Principal Threat Analyst

Yesterday

🇺🇸 United States – Remote

🌵 Arizona – Remote

Although this job is listed in Arizona, this company may be open to hiring remote in other states.

🌪️ Kansas – Remote

Although this job is listed in Kansas, this company may be open to hiring remote in other states.

+2 more states

🌵 Arizona – Remote 🌪️ Kansas – Remote 🍂 Massachusetts – Remote 🤠 Texas – Remote

⏰ Full Time

🔴 Lead

🧐 Analyst

🦅 H1B Visa Sponsor

Apply Now

Receive Emails with Similar Jobs

Optiv

WebsiteLinkedInAll Job Openings

Security Program Strategy • Enterprise Risk and Compliance • Threat and Vulnerability Management • Security Architecture and Implementation • Security Education and Awareness

1001 - 5000 employees

Founded 2012

💰 Venture Round on 2017-01

Description

• This position will be fully remote and can be hired anywhere in the continental U.S. • This role is Monday-Friday 9-5pm CST. • This team provides 24/7 support and this role will require shift flexibility. • The Principal Analyst will provide deep level analysis for client investigations utilizing customer provided data sources, audit, and monitoring tools at both the government and enterprise level. • The Principal Analyst will work closely with our Technology Engineers, Architects, and Threat Analysts to service customers. • Operate independently in a geographically dispersed team, while maintaining situational awareness and keeping the team up to date • Perform security monitoring and incident response activities across the networks, leveraging a variety of tools and techniques • Detect incidents through proactive “hunting” across security-relevant data sets • Thoroughly document incident response analysis activities • Review investigations conducted by more junior analysts to ensure quality standards are met • Develop new, repeatable methods for finding malicious activity across the networks • Provide recommendations to enhance detection and protection capabilities • Regularly present technical topics to technical and non-technical audiences • Develop and follow detailed operational processes and procedures to appropriately analyze, escalate, and assist in the remediation of information security incidents • Prioritize multiple high-priority tasks and formulate responses/recommendations to customers and team members in a fast-paced environment • Provide assistance to other security teams • Continually develop new technical skills and push overall team capabilities forward • Engage with and mentor other team members • Work with other teams on major engineering and architecture initiatives • Be innovative with their understanding of attack methodologies, malware analysis, malicious toolkits, and how those may manifest within various security technologies • Advanced proactive threat hunting • Understands advanced adversary emulation concepts • Advanced use case design for insider threat, operational, threat detection and response • Review of defensive and detective controls to reduce client attack surface

Requirements

• 6+ years operational experience assessing, reviewing, and remediating infrastructure vulnerabilities, CVE’s, and risks. • Knowledge of third-party software vulnerabilities, security threat landscape, especially network and server threats • Knowledge of cyber security threats and risks, vendor computing environments, basic systems, and network technologies. • Experience with and understanding of CVE’s and CVSS scores • Knowledge of compensating controls and mitigating factors. • Knowledge of Information Security frameworks, guidelines, and standard methodologies. • Knowledge of the Windows and / or Linux operating systems • Knowledge and understanding of Cybersecurity controls and logging and monitoring tools. • Ability to expertly interact with all levels of personnel • Excellent verbal and written communication skills • Strong in problem solving and analytical skills • Ability to work on multiple projects by prioritizing and results oriented approach • Good teammate with flexibility required for support operations • Be well versed in the cyber threat landscape; have an advanced understanding and knowledge of what tactics and techniques are being used by adversaries; have an advanced understand and knowledge of what security controls and/or telemetry data is available to detect these tactics and techniques; and be familiar with cyber security incident response terminology, processes, and techniques. • Moderate to complex investigations (multiple tools) including endpoint, UEBA, public cloud, SAAS and packet analysis • Security use case design recommendations for threat detection • Threat response activities such as quarantining host and other common response playbook activities • Proactive threat hunting using multiple client tools • Process development and documentation • Application of threat intelligence to improve detection and response capabilities • Extensive experience with the MITRE @ttack framework and associated tactics • Extensive alert triage and endpoint investigations using technologies such as EDR • Phishing analysis • Malware analysis (does not include reverse engineering) • MITRE attack framework expertise and understanding of common attack tactics used by threat actors • Provide recommendations on tuning of security detection platforms and use cases to improve accuracy of detection • Knowledge AWS, Azure, GCP cloud service technology • Basic fraud and insider threat specific investigation skills • Knowledge of metrics and reporting with the use of data visualization tools such as Tableau • Demonstrable data analytics skills • Must have a passion for data analysis

Benefits

• A company committed to championing Diversity, Equality, and Inclusion through our Employee Resource Groups. • Work/life balance • Professional training resources • Creative problem-solving and the ability to tackle unique, complex projects • Volunteer Opportunities. “Optiv Chips In” encourages employees to volunteer and engage with their teams and communities. • The ability and technology necessary to productively work remotely/from home (where applicable)