Cyber Threat Intelligence Analyst III
Posted on: March 25, 2020
Reporting to the Threat Intelligence Product Manager, the Cyber
Threat Intelligence Analyst III will lead our analyst team in
conducting malware analysis and strategic intelligence
assessments--not only digging into individual malicious phishing
campaigns, but reporting more broadly on trends in phishing. This
person will directly push the boundaries of our phishing coverage
into more sophisticated malware families and phishing TTPs, and
will help develop requirements for our software engineers to
directly improve the product for our customers and the workbench
for our analysts.
* Perform rapid analysis of malicious software applications
collected from phishing email campaigns as they emerge.
* Produce tactical and strategic intelligence about phishing
activity, the methodologies used, and the motivations behind
changes and evolutions in their activity.
* Responsible for directly producing tactical and strategic
phishing intelligence reporting, with an emphasis on elevating our
strategic reporting to support executive leadership at our client
* Serve as a mentor and escalation point for junior analysts.
* Support the research and development of advanced malware analysis
techniques, processes, and procedures.
* Support interorganizational collaboration between multiple
technical and non-technical teams
* Interact with customers in assessment briefings, updates, and/or
calls regarding emerging threats.
* Participate in podcasts and author blogs/reports to present and
market the Intelligence team's research.
* Identify new tactics, techniques and procedures used by cyber
threat actors in phishing attacks.
* Utilize variety of open, close, and proprietary phishing
intelligence data feeds to develop deeper understandings of the
phishing threat landscape.
* Lead the authoring of quarterly reports on phishing trends, with
contributions from junior analysts.
* Work with developers and software engineers to continuously
evolve the Intelligence product and the analyst workbench.
* Other duties as assigned.
The above statements are neither intended to be an all-inclusive
list of the duties and responsibilities of the job described, nor
are they intended to be a listing of all of the skills and
abilities required to do the job. Rather, they are intended only to
describe the general nature of the job. This job description is not
a contract of employment, either express or implied. Employment
with Cofense will be voluntarily entered into and your employment
is considered at will. Cofense reserves the right to alter the job
description at any time without notice.
Knowledge, Skills and Abilities Required
* Able to work with little direct oversight.
* Able to articulate in at least six of the following concepts:
analytic tradecraft standards, cyber kill chain, diamond model,
advanced persistent threat, cybercrime, hacktivism, cyber fraud,
malware and ransomware, social engineering, incident response,
threat intelligence, and host and network-based security.
* Excellent organizational skills; able to actively track and
prioritize issues and inquiries.
* Significant knowledge of open source intelligence and active
* Excellent critical thinking skills.
* Strong background in reverse engineering of malware.
* Strong familiarity with email protocols, headers, and
* Strong proficiency with TCP/IP packet capture and investigation
software, e.g. Wireshark, HTTP debuggers, DNS query interception
* Significant knowledge of Microsoft Assembly language.
* Significant proficiency with Linux and Unix operating
* Significant ability to use and modify command line script
applications and utilities.
* Significant understanding of nature of malicious software and
Education and/or Experience:
* Bachelor's or Master's degree preferred in a related field such
as Computer Science, Computer Forensics, or Justice Science, but
* Experience working in a fast-paced environment where multiple
competing items must be prioritized and delivered daily.
* Experience writing Yara rules strongly preferred.
* Experience with SQL database technology.
* At least 5 years of experience in malware analysis and
intelligence analysis or network forensics analysis.
* Prior experience with written assessments drawn from multiple
intelligence streams preferred.
* Experience engaging directly with policymakers, C-Suite
leadership, and/or major clients or customers strongly
Cofense is committed to equal employment opportunity. We will not
discriminate against employees or applicants for employment on any
legally recognized basis [protected class] including, but not
limited to: veteran status, uniform service member status, race,
color, religion, sex (including pregnancy), gender identity, sexual
orientation, national origin, age, physical or mental disability,
marital status, genetic information or any other status or
characteristic protected by applicable national, federal, state or
local laws and ordinances. We adhere to these commitments in all
aspects of employment, including recruitment, hiring, training,
compensation, promotion, benefits, and discipline. Equal
Opportunity Employer/Protected Veterans/Individuals with
Disabilities The contractor will not discharge or in any other
manner discriminate against employees or applicants because they
have inquired about, discussed, or disclosed their own pay or the
pay of another employee or applicant. However, employees who have
access to the compensation information of other employees or
applicants as a part of their essential job functions cannot
disclose the pay of other employees or applicants to individuals
who do not otherwise have access to compensation information,
unless the disclosure is (a) in response to a formal complaint or
charge, (b) in furtherance of an investigation, proceeding,
hearing, or action, including an investigation conducted by the
employer, or (c) consistent with the contractor s legal duty to
furnish information. 41 CFR 60-1.35(c)
Keywords: Cofense, Leesburg , Cyber Threat Intelligence Analyst III, Professions , Leesburg, Virginia
Didn't find what you're looking for? Search again!