The opportunity
the senior cyber intelligence analyst is responsible for supporting the cyber intelligence function for the cyber fusion center. The cyber intelligence analyst will use a wide range of sources of technical data collection and analysis in order to produce a common operating picture of intrusion or threat related activity. This includes identifying, reviewing, and researching new technical and non-technical sources of information, ioc review, threat research, threat profile development, analysis, alert triage, and coordinating team tasks with other locations.
your impact
as cyber threat intelligence analyst, your responsibilities would consist of:
* understand threat modeling methodology such as kill chain, diamond model, and mitre att&ck framework to identify, classify, prioritize and report on cyber threats using a structured approach.
* understand a risk-based model of historical threat activity, trends and common attack vectors tied to tactics, techniques, and procedures (ttps) to support threat detection and pen testing teams.
* participate in data driven research with internal teams on changes to the cyber threat landscape through various internal and external tools to support incidents.
* reviews and assesses indicators of compromise (iocs) related to threats to the organization provided by partner institutions, mailing lists, open source news, and industry partnerships.
* support and participate in relationships between various security teams and external partnerships.
* share relevant cyber intelligence findings to a variety of internal audiences (senior leadership, it teams, user communities, etc.) and external trust groups.
* participation in after hours on-call rotation when required.
who are we looking for?
experience
* 2+ years of experience with a combination of cyber threat intelligence or research and threat detection or incident response work, at least 1 year of which should be in a large multinational company.
* knowledge of current and historical threat actor group(s) ttps.
* knowledge of enterprise-wide ticketing systems.
* knowledge of the mitre att&ck framework, cyber kill chain, diamond model of intrusion analysis, or other relevant network defense and intelligence frameworks.
* experience with collecting, analyzing, and interpreting data from multiple sources and documenting the results.
* knowledge of the principal methods, procedures, and techniques of gathering information and producing, reporting, and sharing intelligence.
* experience with intelligence feed alert and data feed tuning and source cultivation.
* experience with python or other scripting languages.
* foundational knowledge in it infrastructure, to include hardware, networking, architecture, protocols, files systems, and operating systems.
* knowledge of network security technologies, log formats, siem technologies, and security operations.
* experience with tool migration, testing, and integration.
* strong collaborative skills and proven ability to work in a diverse global team of security professionals.
we want you to be a part of the pepsico family. You can also apply directly on our site!
#j-18808-ljbffr