Principal Threat Research Analyst
Talent Acquisition Advisor: Prathika Shetty
Job Code Level: IKP5
Refer Your Friends!
As a Principal Threat Research Analyst, you will work closely with our senior threat researcher and partner with clients to investigate the threat leads on their systems. You will help to extract data and remove the noise in order to pinpoint the internal and external threats. Our client base is global and in nearly every industry.
You Are Great:
- Work with behavioral analytics threat-hunting technologies to analyze and identify threat patterns or indicators that can be used for threat detection on our platform.
- Follow the emerging threats and attack techniques by reading detailed analytics anomalies.
- Identify, analyze, and define the attack path of advanced intrusions.
- Produce reports that can form the basis for new behavioral models.
- Maintain situational awareness of cyber activity by reviewing new anomalies and tracking attack campaigns through their attack cycle.
- Track threat actors, their tactics, techniques, and procedures (TTPs), and their associated Indicators of Compromise (IOCs) through analytics.
- Follow the analytic results leveraging additional search techniques including Kibana and Athena.
- Understanding the cybersecurity landscape
- Deep knowledge of current and past malware methods, attack methodologies, and TTPs (Tactics, Techniques, Procedures)
- Strong understanding of current attacker tradecraft
- Define client relationships and understand the critical assets in their environment to develop additional detection patterns.
- Experience with common industry EDR/SOAR/Anomaly detection solutions (CrowdStrike Falcon, Microsoft Defender, etc.)
- Experience with the incident response process, including detecting advanced adversaries, log analysis using SIEM, and malware triage (Optional)
- Knowledge and experience working with the Cyber Kill Chain Model, MITER ATT&CK Matrix. (Optional)
- Knowledge of Operating Systems and Network Protocols
- Extensive knowledge of Operating System Internals (Windows, *nix, MacOS)
- Strong understanding of network security concepts and network protocols, NetFlow, and web proxy.
- Scripting knowledge (PowerShell, Python, etc.)
- Technical Writing and Reporting Skills
- Experience preparing security reports and different technical documents.
What it Takes:
- You are persistent and inquisitive. You must understand why things are happening the way they are.
- You are determined to understand cyber-attack techniques at a very detailed level.
- You are a self-starter who is able to work with minimal management, however, have strong collaboration and interpersonal skills to work together with several other professionals from other information security fields.
- You’re a creative thinker who wants to answer the question, “Why?”
- Your workstation is a pyramid of monitors that you can't take your eyes off of at the risk of missing something juicy.
- You have a desire to learn new technologies.
- Your sense of humor, passion and enthusiasm shines through in everything you do
Micro Focus’ (now OpenText) efforts to build an inclusive work environment go beyond simply complying with applicable laws. Our Employment Equity and Diversity Policy provides direction on maintaining a working environment that is inclusive of everyone, regardless of culture, national origin, race, color, gender, gender identification, sexual orientation, family status, age, veteran status, disability, religion, or other basis protected by applicable laws. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please contact us at firstname.lastname@example.org.
Land your dream job
Get a weekly email with the latest startup jobs.