume by picking relevant responsibilities from the examples below and then add your accomplishments. This way, you can position yourself in the best way to get hired.
Craft your perfect resume by picking job responsibilities written by professional recruiters
Pick from the thousands of curated job responsibilities used by the leading companies
Tailor your resume & cover letter with wording that best fits for each job you apply
Resume Builder
Create a Resume in Minutes with Professional Resume Templates
CHOOSE THE BEST TEMPLATE
- Choose from 15 Leading Templates. No need to think about design details.
USE PRE-WRITTEN BULLET POINTS
- Select from thousands of pre-written bullet points.
SAVE YOUR DOCUMENTS IN PDF FILES
- Instantly download in PDF format or share a custom link.
MH
M Heathcote
Mitchel
Heathcote
38928 Fay Grove
Phoenix
AZ
+1 (555) 344 5176
38928 Fay Grove
Phoenix
AZ
Phone
p
+1 (555) 344 5176
Experience
Experience
Phoenix, AZ
Security Threat Analyst
Phoenix, AZ
Schmidt and Sons
Phoenix, AZ
Security Threat Analyst
- Provide recommendation to improve security monitoring and cyber defence mechanism
- Support the SOC Manager in the preparation of SOC management and statistical reports
- Perform analysis of large attack and threat datasets to drive project development
- Develop and provide threat and situational intelligence leveraging proprietary enterprise data, as well as a variety of external sources and open source data
- Monitor and perform activities related to information security policies, standards, directives and exceptions
- Perform malicious code analysis and document results for remediation
- Maintain security and crisis management documentation, such as contact cards and GIS mapping
San Francisco, CA
Cyber Security Threat Analyst
San Francisco, CA
Rau, Boyle and Nikolaus
San Francisco, CA
Cyber Security Threat Analyst
- Use Tanium and other tools to view data, indicators of compromise-IOCs, collect inventory to identify threats and relate them to the areas of the organization
- Use the analytical information from a diverse set of tools - Splunk, ArcSight, syslog, Tanium, to name a few- to their best advantage to identify threats and trends in addition to current state reactive behavior
- Configure components to effectively detect and report incidents & and follow escalation workflows
- Work with cross functional teams to perform activities including planning, providing technical leadership, and tracking projects and key task dates
- Work with engineering to assist with recommendations regarding direction of tools and applications
- Security CISSP or CISM certification is a plus
- Processing and analyzing multiple data sources in the analysis and correlation of threat information across enterprise-wide computing and networking resources
present
Dallas, TX
Senior Security Threat Analyst, VP
Dallas, TX
Conn Group
present
Dallas, TX
Senior Security Threat Analyst, VP
present
- Develop and present business cases to Management to improve security posture to effectively mitigate advanced threats
- Participate in Working Group Committee meetings to illustrate and communicate the state of information security risk relative to mitigating vulnerabilities that may impact business and operations, or that may cause reputation risk to the Company
- Work closely with stakeholders to co-develop incident response plans
- Partner with the lines of business to provide continuous awareness of key threats and risks that may impact the Business
- Participate in the coordination of security incident response events
- Partner with various stakeholders to define specific roles & responsibilities to support mitigation of threats and vulnerabilities, and incident response
- Serve as a resource in the escalation and resolution of information security incidents including internal events and targeted threats
Education
Education
Bachelor’s Degree in Information Technology
Bachelor’s Degree in Information Technology
University of Georgia
Bachelor’s Degree in Information Technology
Skills
Skills
- Applied knowledge of adversary phases of operation- particularly how to work across the phases in order to uncover new intelligence
- Demonstrated capability to develop prototype code in at least one language C, C++, C#, Python, .NET, Java, etc
- Demonstrated capability to coherently present potentially sensitive threat intelligence to a wide variety of audiences in public forums
- Applied knowledge of a variety of adversary command and control methods and protocols
- +3 years of experience of development involving extraction/manipulation/summarization of network data
- +3 years supporting incident response and deeply familiar with common incident response procedures, processes, and tools
- +6 years of experience leading analysis by working with at least one of the following: (1) analyzing network data across the various protocol layers and an applied understanding of a range of application/transport/network protocols; or (2) analyzing sophisticated malware samples used in targeted attacks against large corporate or government entities; or (3) analyzing host forensic and log data associated with advanced targeted adversaries
- +3 years software development experience with at least one of these languages: C, C++, C#, Python, or Java
- Demonstrated interpersonal skills (adaptability, inclusiveness, optimism, curiosity, empathy, courage, respect) which support the development of high functioning teams
- +4 years producing actionable threat intelligence on targeted and advanced persistent adversaries enabling network and host defenses in external organizations with demonstrable impact
13 Security Threat Analyst resume templates
Read our complete resume writing guides
1
Associate Security Threat Analyst Gbt Resume Examples & Samples
- Manage and maintain 3rd party service portal for network scanning. Notify and work with responsible system owners to address any findings. Provide individual system reports when requested by business units to support client requests
- Configure web application firewall policies to protect Prudentials externally facing web applications. Work with Application Security testing team to integrate scan findings into signatures that can be used on the web application firewalls
- Monitor and respond to web application firewall alerts. Coordinate with internal functions to address any attacks
- Provide application defect findings to business unit developers so that these issues can be addressed in future application releases
- Manage and operate Prudentials internal vulnerability scanner and work with responsible system owners to address any findings
- Handle Incident Response for critical Intrusion Detection System (IDS) alerts that were sent to the Operations Control Center (OCC)
- Monitor IDS events for potential threats and provide recommendations for tuning policies to the responsible engineering teams. Validate alerts and escalate issues to Security management
- Review firewall logs for malicious activity and misconfigured systems and remediate any issues found
- Work with other Security team members to automate processes and alerting to reduce manual review
- In depth knowledge of web application security and threats
- Knowledge in networking protocols and services
- Knowledge of secure operating system configurations
- Knowledge in the use of vulnerability scanners
- Knowledge in incident response
- Experience with Qualys, McAfee Vulnerability Manager and Trustwave WebDefend is a benefit
- Bachelors Degree required preferably in computer science or equivalent
- A background in Information Security and Incident Response would be a distinct advantage
- Ability to work on own initiative as well as part of a team
2
Security Threat Analyst Resume Examples & Samples
- Build internal systems to model and analyze active threats: adware, malware, and spam
- Perform analysis of large attack and threat datasets to drive project development
- Perform malicious code and document analysis
3
Security Threat Analyst Resume Examples & Samples
- Build and enhance internal tools that detect and respond to security issues
- Advise stakeholders and asset owners across the company on risk and mitigation strategies
- Bachelor’s degree in a relate field or equivalent experience
- Must possess a strong understanding of internet working standards and protocols
- Solid understanding of host/network common vulnerabilities and exploits (CVEs), hacker methodologies and tactics, and the tools used
- Be a self starter, work independently and adjust to changing priorities
4
Junior Security Threat Analyst Resume Examples & Samples
- Perform analysis of large attacks and threat datasets to help assess overall risk to the organization
- Perform malicious code analysis and document results for remediation
- Monitor and perform activities related to information security policies, standards, directives and exceptions
- Bachelor’s degree in a relatefield or equivalent experience
- Must be knowledgeable of Windows, Unix/Linux, Mac operating systems and their security architecture
- Must possess a strong understanding of internetworking standards and protocols
- Excellent verbal, written and communication and interpersonal skills
- 1+ year of relevant IT security, IT operations and/or SOC experience
5
Security Threat Analyst Resume Examples & Samples
- In-depth technical knowledge of adversary capabilities, infrastructure, and techniques that can be applied to define, develop, and implement the techniques both to discovery and track the adversaries of today and identify the attacks of tomorrow
- Proven ability to build strategic relationships with key threat intelligence partners in government and industry
- Applied knowledge in every feature of the Diamond Model (Adversary, Infrastructure, Capability, and Victim) and how those features interact during adversary operations - particularly how to pivot through the Diamond to uncover new intelligence
- Applied knowledge of adversary phases of operation- particularly how to work across the phases in order to uncover new intelligence
- 4 years producing actionable threat intelligence on targeted and advanced persistent adversaries enabling network and host defenses in external organizations with demonstrable impact
- Tracked at least four distinct APT adversaries over a period of at least one year ascertaining and characterizing various TTPs, capabilities, infrastructure, and campaigns
- Must have applied knowledge across all critical elements and common data types used in threat intelligence analysis, including: malware used in targeted adversary campaigns; and host and log forensics including methods of data collection and analytic techniques; and network forensics including common protocols and how those are used in adversary operations
- Applied knowledge of a variety of adversary command and control methods and protocols
- 3 years supporting incident response and deeply familiar with common incident response procedures, processes, and tools
- 6 years of experience leading analysis by working with at least one of the following: (1) analyzing network data across the various protocol layers and an applied understanding of a range of application/transport/network protocols; or (2) analyzing sophisticated malware samples used in targeted attacks against large corporate or government entities; or (3) analyzing host forensic and log data associated with advanced targeted adversaries
- 3 years software development experience with at least one of these languages: C, C++, C#, Python, or Java
- Demonstrated interpersonal skills (adaptability, inclusiveness, optimism, curiosity, empathy, courage, respect) which support the development of high functioning teams
- Demonstrated capability to coherently present potentially sensitive threat intelligence to a wide variety of audiences in public forums
- 4 years working with a variety of external partners working on sensitive threat intelligence issues
- 2 years working with products and services to improve security for customers
- 3 years working with both strategic and tactical threat intelligence customers and evaluating their requirements
- 2 years of experience correlating across very large and diverse datasets (HDInsight / Hadoop)
- 2 years working with SQL-based databases
- 3 years of experience of development involving extraction/manipulation/summarization of network data
- 3 years of experience working closely with threat intelligence analysts to understand their workflow and analytic problems and turning those into large-scale analytics
- 2 years of experience working within a diverse organization to gain support for your ideas
- Reverse-engineering & binary analysis
- Windows internals - especially in the areas of event management and networking (sockets/RPC/named pipes…)
- Demonstrated capability to develop prototype code in at least one language C, C++, C#, Python, .NET, Java, etc
6
Cyber Security Threat Analyst Resume Examples & Samples
- Experience leveraging Open Source Intelligence (OSINT) in tactical intelligence tradecraft
- Experience in partnering with major government agencies and authorities around the world
- Malware analysis, virus exploitation and mitigation techniques experience
7
Senior Security Threat Analyst, VP Resume Examples & Samples
- Responsible for defining, ratifying and maintaining a formal Threat & Vulnerability Management Program; and framework that defines the vulnerability priorities aligned with business criticality
- Interact directly with cyber intelligence sources (technical & non-technical) to increase effectiveness and timeliness of reporting threat information
- Aggregation, curation, tracking and operationalization of threat intelligence
- Responsible for providing guidance, and setting priorities for risk-based vulnerability management, mitigation and remediation
- Develop and present business cases to Management to improve security posture to effectively mitigate advanced threats
- Partner with various stakeholders to define specific roles & responsibilities to support mitigation of threats and vulnerabilities, and incident response
- Partner with the lines of business to provide continuous awareness of key threats and risks that may impact the Business
- Responsible for maintaining appropriate documentation that defines the Threat & Vulnerability Management Program, Policy and Procedures; and to participate on the TVM Team to develop and update as appropriate
- Participate in the coordination of security incident response events
- Serve as a resource in the escalation and resolution of information security incidents including internal events and targeted threats
- Work closely with stakeholders to co-develop incident response plans
- Determine the need to engage with, and manage vendor contracts related to external threat intelligence and threat mitigation services
- Five years of experience in cybersecurity or threat intelligence area
- The candidate should exhibit a firm understanding of the cyber threat landscape
- This person must have an inquisitive mindset and be able to translate raw data into actionable intelligence
- Strong analytical skills (i.e., technical and non-technical problem solving skills)
- Maintain certifications in an information security related field. The following are recommended: CISSP, CISM, GSEC, GIAC, GPEN
- Outstanding oral and written communications skills. This includes the ability to make formal stand-up presentations to all levels of management, and to prepare detailed project proposals which include detailed justifications, cost estimates, manpower requirements, etc
8
Cyber Security Threat Analyst Analysis Hunt Resume Examples & Samples
- 8570-compliant IATLevel I or CND-A
- Prior experience in network forensics with an emphasis on detecting malicious activity using network traffic
- Experience doing dynamic malware analysis
- Generate intelligence from their own data sources and share it accordingly
- Expand upon existing intelligence to build profiles of adversary groups
- Create and add custom signatures,to mitigate highly dynamic threats to the enterprise using the latest threat information obtained from multiple sources
- Notify the management team of significant changes in the security threat against the government networks in a timely manner and in writing via established reporting methods
- Maintain knowledge of the current security threat level by monitoring related Internet postings, Intelligence reports, and other related documents as necessary
- Other Cyber Defense Duties as assigned
9
Cyber Security Threat Analyst Team Lead Analysis Cell Resume Examples & Samples
- A bachelor’s degree in computer engineering, computer science, cyber security, or other closely related IT discipline
- Proven ability to lead technical, highly performing teams
- Minimum of five (5) years of progressively responsible experience in cyber security analysis, incident response, or related experience
- 8570-compliant IAT Level I or CND-A
- Conduct advanced threat hunt operations using known adversary tactics, techniques and procedures as well as indicators of attack in order to detect adversaries with persistent access to the
10
Cyber Security Threat Analyst Resume Examples & Samples
- Use Tanium and other tools to view data, indicators of compromise-IOCs, collect inventory to identify threats and relate them to the areas of the organization
- Use the analytical information from a diverse set of tools - Splunk, ArcSight, syslog, Tanium, to name a few- to their best advantage to identify threats and trends in addition to current state reactive behavior
- Configure components to effectively detect and report incidents & and follow escalation workflows
- Work with cross functional teams to perform activities including planning, providing technical leadership, and tracking projects and key task dates
- Uses Security monitoring tools to review, investigate, and recommend appropriate corrective actions for data security incidents
- Work with engineering to assist with recommendations regarding direction of tools and applications
- Bachelor’s degree in Computer Science, Engineering, or a directly related field
- Four to six years of professional IT experience
- Experience in security aspects of multiple platforms, operating systems, software, communications, and network protocols
- Requires excellent analytical ability, consultative and communication skills, and strong judgment
- Must be highly skilled and proficient in problem solving, with an aptitude to learn new technologies
- Excellent end users support skills
- Ability to multitask and handle multiple priorities
11
Cyber Security Threat Analyst Resume Examples & Samples
- Piece together intrusion campaigns, threat actors, and nation-state organizations
- Create and add custom signatures, to mitigate highly dynamic threats to the enterprise using the latest threat information obtained from multiple sources
- Develop and produce reports on all activities and incidents to help maintain day to day status, develop and report on trends, and provide focus and situational awareness on all issues. Reports shall be produced on a daily, weekly, monthly, and quarterly basis capturing and highlighting status, preparedness, and significant issues
- TS/SCI clearance with polygraph
- BS degree in Computer Information Systems, Computer Engineering, or equivalent with a minimum of 7 years experience
- Tool agnostic ability to conduct preliminary malware analysis
- Strong understanding of Operating Systems and Network Protocols
12
Cyber Security Threat Analyst Resume Examples & Samples
- Processing and analyzing multiple data sources in the analysis and correlation of threat information across enterprise-wide computing and networking resources
- Evaluating threat intelligence information (from open-source and subscription services) for impacts to the organization and taking appropriate preventative actions based on threat exposure and risk
- Analyzing specific threat data relating to known or suspected imminent or material threats to the enterprise infrastructure; e.g., malware outbreaks, advanced persistent threat (APT)
- Facilitating the investigation and remedying process of systems
- Evaluating potentially compromised systems by performing system-level analysis using a multitude of tools for the examination of material threats, including malware testing, registry analysis, log correlation and analysis, system file event analysis
- Assisting where necessary in the collection of data relating to potential or known threats for further analysis or handling by internal or external investigative or law enforcement personnel
- Preserving, collecting, and producing of ESI under the direction of Gore’s Litigation & Employment Attorney
- Maintaining Incident Response Plan
- Documenting incidents
- Bachelor’s degree in computer science, related degree or equivalent experience
- Minimum of 5 years’ experience in Information Security role
- Strong knowledge of Information Security best practices and standards
- Skilled at effectively partnering with attorneys, physical security, and IT throughout sensitive investigations
- Extensive knowledge of the various vectors of malware attacks and their associated detection and remediation strategies, encompassing the full range of targets from single devices to enterprise-wide network and computing resources
- Extensive experience in handling advanced persistent threat attacks
- Experience in the use and management of multi-disciplinary data feeds in the analysis of potential security threats, including but not limited to the following: log collection and correlation; threat analysis, forensics, and data capture, broad range of open source and system tools, packet capture, net flows, etc
- Basic understanding and capabilities in the management and/or operations of Windows, Linux and willingness to learn investigative techniques for mobile platforms such as IOS
- Understanding of typical networking and information security management systems and technologies (routers, switches, firewalls, HIDS/HIPS, NIDS/NIPS, SIEM)
- Willingness to learn malware kill chain analysis and malware hunting techniques
- Willingness to become familiar with all phases of cybersecurity incident response
- Ability to travel no more than 5%
- CISSP or equivalent security certification
13
Cyber Security Threat Analyst Analysis Hunt-sme Resume Examples & Samples
- A bachelor’s degree and 10 + years of related experience
- Good interpersonal, organizational, writing, communications and briefing skills
- Previous experience as Threat Researcher and/or Intelligence Analyst
- Strong scripting and task automation skills
- Fully analyze network and host activity in successful and unsuccessful intrusions by advanced attackers
- Manage, share, and receive intelligence on APT adversary groups
- Identify, extract, and leverage intelligence from APT intrusions
- Conduct advanced threat hunt operations using known adversary tactics, techniques and procedures as well as indicators of attack in order to detect adversaries with persistent access to the enterprise
- Develop and produce reports on all activities and incidents to help maintain day to day status, develop and report on trends,and provide focus and situational awareness on all issues. Reports shall be produced on a daily, weekly,monthly, and quarterly basis capturing and highlighting status, preparedness,and significant issues
- Correlate data from intrusion detection and prevention systems with data from other sources such as firewall,web server, and DNS logs
- Coordinate with appropriate organizations within the intelligence community regarding possible security incidents. Conduct intra-office research to evaluate events as necessary, maintain the current list of coordination points of contact
- Review assembled data with firewall administrators, engineering, system administrators and other appropriate groups to determine the risk of a given event
14
Security Threat Analyst Resume Examples & Samples
- Support the operational maintenance of the security assessment systems
- Investigate and troubleshoot issues, create and execute scripts to perform needed system functions
- Develop and provide threat and situational intelligence leveraging proprietary enterprise data, as well as a variety of external sources and open source data
- 3+ years of experience working in information security or systems administration
- Extensive knowledge of operating systems and networking technologies in general
- Knowledge of Linux (file systems, network stack, etc.)
- Scripting skills in at least one of the following: Bash, Perl, or Python
- Proven ability to translate complex information sets into specific recommendations that can be actioned by and enhance security posture
- Understanding of threat analysis and enterprise level mitigation processes
- Be a self-starter, work independently and adjust to changing priorities
15
Security Threat Analyst Resume Examples & Samples
- Vulnerability scanning on Operating Systems, Databases and Infrastructure
- Compliance checking of the IT environment
- Perform Penetration tests on the business critical information systems of Rabobank
- Analytical
- Deliver results
- Innovate
- Empowerment
16
Senior Cyber Security Threat Analyst Resume Examples & Samples
- Analyze threat information from a variety of internal and external sources to provide actionable intelligence to maintain and enhance the defenses that protect Fidelity Investments information systems and resources
- Support other teams in Enterprise CyberSecurity and IT operations to respond to cyber incidents by providing insightful research and analysis
- Identify and assess the capabilities and activities of cyber criminals
- Develop and manage threat profiles – supporting predictive analysis efforts
- Assist analysts and incident response staff during response activities and cyber investigations
- Produce findings to help prepare or support investigations
- Ensure indications of compromise are promptly identified and stakeholders are informed with actionable and complete information
- 5+ years’ experience in the IT Industry
- Relevant law enforcement, government, or military experience working as a member of a Cyber incident analysis team or in a Network Operations Center (NOC)
- Strong written and oral communication skills and the ability to prioritize work
- Industry certifications in cyber security incident management, such as GIAC Certified Incident Handler (GCIH), Certified Information Systems Security Professional (CISSP)
- Working knowledge of operating systems and networking technologies
- Knowledge of packet capture and analysis
- Knowledge of how malicious code operates and how vulnerabilities are exploited
- Knowledge of log formats (syslog, http logs, database logs) and how to gather forensics for traceability back to an event
- Working knowledge of databases, query design, and how to analyze queried data
- Ability to make information security risk determinations based on threat intelligence analysis
- Proven ability to work with and understand technical indicators of threat activity and provide recommendations
- Understanding of cybersecurity frameworks such as NIST or ISO 27001
- Ability to write clear and concise analytical information products
- Ability to maintain or develop professional contacts in the cyber security
- Understanding of information security program(s) in the financial sector
17
Cyber Security Threat Analyst Analysis Hunt Scsa Resume Examples & Samples
- Active TS/SCI Clearance with POLY
- A bachelor’s degree or equivalent experience in computer engineering, computer science, or other closely related IT discipline
- Progressively responsible experience in cyber security analysis, incident response, or related experience
- Ability to create, modify, and implement both Snort and YARA signatures
- Construct and exploit threat intelligence to detect, respond, and defeat advanced persistent threats (APTs)
- Leverage intelligence to better defend against and respond to future intrusions
- Conduct initial dynamic malware analysis on samples obtained during the course of an investigation or hunt operation in order to create custom signatures
18
Cyber Security Threat Analyst Engineer Resume Examples & Samples
- Able to clearly explain, demonstrate, and document security issues at a level understandable by less security aware team members
- Ability to understand the entirety of the threat landscape for a particular system and apply the right security technologies where they will be most effective. This includes external facing software and services as well as internal
- The ability to think like an attacker and use those skills to verify network security designs and implementations
- 3 to 5 Years Information Security Experience
- Ethical Hacking Class/certificate (e.g., GWAPT/GPEN/GAWN/GXPN) or equivalent experience doing penetration testing
- Ability to perform risk and threat analysis across various projects
- Open source Intelligence Gathering
- Deep Understanding of Networking
- Strong understanding of information technology fundamentals, cyber security defense technologies, risk management concepts, and the cyber threat landscape
- Applicant has coalition building skills to arrive at a consensus when opinions on subject matter differ. The candidate will work with other departments and partners to exchange and automate the sharing of threat data
- Ability to translate raw threat data into a knowledge base with actionable intelligence
19
Cyber Security Threat Analyst Resume Examples & Samples
- Proactively research threat actor behaviors to gain understanding of and insight into new and emerging threats
- Research and communicate this information to the appropriate partners both internal and external to the company
- Provide actionable intelligence by enriching cyber threat intelligence from our partners, vendors, and open sources to protect external facing and internal based computing assets, data, customers and brand reputation
- Provide enterprise threat analysis (assessment) of potential and current threats. This includes partnering with key internal groups to provide actionable intelligence for enterprise risk reduction and remediation. Identify and drive risk remediation approaches to current and emerging threats. Use this information to create actionable intelligence that is needed to show indication of historical or active threat activities and prevent future threats
- Assist in communication efforts to key groups and the enterprise regarding potential threats and remediation efforts
- Perform evaluation of potential threats, security investigations, remediation efforts and related tool sets, including CSIRT (Computer Security Incident Response Team) participation
- Foster and utilizes relationships with related threat intelligence vendors, federal and state agencies, and other organizations to provide informational sources for current and emerging risks, threats and controls
- Interact frequently with lines of Business, other technical support teams, engineering and product management to escalate and resolve critical issues. Keep pace with emerging security threats, technologies, and systems
- Develop and maintain operational documentation and procedures
- Develop and maintain core metrics
- Maintain an awareness of policies and government regulations pertaining to information security and retail
- Review security-related events; assess risks and validity, as well as reporting
- Analyze network traffic to assist in generating new attack signatures
- Analyze additional log, forensic, malware, or other IR-related data, as needed
- Collect and analyze open source cyber intelligence data
- Perform or coordinate penetration testing and web application security assessment activities
- Define correlation rules and patterns to automate monitoring capabilities
- Provide technical input on threat and vulnerability risks
- Evaluate and recommend emerging technologies within information security
- Work independently with 3rd party providers, vendors and other company departments
- Provide 24x7 operational support for escalations on a rotating basis
- 5+ year's related-technology and/or related-business experience in consulting/research/intelligence in the area of cyber threat
- 5+ years of information security administration experience
- Experience deriving actionable intelligence and threat indicators out of intelligence feeds and/or available data sets
- Experience in providing enterprise threat analysis (assessment) of potential and current information security risk and threats to determine the potential impact on the confidentiality, integrity and availability of information systems and how
- Knowledgeable on cyber threats relative to the retail industry specifically in the areas of hactivism, organized crime, and nation-state threats
- Solid understanding of information security and a working knowledge of typical information security controls utilized within the retail and security industry
- Experience working within a large complex corporate environment providing consulting services on large initiatives
- Experience creating analytical reports including charts, timelines, and recommendations regarding complex cyber related criminal activity for delivery to senior leadership and business technology leaders
- Experience managing and prioritizing multiple tasks in an effective manner
- Experience in conducting attribution analysis to identify information security incident origin, threat actor group identity and potential threat actor objectives
- Knowledge and understanding of network and security fundamentals, protocols, and technologies
- Strong understanding of mitigating security controls (i.e., anti-virus, IPS/IDS, email filtering, web site blocking, patching) and how they work in an overall defense in depth risk assessment methodology
- Experience with engineering and/or architecture of technologies such as network firewalls, intrusion detection sensors, antimalware technologies, vulnerability scanning technologies, and APT prevention technologies is a plus
- Strong experience in conducting reviews of security related events aimed at improving analyst case management
- Understanding of Technology Platforms (Windows, Open Source, Middleware Applications, Database Applications, Cisco, Adobe)
- Understanding of social networking programs (i.e., Facebook, Twitter, and LinkedIn) - particularly as it applies to security risks
- Understanding of DDoS concepts, mitigation tools and techniques
- Understanding of vulnerability scanning and reporting
- Understanding of incident handling
- Experience developing and providing effective and professional presentations to all levels (including Senior Management)
- Strong subject matter expertise in incidence response required; (e.g. In-depth knowledge of Windows/Unix operating system forensics, event logging systems, authentication methods, remote and local web application security, penetration testing)
- Industry-recognized security, network, or other professional certifications (e.g. CISSP, GSEC, GCIH, CCSP, CCNA, etc.)
- Formal intelligence training and background are strongly preferred
- Verifiable military and/or work experience relevant to this discipline
- Existing membership in and organizational ties to intelligence sharing communities and agencies
- Experience managing projects and leading staff
- Experience with computer forensic
- Experience with reversing malware
- Experience with Security Information Event Management tools (SIEM)
- Experience in conducting training and mentoring of less experienced security professionals
- Strong understanding of Information Security industry standards/best practices (e.g., NIST, PCI)
- Strong understanding of Information Security related laws and regulations (e.g., HIPAA, GLBA)
- Working understanding of web application firewalls
- Understanding of and experience in developing custom rule sets based in both internal and external data sources for correlation analysis
- Must possess strong attention to detail
- Required strong interpersonal and organizational skills, including the ability to meet deadlines
- Strong analytical and problem solving skills with the ability to identify both tactical and strategic solutions
- Ability to teach and mentor junior staff personnel
20
Security Threat Analyst Resume Examples & Samples
- Perform detailed triage, analysis/investigation on escalated and reported of security events
- Incident handling and management
- Provide recommendation to improve security monitoring and cyber defence mechanism
- Degree in IT/Engineering with 4 or more years of relevant working experience in SOC with hands-on experience in monitoring, triage, analysis and incident management of real time security events
- Familiar with SOC processes and technologies
- SANS GSEC or equivalent
- Hands-on experience in Security Information Event Management System (SIEMS)
- Operational knowledge on SIEMS, Breach Detection System, Network Forensic System
21
IT Security, Threat Analyst Resume Examples & Samples
- 5+ years overall IT Infrastructure experience
- Experience with several of the following topics: Malware analysis; APT/malware ecosystems; Exploit kits; Cyber Threat intelligence; Software vulnerabilities & exploitation; Data analysis
- Relevant Technical Security Certifications (GIAC, CEH, CISM, CISSP, EC-Council, Offensive Security, etc.)
- Working knowledge and experience in Network Security
- Working knowledge of security in the following areas: NIPS and HIPS, File Integrity Monitoring, Firewalls DLP, Log Aggregation and Reporting, 2FA, Certificates, Wireless, Network Policy Management, Firewalls, IPS, AAA, locating IOC’s, threat feeds, and route/switch
- Strong interpersonal skills, including teamwork, facilitation and negotiation
- Experience with Snort, Bro or other network intrusion detection tools
- Nominal understanding of regular expression and common scripting languages (Python, Powershell)
- Strong knowledge of malware families and network attack vectors
- Ability to work on emergency Security Incidents at any point in the day
- LI-CR1
22
Cyber Security Threat Analyst Resume Examples & Samples
- Establishes plans and protocols to protect data and information systems against unauthorized access, modification and/or destruction
- Delivers technical reports on daily activities
- Analyzes and advises on new security technologies and program conformance
- Maintains knowledge with current emerging technologies and advancements within Information Security
- Leverage tools, intelligence, and data from multiple sources on "hunting exercises" to discover evidence of threats, insider misconduct, or anomalous behavior
- Collect and analyze sets of qualitative and quantitative data to find anomalies
- Participate in the coordination of response, remediation, and recovery activities for potential security incidents
- Continuously evaluate intelligence information for changes in actors, tactics, techniques, and targets in the cyber threat environment to update and enhance defenses, detection capabilities, threat scenarios, and response playbooks
- Develop and maintain strong working relationships with key partners and stakeholders like Information Security, Legal, HR, Compliance, Business Unit, and peers at other institutions
- Create reports for stakeholders and management regarding investigations, potential threats, suspicious activity or anomalies
23
Security Threat Analyst Resume Examples & Samples
- Follow established processes and procedures in use and support of operational software tools, hardware and system software
- Be willing and capable of learning new tools and processes
- Monitor SIEM, conduct data analysis, and evaluate logs for security events
- Support management of firewall, proxy, IDS/IPS, DLP, and Vulnerability Scanners
- Evaluate health and management of Anti-Virus, Anti-Malware, and other Advanced Threat agents in a global deployment
- Create reports and enhance metrics based on data analysis
- Participate in threat hunting, threat modeling, and threat intel activities
- Must demonstrate the ability to professionally communicate in verbal and writing skills
- Must understand basic security principles with an understanding of malware, cryptography, threats and vulnerabilities, access control, and application, data, and host security
- Must understand core networking (TCP/IP, routing, switching, wireless) and the OSI model
- Must have basic computer programming / scripting skills (Powershell/Bash/Python) and an interest in data analysis using Hadoop and R
- Must understand basic use of both Windows 7/10/Server 2008/2012 and Linux, including console level commands
- Must demonstrate skills and interest in supporting a variety of security systems such as SIEM, IDS/IPS, firewalls, proxies, host security software, and vulnerability scanners
- An Associate’s degree or higher from an accredited university or college with course work in Information Security, Information Management Systems, or Networking OR
- Completion of non-accredited coursework through related on-the-job-training, AND 1 year full time experience in at IT role
