Job Description

Tyto Athene is hiring a Cyber Threat Intelligence (CTI) Analyst SME to support a 24/7/365 Enterprise Security Operations Center (ESOC). The mission of the Enterprise Security Section (ECS) Services is to defend the customer against cyber threats through proactive engagement, vigilant monitoring, and prompt response.

As CTI Analyst SME, you will be responsible for monitoring and analyzing external cyber threat data to provide insights and actionable intelligence about potential cyber threats. You will triage information collected from different threat intelligence sources, including internal sources, and study the pattern of attacks, their methodology, motive, severity, and threat landscape applicable to the customer’s systems.

Responsibilities:

• Monitor open-source websites for hostile content directed towards organizational or partner interests.
• Gather information from private and proprietary sources, including paid subscriptions, information-sharing communities, or partnerships with other organizati
• Analyze collected data to identify potential threats, vulnerabilities, and emerging trends.
• Enrich data with context to provide a more comprehensive understanding of threats, such as attributing specific threats to threat actors or groups.
• Provide tactical intelligence that helps the SOC understand the specifics of current threats, including indicators of compromise (IOCs), tactics, techniques, and procedures (TTPs) used by attackers.
• Offer strategic intelligence to help the organization anticipate long-term trends, understand the motivations of threat actors and plan for future cybersecurity challenges.
• Assist the SOC during ongoing incidents by providing real-time intelligence updates, context, and guidance to help investigate, contain, and remedy threats.
• Provide information on known vulnerabilities and potential zero-day threats to help the SOC prioritize and patch systems accordingly.
• Actively participate in information-sharing communities and industry groups and collaborate with other organizations to gain and contribute to a collective understanding of the threat landscape.
• Educate SOC analysts and other relevant teams on the latest threats, attack techniques, and defensive strategies to enhance the overall cybersecurity awareness within the organization
• Routinely provide reports and briefings to key organizational stakeholders to keep them informed about the evolving threat landscape and the effectiveness of current security measures.
• Apply threat modeling methodologies, such as STRIDE and DREAD, in conducting risk assessments and evaluating potential threats.
• Analyze geopolitical factors that influence cyber threats and assess their potential impact on organizational risk and decision-making.
• Understand the operational capabilities and limitations of security technologies utilized within the SOC, ensuring effective threat response.
• Be knowledgeable about legal and ethical considerations related to threat intelligence, including data privacy laws and compliance requirements.
• Comprehend the implications of artificial intelligence and machine learning technologies in threat detection and response strategies.
• Utilize threat intelligence sharing platforms and collaborative frameworks, such as Information Sharing and Analysis Centers (ISACs).
• Stay informed about industry best practices and trends in cyber threat intelligence, adapting to the evolving landscape of cyber threats and defenses.
• Develop and disseminate actionable threat intelligence reports and briefings tailored to stakeholder needs.
• Demonstrate advanced proficiency in using threat intelligence platforms and tools for effective data aggregation and analysis.
• Excel in conducting threat hunting activities to proactively identify and mitigate potential threats within the environment
• Exhibit strong strategic thinking skills to align threat intelligence initiatives with organizational goals and risk management strategies.
• Demonstrate leadership capabilities to influence and drive security initiatives, promoting a proactive threat intelligence posture across the organization
• Mentor and train junior analysts, fostering a culture of continuous improvement and knowledge sharing within the CTI team.
• Develop threat models and conduct risk assessments to support security planning and prioritization
• Conduct thorough post-incident analyses, identifying lessons learned and recommending improvements for future readiness.
• Actively participate in cybersecurity forums and industry groups to remain updated on trends and collaborate with peers.
• Exhibit advanced proficiency in specialized threat intelligence tools and platforms, enhancing the ability to analyze and respond to threats effectively.

Required:

• Bachelor’s degree, or equivalent experience, in a relevant technical- or business-related field, and at least 15 years of experience in Information Security; and experience (in at least three (3) of the INFOSEC fields of Computer Security, Cryptography, Physical/facility, network security, certification/accreditation, risk analysis, or disaster recover planning and execution).
• Must possess at least one (1) of the following certifications: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Cyber Threat Intelligence Analyst (CCTIA).
• Expertise in open-source intelligence (OSINT) collection methods and tools to enhance overall threat intelligence capabilities
• Proficient understanding of intelligence fusion, performing threat factor analysis, and possess a comprehensive understanding of cyber threat landscapes, including current and emerging threats and vulnerabilities
• Possess a thorough understanding of incident response processes, methodologies, and best practices, contributing to effective threat mitigate
• Expertise in established cyber threat intelligence frameworks, such as MITRE ATT&CK and in-depth knowledge of advanced persistent threats (APTs), including their lifecycle, detection methods, and mitigation strategies.
• Exceptional analytical skills to evaluate and synthesize threat data from diverse sources, identifying complex attack patterns and trends.
• Experience using Splunk and Microsoft Sentinel to search available log sources for threats.

Desired:

• GIAC Cyber Threat Intelligence (GCTI) certification

Clearance:

• Active Top Secret with SCI eligibility

Location: Huntsville, AL (on-site)

Benefits:

• Highlights of our benefits include Health/Dental/Vision, 401(k) match, Flexible Time Off, STD/LTD/Life Insurance, Referral Bonuses, professional development reimbursement, and maternity/paternity leave

Job Tags

Similar Jobs