Threat Intelligence Resume Samples

The Guide To Resume Tailoring

Guide the recruiter to the conclusion that you are the best candidate for the threat intelligence job. It’s actually very simple. Tailor your resume by picking relevant responsibilities from the examples below and then add your accomplishments. This way, you can position yourself in the best way to get hired.

Craft your perfect resume by picking job responsibilities written by professional recruiters

Pick from the thousands of curated job responsibilities used by the leading companies

Tailor your resume & cover letter with wording that best fits for each job you apply

Resume Builder

Create a Resume in Minutes with Professional Resume Templates

CHOOSE THE BEST TEMPLATE - Choose from 15 Leading Templates. No need to think about design details.

USE PRE-WRITTEN BULLET POINTS - Select from thousands of pre-written bullet points.

SAVE YOUR DOCUMENTS IN PDF FILES - Instantly download in PDF format or share a custom link.

Create a Resume in Minutes

E Rohan

Emely

Rohan

33823 Ferry Pass

Detroit

+1 (555) 900 9788

33823 Ferry Pass

Detroit

Phone

p +1 (555) 900 9788

Experience Experience

Houston, TX

Threat Intelligence

Houston, TX

Koelpin, Harber and Rice

Houston, TX

Threat Intelligence

Communicating tactical threat information to assist in defensive mitigations
Assist CTI peers in regular production and dissemination of intelligence products
Passively monitor forums and content sharing sites for unauthorized posted content
Producing written intelligence reports constructed from analysis and collected threat information for JPMC internal consumers
Maintaining technical proficiency in the use of tools, techniques and countermeasures
Coordinate with threat intelligence analysts and partners on matters relating to collection, analysis and reporting of open source/deep web information
Monitor social media and blogs for content presenting risk to the firm

Dallas, TX

Threat Intelligence Manager

Dallas, TX

Okuneva Inc

Dallas, TX

Threat Intelligence Manager

Provide day-to-day operational reporting/tracking indicators
Provide training program
Currently be a US Citizen
Regulatory/Legal/Corporate Compliance: Stay abreast of all information security related laws and regulations to ensure compliance to them. Ensure compliance to corporate policies
Make recommendations for assigned personnel regarding employment, career development, performance evaluations, salary changes, promotions, transfers and terminations within established policies and guidelines
Supervision/ management of an IT function/site/corporate operation
Day-to-day functional management of the organization, to include performance management, training/developing, forecasting/reporting, and budgeting/expense control

present

Detroit, MI

Incident Response & Threat Intelligence Manager

Detroit, MI

Lynch LLC

present

Detroit, MI

Incident Response & Threat Intelligence Manager

present

Manage vendor relationships to ensure business satisfaction with network and system security services
Provide continuous feedback, write annual appraisals, and oversees staff development
Responsible for creating and evaluating workflow processes, procedures, and checklists
Responsible for managing workflow processes including timely monitoring and response to internal threat escalations
Manage team short-range planning including and training programs for team
Ensure network security systems comply with company policies, standards, and procedures
Lead development and maintenance of effective information security policies, standards, and procedures for areas of responsibility

Education Education

Bachelor’s Degree in Computer Science

University of North Texas

Bachelor’s Degree in Computer Science

Skills Skills

Qualifications within the IT Security field desirable though not essential. SANS Certified Intrusion Analyst (GCIA), Certified Incident Handler (GCIH), Malware Analysis, Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM)
Highly adaptable to a constantly changing business and technology environment
Demonstrated SME level knowledge in one of the following areas: Firewall Administration, Intrusion Detection, Communications, Incident Response, RACF, Encryption, Access Control, Threat Management, or any other security-related field
Strong oral and written communications skills; strong presentation and marketing skills
Familiarity with multi-platform environments and their operational/security risk considerations
Seven years experience in IT, of which at least three years was in the information security field in a leadership/supervisory position
30%/70%business/technology acumen
Programming skills C++, Python, C# or any other language
Certification in information security fundamentals (GISF or higher)

Create a Resume in Minutes

15 Threat Intelligence resume templates

Read our complete resume writing guides

Threat Intelligence Resume Examples & Samples

2+ year’s experience in deep web collection and retrieval
5+ year’s total technology experience
Knowledge of open source collection and deep web ingress
Experienced in legal unattributed data extraction
Functional knowledge of common anonymity networks and proxy/VPN services
Knowledge of web application development and infrastructure
Proficiency with Unix and Windows
Knowledge of IP protocols, networks, and routing
Familiarity with data protection laws and regulations
Strong written and verbal communication skills; ability to document findings in clear and concise reports
Ability to coordinate, work with, and gain the trust of business stakeholders and technical resources
Strong work ethic and ability to self-motivate
Capable of being an independent contributor as well as a team player
Multilingual competence highly desired (Arabic, Russian, Farsi)
Previous intelligence and/or law enforcement background, a plus
Coding (scripting) experience (e.g. Python, Perl, VB Script, etc.), a plus

Incident Response & Threat Intelligence Manager Resume Examples & Samples

Lead the growth, maintenance, and training for the security incident management program and teams including best practices for breach identification, analysis, containment, eradication, recovery, legal evidence preservation, internal and external communications, and conducting post mortems
Lead the growth and maintenance of the data loss prevention program and products including monitoring the effectiveness of key data loss controls such as employee de-provisioning
Lead the growth and maintenance of the threat intelligence program including gathering, assessment, action items, and information dissemination
Oversee proactive support of internal and external investigations through data analysis and information gathering
Responsible for managing workflow processes including timely monitoring and response to internal threat escalations
Responsible for maturity and maintenance of metrics and reporting for areas of responsibility
Responsible for evaluating new and existing regulatory requirements and ensuring the compliance posture of the bank for areas of responsibility
Lead development and maintenance of effective information security policies, standards, and procedures for areas of responsibility
Demonstrates compliance with all bank regulations for assigned job function and applies to designated job responsibilities – knowledge may be gained through coursework and on-the-job training. Keeps up to date on regulation changes. Follows all Bank policies and procedures, compliance regulations, and completes all required annual required or job-specific training. Follows all Bank policies and procedures and compliance regulations, and completes all required annual required or job-specific training. May be asked to coach, mentor, or train others and teach coursework as subject matter expert. Actively learns, demonstrates, and fosters the Umpqua corporate culture in all actions and words. Takes personal initiative and is a positive example for others to emulate. Embraces our vision to become "The World's Greatest Bank."
Bachelor’s degree in the field of information security, computer science, or management information systems required
CISSP, CISA, CISM, SANS GIAC, and CCFP preferred
5-8 years of experience in security disciplines including incident management, data loss prevention, threat intelligence, and correlated data analysis
1-3 years managing a team of professionals including providing effective coaching, training, feedback, and development plans
Experience managing projects or programs to achieve information security objectives
Experience implementing and utilizing industry guidance such as NIST SP 800-61
Extensive experience developing, leading, implementing, and training security incident management programs and teams including best practices for breach identification, analysis, containment, eradication, recovery, legal evidence preservation, internal and external communications, and conducting post mortems
Demonstrate operational knowledge and experience with implementing, maturing, and maintaining data loss prevention products and programs
Demonstrate knowledge and experience with threat intelligence gathering, assessment, action items, and information dissemination
Advanced knowledge of malware, delivery of payloads via email phishing, and methods to confirm whether payload is malicious
Experience using proxies, email security appliances, SIEM, and other similar tools to investigate potential threats
Proven knowledge and ability to stay abreast of information security trends and threats in multiple areas
Extensive data analysis skills
Experience identifying and documenting appropriate policies, standards, and operational procedures
Advanced written and verbal communication skills
Possess strong leadership skills including the ability to build high performing teams and to direct, influence, and motivate your direct team and teams and professionals outside of your direct supervision
Proven ability to effectively prioritize and execute tasks in a high-pressure environment

Threat & Intelligence Group Manager Resume Examples & Samples

At least 3 years of experience managing multiple teams
Highly organized with exceptional time management skills and the ability to organize and prioritize a large number of tasks
Effective management through stressful situations, consistently reaching effective, high quality decisions
Analytical, thorough, experience in information security and malware research
Superior communication skills (both verbal and written) and the ability to interact effectively with all levels of a large, international corporation
Excellent written & verbal communication skills in English
A Bachelor’s degree in a related discipline

Threat Intelligence Manager Resume Examples & Samples

*Other locations/Remote are possible***
Privacy/Protection: Provide the necessary subject matter expertise and ensure the implementation of the information security architecture, risk management standards, best practices and systems/processes to ensure information privacy/protection
Risk Management: Interact with management to determine acceptable levels of risks as the business model and risk profile changes and align the security program accordingly
Monitoring of security procedures and practices: Review on a timely basis the various analyses of the reports and logs available. Review the recommendations for noted irregularities
Security policies for the bank: Be aware of and review the security features of new information security practices, systems and business services to ensure that they meet the security requirements of the existing policies. Review and propose changes to existing policy as external emerging issues and conditions warrant
Ensure adequate security for new business services and systems: Assist in the development of scenarios of usage, test for abnormalities or exposures. Prepare documentation to augment vendor materials that include local enhancements and implementations
Regulatory/Legal/Corporate Compliance: Stay abreast of all information security related laws and regulations to ensure compliance to them. Ensure compliance to corporate policies
Support or direct enterprise level information security related functions such as: Firewall Administration, Intrusion Detection, Communications, Incident Response, RACF, Encryption, Access Control, Threat Management, Cyber Forensics, and other security related functions as required. . Make recommendations for improvements to the program, respond to alleged policy violations and act as participant in event of a breach. Ensure communications to the CISO, and other senior level officers, are accurate and timely
Make recommendations for assigned personnel regarding employment, career development, performance evaluations, salary changes, promotions, transfers and terminations within established policies and guidelines
Plans and develop departmental budgets in accordance with established guidelines; administer compliance to meet budgetary goals and negotiates changes as required
Maintain awareness of changes in industry: Attend classes and seminars as required to maintain a high level of proficiency in the fields of information security and business resumption. Network with other information security professionals. Read about and be aware of the trends regarding BRP and Security in the industry
Bachelor's degree in computer science, business, or related discipline, or equivalent education and related training
Certification in information security fundamentals (GISF or higher)
Seven years experience in IT, of which at least three years was in the information security field in a leadership/supervisory position
Demonstrated SME level knowledge in one of the following areas: Firewall Administration, Intrusion Detection, Communications, Incident Response, RACF, Encryption, Access Control, Threat Management, or any other security-related field
Familiarity with multi-platform environments and their operational/security risk considerations
Strong oral and written communications skills; strong presentation and marketing skills
Highly adaptable to a constantly changing business and technology environment
30%/70%business/technology acumen

Cybersecurity, Threat Intelligence Res Resume Examples & Samples

Currently pursuing a Bachelor's or Master's degree from a United States-based college or university
Major: Computer Science, Engineering or a related field
Strong attention to detail, technical acumen, positive attitude, and aptitude to learn and be a self-starter
Desire to enter the Media / Technology / Advertising industry upon graduation and passionate about innovation

Senior Manager Threat Intelligence Resume Examples & Samples

Manage Intelligence Efforts: Ensure that the GPS strategic and tactical threat intelligence efforts support the greater S&I intelligence requirements. Oversee the production and dissemination of GPS intelligence products in support of BNS operations both domestically and internationally. Ensure that all analytical efforts support operations by providing timely and relevant intelligence to decision makers
Develop Intelligence Capacity & Capabilities: Identify functional and structural challenges and opportunities for the team, propose recommendations to higher and implement recommendation if required. Ensure that all aspects of the intelligence function provide value to GPS, S&I and BNS operations. Collaborate and coordinate cross functionally within BNS business units, S&I hubs internationally, and FIs to benchmark and a more comprehensive intelligence product. Determine the value of existing and future information sources and approve / reject recommendations from Analyst Managers
Manage Governance & Compliance: Provide guidance and security advice to business units and S&I regarding security screening compliance matters. Ensure that affected BNS employees are aware and accountable to security compliance requirements
Liaison & Engagement: Participate in strategic intelligence initiatives and ensure that the Threat Intelligence team is aligned with S&I partners. Engage and liaise with senior analytical and operational counterparts at other financial institutions, S&I hubs, and police authorities to ensure the alignment of intelligence focus and the allocation of resources
Management of Team: Supervise, coach and mentor the GPS Analysts, providing guidance and oversight of their daily work. Develop the skill level of direct reports in order to continue their long term development solid succession planning for the overall success of the department
Provide Support to S&I: Be prepared to support and/or complement broader GPS roles and responsibilities on an as required basis. Contribute to the development of high level plans for the achievement of the Unit’s future goals that involve multiple business lines/countries. Identify new potential customers within the Bank for GPS products/services. Promote and foster a positive working environment for staff development

Threat Intelligence Resume Examples & Samples

2+ years cyber intelligence experience
3+ years experience in a large, mission-critical environment
5+ total years technology experience
Working knowledge of the intelligence lifecycle and current cyber threat landscape
Ability to apply a thorough knowledge of attacker capabilities, intentions, motives, and historical operations/targets to inform JPMC Cybersecurity strategies quickly, clearly and effectively
Bachelors Degree in Computer Science or related field, or equivalent experience
Experience determining source information accuracy
Experience leveraging Open Source Intelligence (OSINT) in tactical intelligence tradecraft
Experience with Lockheed Martin’s Cyber Kill ChainTM and Intelligence Driven Defense
Experience in the Financial Industry
Experience with Splunk Enterprise
Experience with Threat Intelligence Platforms
Malware analysis, virus exploitation and mitigation techniques experience
Coding (scripting) experience e.g. Perl, VB Script, Python etc

Cybersecurity Threat Intelligence Resume Examples & Samples

Assess Solutions Against Established Standards - The ability to understand and assess proposed solutions in order to determine how closely they meet requirements and if they will deliver the desired business outcomes. The ability to understand the organization, and its readiness, to determine what is necessary to transition to the solution
Audit Methodologies - The ability to inspect and evaluate an assertion of fact using a mixture of qualitative and quantitative analysis techniques. The ability to apply such techniques using appropriate judgment to produce accurate and consistent conclusions regardless of the nature of assertions being evaluated
Risk Management - The identification, assessment, and prioritization of risks followed by coordinated response to minimize, monitor, and control the probability and/or impact of unfortunate future events
Investigation - Able to lead a systematic and thorough process to learn the facts about something complex or hidden
Troubleshooting - Able to diagnose and problem solve issues with computer hardware or software components with little or no direction. May require ability to install, configure, or disposition of server or client pc infrastructure and application issues
Research - Able to conduct a process of steps used to collect and analyze information to increase our understanding of a topic or issue
Research – In depth knowledge acquiring and utilizing open source information security threat intelligence to determine potential impact to the environment
Incident handling – Ability to effectively respond to information security incidents and coordinate incident response efforts
Investigation - Ability to utilize logs and other system information to determine if an incident has taken place and determine root cause
Excellent written skills to articulate and document research and investigation findings
Self-motivated to handle, track and complete multiple tasks at the same time

Senior Cybersecurity Lead-threat Intelligence Resume Examples & Samples

1) Contributes into a development, management and execution of cybersecurity monitoring service for medical devices
2) Advises in selection of tools, equipment, methodology, report templates for the cybersecurity monitoring service
3) Coordinates R&D capabilities for security vulnerability discovery and penetration testing across multiple products
4) Provides subject matter expertise in establishment of cybersecurity information sharing capabilities
5) Leads a development of cybersecurity event definition framework to be adopted by medical devices
6) Develops cybersecurity forensics capabilities as applicable to medical devices
7) Provides cybersecurity technical guidance to other technical personnel
8) Works cooperatively with technical personnel in other divisions and functions to accomplish enterprise-wide goals
9) Participates in setting strategic cybersecurity direction
10) Evaluates and recommends products and systems in key technology areas
11) Identifies and implements process improvements in the architecture and/or infrastructure of existing systems in the area of cybersecurity
12) Advice and mentor the development of junior staff members, provide guidance in self-learning activities
13) Understand and ensure compliance with all current and applicable laws, regulations, and guidance’s from US and EU that affect Medical Device Cybersecurity
14) Remains up to date on new and emerging technologies within area of technical expertise and serves as resource to other Baxter employees
Competency with security event monitoring tools and techniques
Subject matter expertise in cybersecurity event analysis including requirements, design, architecture and operations
Maturity to accept direction, confidence to give direction
Creativity in addressing technical challenges
Technical expertise and/or breadth in one or more systems environments and strategic technologies
Ability to understand and assist in evolution and/or integration of Baxter applications
Strong oral and presentation skills
Proven record to deliver results

Threat Intelligence Expert Resume Examples & Samples

Perform research and analysis of malware, security threats and vulnerabilities, including statistical views
Query and analyze threat trend analysis data, IOC (indicators of compromise) from multiple database sources
Hands on experience in database design/operation/maintenance and MySQL
Big data hands on experience required (Apache Hadoop, Spark, NoSQL, etc)
Deep appreciation and understanding of how web service work together, include HTTP, REST, XMLRPC, JSON and preferably STIX/TAXII
Data visualization experience (Tableau, Qlikview, etc)
Experience with of at least one scripting language: Shell, Ruby, Perl, Python, etc o Further development skills (C/C++) an asset
Familiar understanding of malware and sandbox concepts
Familiar understanding of security vulnerability and exploit lifecycle
Networking concepts and Linux system administration skills
Clear understanding of competitive landscape and differentiators in regard to APT defense
Statistical and quantitative analysis (R, Matlab, SAS, Stata, etc) is a very strong asset
Comprehensive understanding of machine learning concepts is a strong asset
Highly motivated and responsible quick learner

Threat Intelligence Manager Resume Examples & Samples

Develops, sets the direction, designs, and implements threat intelligence programs and plans in threat environments evolving and complex, international or domestic, predictable and unpredictable. Works with Corporate Security managers and subsidiaries to ensure plans are predictive, not just reactive, while appropriate for the location/culture and aligned to Corporate Security business plans
Acts as a key participant in forming response options to high profile threats to business such as terrorist attacks, strikes, and hostile communications to executives. Undertakes assignments that have a broad impact across the company, such as conceiving of and proposing new security initiatives and guidelines, broader studies of areas such as crisis management, multidisciplinary intellectual property programs, and other broader projects normally done by the director. Able to maturely deal with interdepartmental obstacles to achieving company strategic goals. Uses a deep understanding of global threats to businesses, such as state sponsored attempts to leverage company IP and terrorist targeting of western businesses
Manages internal and external resources in the development and delivery of products and services in the travel security and risk assessment space. Formulates and manages Corporate Security’s role in business continuity. May make decisions with others regarding allocation and management of financial resources. Continually develops sources, generating reports based on data mining tools driven by business requirements. Able to act as a persuasive, credible representative with senior and executive leadership on the expenditure of financial resources
Supports Director of Corporate Security’s special initiatives as needed. Provides direct supervision to assigned direct reports, including setting objectives and creating a business plan. Collaborates with Security Managers to influence subsidiary management regarding budgetary plans. Provides guidance and leadership with respect to analytical tools and techniques in order to spread threat analysis expertise within key company threat nodes
Willingness to be on-call for response to emergent situations as needed
Minimum of seven (7) years of intelligence, analysis, and/or Intelligence Community experience
Minimum of two (2) years Threat Intelligence experience in a commercial and/or business setting
Master's degree is preferred
Experience in both public and private sector threat analysis preferred
A demonstrated ability to work with ambiguous information in resource constrained environments
Firm understanding of the US Intelligence Community and associated federal and local agencies
Strong understanding of global business practices
Complex professional level understanding of organizations posing a threat to company personnel and IP
Works comfortably in foreign environments
Ability to work irregular hours as needed
Outstanding verbal and written communication skills, adaptable to all levels of the organization
Must have demonstrated experience and exposure in the international security arena
Demonstrates ability to use independent decision making to adjust actions, decisions, and communications in a variety of different situations and cultures
Required to apply a broad spectrum of knowledge on a daily basis for issues that include physical security, compliance, investigation strategy, intelligence gathering and evaluation in a manner meaningful and credible to the customer

Threat Intelligence Developer Resume Examples & Samples

Maintain, develop, and continuously evaluate cyber, brand & threat intelligence/data sources
Maintain an understanding of the overall threat landscape (cyber, malware, botnets, phishing, DDoS, physical)
Collect, analyze, investigate, store, and disseminate indicators of compromise (IOCs), threat intelligence
Regularly develop and produce written cyber brand and threat intelligence reports
Provide support to the FIS Security Incident Response Team and SOC in the effective detection, analysis, and containment of attacks, as well as researching potential IOCs and linking to intelligence
Partner with incident response, physical security, legal, and other teams
Partner with peers at other organizations through the FS-ISAC and other groups we belong to, as well as through personal trust groups and relationships
Draft, edit, and disseminate threat intelligence information/briefs to stakeholders, executive leadership, and others
Monitoring of security procedures and practices, recommend optimizations and improvements when gaps are identified

Incident Response & Threat Intelligence Manager Resume Examples & Samples

Manage and lead the bank’s highly technical Incident Response and Threat Intelligence team
Conduct and oversee incident detection, containment, eradication, and recovery procedures
Oversee and support investigations through data analysis and information gathering. Collect and protect evidence, provide internal and external communications, and document lessons learned
Participate and lead key functional areas of the Computer Security Incident Response Team (CSIRT)
Lead and manage security incidents to ensure timely mitigation and remediation efforts are completed
Monitor and assess a range of threat intelligence feeds for actionable indicators or potential risks
Responsible for creating and evaluating workflow processes, procedures, and checklists
Coordinate with internal and external customers to identify, analyze, and mitigate security incidents
Create, mature, and maintain applicable metrics and reports for areas of responsibility
Evaluate new and existing regulatory incident reporting requirements to ensure bank compliance
Experience responding to attacks vectors such as malware, data exfiltration, DDoS, and phishing
Build and maintain effective relationships with other technology and business departments
Manage team short-range planning including and training programs for team
Provide continuous feedback, write annual appraisals, and oversees staff development
Implementing technical solutions for requirements supporting GLBA, SOX, NIST, ISO, and PCI
Manage vendor relationships to ensure business satisfaction with network and system security services
Ensure network security systems comply with company policies, standards, and procedures
Research emerging technologies in support of security enhancement and development efforts
Awareness of security contracts and management of capital and operating budgets
Identify and resolve gaps in security program and defense in depth strategies
Stay current with regulations, emerging threats, technology risks, and risks to financial institutions
Continually re-asses the status quo and evaluate and adopt alternative processes and solutions
Extensive experience and technical knowledge of system and network security practices, incident handling, authentication and security protocols, application security, and defense in depth practices
Ability to present to small and large audiences
At least 10 years combined systems, networks, and/or application security experience
At least 3 years of experience managing and leading teams, programs, or departments

Lead Threat Intelligence Resume Examples & Samples

Barclays Africa, its clients and partners. GIS Africa Intelligence’s role includes centralizing and coordinating all intelligence functions within GIS by providing timely, actionable, and high quality intelligence in support of critical operations globally
Key accountabilities of the GIS Africa Intelligence team are conducting active intelligence gathering, analysis of multiple data feeds and engagements to provide actionable intelligence, consultancy and reporting to defense and fraud teams across Barclays Africa
Lead and take action on a diverse range of technical and threat information related to the cyber-enabled fraud threat landscape
Conduct deep-dive analysis to draw out cyber-enabled fraud trend analysis and context, drawing relevant conclusions and assessment. Continual added value is essential
Increase Barclays Africa ability in the technical analysis of information linked to cyber-fraud cases, both external and internal, in order to generate actionable intelligence to prevent further attacks against Barclays Africa
Conduct and communicate analysis into cyber threat campaigns, threat actors and threat evolution, placing into context the resulting current and future threat to Barclays Africa
Develop additional skills and capability to deliver team objectives, identifying needs and making opportunities to fulfil these. Contribute to the growth of the team’s technical capability and understanding of cyber fraud and delivery by utilizing (learning if necessary and) suitable tools and analysis
B-degree in a Technology related field (NQF level no. 6). Postgrad Degree preferred
Ten (10) years’ experience in a technology environment with at least five (5) years focused on Information Security
Proven experience managing people

SOC Threat Intelligence Resume Examples & Samples

Identify and prevent current and future threats to user/customer security and privacy
Provide level 2 proactive security events analysis and threat analytics
Monitoring of security events in the SIEM, as well as other security feeds and then take appropriate action based on the company security policy
Ownership and triage of Information Security incidents through to service recovery
Documenting event analysis in sufficient detail that the analysis process can be passed to other security personnel or subject matter experts
Must be able to read and interpret raw packet data
Understanding of common network services (TCP/IP web, mail, FTP, DNS etc.), vulnerabilities, and attack patterns is a must
Knowledge of firewalls, intrusion detection/prevention systems and various Operating Systems
Experience with End Point Forensics tools such as Carbon Black and Network Forensics Tools such as Security Analytics (Netwitness)
Investigate security breaches and provide guidance to other SOC Analysts
Be an advocate of information security and privacy programs across the company
Provide management with metrics and reports
Generates daily Threat Tracking reports and Advisories and works with the Security Awareness Manager for the purpose of proactive awareness and response
Serves as an internal security threat/incident response subject matter expert
Identifies key security concerns based on threat analysis and uses them to provide Threat Prevention based solutions
Bachelor Degree in Computer Sciences, or equivalent prior work experience in a related field
One or more of the following security certifications is required. (GREM, GCIH, GCIA, GAWN)
One or more of the following certifications is preferred (Security+, Network+, CISSP, and CRISC)
A broad understanding of the security landscape and its business context / impact
Exceptional written and verbal communication skills, including the ability to describe technical mechanics and put them into a humanized context
Eight to ten years in a computer related field, with at least seven in Information Security
Advanced knowledge of network security infrastructure, risk analysis, data/voice communication systems, services and system/network configurations. Network operations, design, and systems management
Strong knowledge of OWASP, NIST, PCI, and best practices
Strong security knowledge and conceptual understanding of current technologies such as firewalls, VPNs, IDS/IPS and other security devices
Strong analytical skills (i.e., technical and non-technical problem solving skills)
Must have the ability to communicate technical and security-related concepts to a broad range of technical and non-technical staff and management
Possess strong interpersonal and project management skills
High personal credibility and integrity
Strong ability to persuade, convince and influence others through collaboration
Must have the ability to work and effectively prioritize in a highly dynamic work environment
Act responsibly and professionally as part of an enterprise team
Maintain a professional working relationship throughout all levels of the organization
Must have strong analytical and problem solving skills

Incident Response / Threat Intelligence Resume Examples & Samples

Work with Prospects and Clients to rapidly assess Cyber Security Incidents and Incident Response/Threat Intelligence Service Request that are escalated to SecureWorks
Rapidly assess Cyber Security Incidents, likely response plan, skillsets required to respond, and ability for SCWX to respond
Enable sales staff through confidence inspiring interactions with Prospects and Clients, demonstrating best in class Incident Response Knowledge
First line of defense against project risks: legal risks, scope risks, budget risks
Manage urgent and critical interactions with all levels of prospect and client staff from Leadership to Technical Staff
Maintain professional, calming, and authoritative presence in crisis situations
Monitor several communication channels for Incoming IR and threat intelligence enrichment service requests
Take ownership of, triage, and update tracking systems for service requests
Gather contextual information from multiple sources to establish a service request course of action or respond to a standard request for information, to include threat intelligence data sets, service delivery engagements in progress, previous service delivery engagements, service delivery procedures, and service descriptions
Meet service level agreements regarding initial response time and client notification as it pertains to SecureWorks IR and TI services
Determine the appropriate contract vehicle for net new client service requests to ensure contractual coverage and funding for the service request
Liaise with practice leaders, team leads, and account executives to schedule the appropriate personnel to join teleconference calls with prospects and clients seeking IR and TI services
Facilitate communications with prospects, clients, account executives, and service delivery specialists to assess scope, objectives, and required skillsets for IR and TI enrichment service requests at the “pre-sales” stage or “pre-delivery” stage of potential service requests
Provide instructions in written and oral formats to prospects and clients for media handling and artifact collection that are required for IR and TI enrichment service requests
Provide internal stakeholders the necessary information for decision support and situational awareness on service request intake activities
Document all communications with clients and intradepartmental constituents related to outstanding service requests in order to escalate to the next level and track intake activities
Route service requests to the proper service delivery team with the appropriate level of urgency and communication channel in a professional and courteous manner with an emphasis on client satisfaction. Assess and escalate to the next level as needed
Support the development and documentation of process improvements for efficient and effective response to IR and TI service requests
Minimum five (5) years of experience in cybersecurity operations or IT/Network Security Engineer and
Professional degree relevant to cybersecurity
GCIH, GCFE, GCFA, GREM, CISSP, CISM, or similar cybersecurity technical and managerial certifications

Threat Intelligence / Red Team Manager Resume Examples & Samples

Development, analysis and assimilation of threat intelligence feeds with intention to automate handling of new intel where possible
Establishment of intelligence sharing with industry security experts
Creation, implementation and testing of logic to prevent and detect malicious actions across the Huntington network
Partnering with business segments to decision a penetration test, define the control objectives to test, overseeing and guiding the test leading technical and business personnel in the remediation of any findings from the test
Working closely with other teams within Information Security, as well as Corporate Security and Fraud teams to expand an insider threat program
Defining the scope, rules of engagement, and primary objectives for red team exercises
Identifying and integrate detective measures to better support existing components throughout the enterprise
Development and curation of a Threat Actor Library
Providing guidance and advice to the Chief Information Security Officer related to emerging threat actors, methodologies, and eminent threat events
Providing corporate-level expertise and support to individual lines of business as well as the corporate risk functions on risk, trends, and activity concerning top threat actor motives, means, techniques and timing
Demonstrate comprehensive understanding of varied Threat Actors, remain vigilant to their changing tactics, stay abreast of industry trends, and strategize operational enhancements to combat emerging threats
Provides specific information and assessment of exposure covering aspects such as: cross channel fraud, hacktivists movement, high profile cases and criminal behavior patterns discovered; articulating trends in management and tactical briefings
Analysis of deep web and covert communication mechanisms to facilitate ongoing understanding of criminal communications specific to Huntington Bank
Regularly communicates with Business Unit, Information Security and Risk partners to establish, maintain and improve upon monitoring and methods to address and mitigate risks both within the Business Unit and core network
Working knowledge of consumer and commercial banking across multiple channels preferred
Working knowledge of various detection and prevention systems, their capabilities and application
Broad knowledge of technology and how it can be exploited
Understand the technical details of various attacks, including network, web application and wireless exploits
Experience assessing multiple concurrent complex systems or processes from a risk perspective and documenting recommended mitigation options
Demonstrated experience influencing system and business leaders to enhance security process and enable the business through security
Ability to create well written documents and deliver high quality presentations
Specific experience working in threat intelligence, red teams, or incident response is preferred; with deep industry contacts in security research, cross channel fraud, and information security
Preferably served in senior level risk, information security or investigations role(s) within a complex banking organization
Exceptional analytical and problem solving skills; ability to identify, escalate, investigate and resolve issues
Strong verbal and written communication skills; able to correspond effectively with segment risk officers, various operations teams and senior management
Capable of sharing knowledge, mentoring, and training other team members
Ability to manage and prioritize complex and occasionally competing tasks
Self-motivated with the ability to work independently and as a member of a team

Threat Intelligence & Vulnerability Management Lead Resume Examples & Samples

Provide overall management of the Threat Intelligence program
Maintain an up-to-date understanding of emerging cyber threats
Support program to inform stakeholders of threats
Utilize Threat Intelligence information to increase awareness and monitoring capabilities
Identify and implement sources of intelligence
Provide overall management of the Vulnerability Management program
Work with multiple teams to ingest vulnerability data and process for remediation
Build effective relationships with key stakeholders who own and support IT infrastructure applications, processes, and operations to further the effectiveness of the vulnerability management program
Analyzes data from threat and vulnerability feeds and analyzes data for applicability to the organization
Seek opportunities for strengthening Vulnerabilities detection capabilities
Gain commitment from stakeholders to implement recommended and agreed information security controls for the mitigation of risk related to vulnerabilities
Demonstrated experience building and managing vulnerability management programs
Strong knowledge of remediation work
Strong knowledge of common vulnerabilities and exploitation techniques
Strong understanding of patch deployment and management
Ability to track multiple work streams
Ability to digest multiple flows of intelligence and vulnerability data to create actionable intel and drive remediation activities
Experience with multiple vulnerability scanning technologies
Ability to brief technical risks and issues to executives and business leaders
BS or MA in Computer Science, Information Security, or a related field
10+ years of experience in Information Technology 5+ years of experience in Information Security space
Russian language skills

Senior Threat Intelligence Manager Resume Examples & Samples

Responsible for leading the tactical and strategic components of the Intelligence function within the TMC to include people, process, and technology
Supervises the processing of both internal and external Cyber Threat Intelligence for determination of impact, hunting to determine scope, and implementation of mitigations to defend Verizon’s enterprise
Identifies new intel feeds and implements process intake
Ensures intelligence analysts conduct pivoting analysis on Threat Intelligence to identify current impact or proactively process mitigations for defense
Review reporting of Intelligence analysis to peers and leadership teams for purposes of situational awareness and making Intelligence actionable
Ensure tactical mitigations are processed based on results of analysis and determination of threat validity
Support the Threat Management Center during incident response and threat monitoring activities to include intelligence context and analysis support
Drive the technical oversight and guidance required to support junior and mid-career team during Intelligence analysis efforts
Review intelligence and technical articles for knowledge sharing
Lead strategic projects and develop capabilities to enhance and mature existing cyber Intelligence functions
Attracts, retains, and leads a team of employees by educating, developing and managing them to deliver strong results
Responsible for all aspects of their team’s performance management activities including goal setting, conducting reviews, check-ins and disciplinary action, as needed

Threat Intelligence Manager Resume Examples & Samples

Supervision/ management of an IT function/site/corporate operation
Day-to-day functional management of the organization, to include performance management, training/developing, forecasting/reporting, and budgeting/expense control
Set future direction and plans
Ensures operation meets basic user, headcount, and quality guidelines
Represent operation
Provide training program
Provide day-to-day operational reporting/tracking indicators
Contributes to the development of new principles and concepts
Currently be a US Citizen
Bachelor's Degree with 9 years or a Master's Degree with 6 years or PhD with 4 years in Computer Science, International Relations, Security Studies, Intelligence Studies, Cyber Security, Information Management or related field in a Thread Intelligences Management role
Turn threat analysis into actionable intelligent (change in software, integration, design, etc)
Tech-expertise in the cyber warfare simulation
Ability to influence using insight, logic, and data to effectively persuade partners or customers or partners on recommendation or course of action
Proven leadership in building effective security teams and ability to influence strategic and tactical decisions that affect security objectives
Understanding of emerging threats, including tactics, techniques and procedures used by advanced adversaries
Knowledge of current hacking techniques, vulnerability disclosures, data breach incidents, and security analysis techniques
Strong understanding of threat intelligence automation technologies, architectures, contextual engines, and instrumentation
Expert knowledge of and experience with all phases of the incident response lifecycle
Experience working and sharing within high-trust communities internally and externally
Ability to write and deliver high-quality intelligence assessments and briefings for a senior-level audience
Make sure they put in place policies, with information sharing with regards to cyber security threats
Ability to clearly and concisely articulate issues to both technical and non-technical audience Advanced knowledge of a highly technical or professional field. Applies advanced principles, theories, and concepts
Building an effective global intelligence network through strategic internal and external partnerships, and enabling information sharing among Intel group of companies and with trusted external partners
Proven record establishing an effective information security team, experience working for a global, multinational company, have demonstrated experience leading a team to deliver timely and actionable threat intelligence, and ability to influence decision makers with data and objective analysis
Strong technical security and risk management expertise, deep understanding of incident response and the cyber threat intelligence lifecycle, experience delivering penetration testing capabilities and business process and customer relationship management skills

Threat Intelligence Intern Resume Examples & Samples

Evaluate malware detonation sandbox provisioning
Analyze cyber threats to identify IOCs and functionality
Develop automation for collection and processing of data
Collect and analyze OSINT
Work with regular expressions and YARA signatures

Threat Intelligence, Senior Manager Resume Examples & Samples

Consistently meet Service Level Agreements for service requests
Gather saturation and protection metrics and ensure action is taken to immediately resolve any defects
Manage on-call rotation for priority events
Work with other IT support departments to ensure best practices are followed for maintaining SEP (e.g. Gold image maintained with newest SEP client)
Threat Detection, gather intelligence on new cyber-threat and create prioritized correlation content to address relevant threats
Govern the correlation content program to ensure content is active for relevant threats and removed for threats that are not relevant
Work closely with the Security Operation Center to ensure their needs are met and that new content is handed off efficiently
Govern the log management process to ensure devices are logging as intended and if gaps are identified and re-mediate them immediately
Follow and implement all CVS processes and procedures
Provide evidence to our various audit teams and 3rd parties regarding PCI,PHI, PII and HIPPA compliance
Maintain positive morale in a high demand high pressure organization

Senior Manager, Threat Intelligence Resume Examples & Samples

Manage and continue to build the Global Threat Analysis Team
Develop and maintain up to date threat analysis procedures
Ensure threat analysts provide timely and customer-appropriate intelligence and briefings
Interface with stakeholders across all Sony Group companies worldwide to drive a deep understanding of relevant threats
Lead projects to improve data collection and interpretation processes and initiatives regarding threat intelligence and information security
Monitor, research, analyze, brief, and develop mitigation for information security threats
Maintain awareness of the latest emerging threats and exploitation vectors
Provide analysis to help protect Sony from advanced threats and create awareness of unique threats to Sony
Work closely with other technical, forensic and incident management personnel
Develop and maintain analytical procedures to meet changing requirements and ensure maximum operational effectiveness
Bachelor’s degree, preferably in Information Technology or other applicable area, or other equivalent experience
Minimum of 7 years’ experience in one or more of the following areas: Information Security, Data Analytics, Intelligence Analysis
Minimum of 3 years’ of experience in management of analysis teams
Demonstrated understanding of threat information gathering and analysis
Ability to engage with business stakeholders translating detailed analysis into relevant briefings
Ability to work and communicate effectively and tactfully with all levels of executives
Exceptional communication and advocacy skills, both verbal and written, with the ability to express complex and technical issues as understandable language
Ability to manage multiple activities and events simultaneously, with a strong ability to prioritize multiple tasks and respond to high-priority events; organizing and scheduling work effectively
All candidates must be authorized to work in the USA

Incidence Response & Threat Intelligence Manager Resume Examples & Samples

A four-year college degree
Demonstrated, extensive experience and knowledge of network security practices
At least one of the following certifications: CISSP, CISM, GSLC, GCIH, GCIA, GCFA, CSIH, CEH, CHFI
Hands-on experience in incident handling, IR documentation, risk and incident escalation, applications security, security protocols, and authentication
A minimum of 8 years of combined networks, applications, and/or systems security experience
A minimum of 2 years of experience in leading teams
Demonstrated experience in cloud security
A technical certification in cloud computing
Certified Ethical Hacker (CEH)

Threat Intelligence Expert Resume Examples & Samples

The analyst will assist with collection of data from Novartis (IT) security community, intelligence from vendors, open source intelligence and social media
Identifying and analyzing patterns and changes in tactics, techniques and procedures used by attackers to attack Novartis IT infrastructure and management staff
Proactively identify and analyze vulnerabilities as well as related exploits and attack vectors
Debrief management through presentations and written briefs on the threats facing our industry and company with likelihood of occurrence
Analysis will result in indicators of compromise, accurate understanding of the risk to Novartis IT infrastructure and prioritization of remediation efforts and manpower
Monitoring for emerging vulnerabilities impacting resources used within Novartis
Track attack vectors used by Threat Actors and evaluate the effectiveness of existing controls
Support the Threat and Vulnerability Assessment process to ensure proper prioritization of remediation
Establish required contact to identify targeted campaigns against the company
Review available intelligence feeds
Identify potential trade of data belonging to the company
Validate profile of potential threat actors to define likelihood of occurrence and validity of new threats
Collect and consume intelligence on likely targeting or past targeting leading to data being available on the dark web
Maintain up-to-date awareness of computer network exploitation and attack tools, threats and vulnerabilities and respective counter/mitigation measures
Develop a working understanding of attackers capabilities and intentions
Provide trend/correlation analysis and scenario forecasting
Respond to requests for information (RFI’s) from (IT, internal, management, security) staff
Create consumable intelligence briefs
Brief senior leaders on likely threats targeting our company