Description
Positioned within the Cyber Threat Intelligence (CTI) team within the Cyber Threat Management Center (CTMC) of ECR at ELC, the Lead Intelligence Analyst role is pivotal in analyzing and comprehending adversarial capabilities, infrastructure, and Tactics, Techniques, and Procedures (TTPs). This understanding drives targeted and prioritized cybersecurity operations by delivering timely, actionable intelligence to ELC stakeholders. The ideal candidate is an independent, critical thinker adept at meeting tight deadlines while satisfying intelligence requirements. They analyze adversaries' intent and capabilities to assess impact and severity on the environment, working on moderate to highly complex assignments requiring in-depth evaluation of variable factors.
Responsibilities
Identifying, analyzing, reporting, and prioritizing cyber threats using open and closed source intelligence to investigate adversary behavior in partnership with the CTMC and other ECR teams.
Maintaining cyber-threat trend and risk awareness that can affect ELC as it relates to the intersection of geopolitics, third-party / supply-chain risk, vulnerabilities, and the cyber-threat landscape.
Monitoring, reviewing, and analyzing internal, open source, and dark web datasets to extract threat information, adding value to ECR cyber-defense efforts.
Spearhead the team in conducting comprehensive technical analyses utilizing industry-accepted threat intelligence frameworks, tools, and standards.
Direct the application of current cyber threat actor, campaign, and associated TTP knowledge to fortify and improve cyber-defense activities continuously.
Supervise the creation and delivery of actionable written and verbal intelligence products tailored for tactical, operational, and strategic audiences, facilitating informed decision-making by organizational leaders.
Lead the team in generating customized, actionable products derived from analyzed threat campaigns, external/internal events, and incidents.
Direct the development of analytical hypotheses, overseeing the research/analysis process to validate findings and effectively communicate them to stakeholders.
Supervise the provision of accurate, priority-driven analysis of cyber activity / threats, ensuring complex operational/technical topics are effectively presented to senior leadership and stakeholders.
Lead the provision of threat expertise on cybersecurity remediation countermeasures during incident response efforts and continuous mitigation efforts to support the business.
Oversee the establishment and maintenance of excellent working relationships/partnerships with cybersecurity and infrastructure support teams across the organization and various business segments.
Lead collaboration efforts with other CTMC and ECR teams to deliver timely and actionable intelligence, influencing ECR strategy based on relevant threats.
Direct the development and refinement of cyber threat intelligence collection and analysis processes to enhance efficiency and effectiveness.
Oversee the collection and analysis of artifacts, including malicious executables, scripts, documents, and packet captures, ensuring thorough investigation and documentation.
Supervise the generation of presentations illustrating research through visualizations, charts, graphs, infographics, and evidence capture for senior leadership.
Provide managerial input for the development of objectives, key results, and program metrics to drive success.
Oversee the maintenance or development of professional contacts in various communities to support operational needs.
Supervise the collaboration and sharing of intelligence with industry groups such as the ISACs, federal, state, local agencies, and international partners to enhance collective security efforts.
Qualifications
3-7 years of cybersecurity, threat intelligence, or IT experience; experience in leading people or initiatives is a plus.
3-5 years of operational or tactical cyber threat analysis experience.
Experience in one or more cybersecurity functions such as Cyber Threat Intelligence, Threat Hunting, System Administration, Intrusion Detection / Prevention, Monitoring, Incident Response, or Digital Forensics.
Experience and working knowledge of the MITRE ATT&CK® Framework, to include threat groups, tactics, techniques, procedures, data sources, and mitigations.
Familiarity with the NIST Cybersecurity Framework, Center for Internet Security Critical Security Controls.
Preferred education: Bachelor's degree in IT, Computer Science, Intelligence, or equivalent experience.
Preferred certifications: CISSP, GCTI, GREM, OSCP, or similar are beneficial.
Equal Opportunity Employer
It is Company's policy not to discriminate against any employee or applicant for employment on the basis of race, color, creed, religion, national origin, ancestry, citizenship status, age, sex or gender (including pregnancy, childbirth and related medical conditions), gender identity or gender expression (including transgender status), sexual orientation, marital status, military service and veteran status, physical or mental disability, protected medical condition as defined by applicable state or local law, genetic information, or any other characteristic protected by applicable federal, state, or local laws and ordinances. The Company will endeavor to provide a reasonable accommodation consistent with the law to otherwise qualified employees and prospective employees with a disability and to employees and prospective employees with needs related to their religious observance or practices. Should you wish to apply for this position or any other position with the Company and you believe you require assistance to complete an application or participate in an interview, please contact USApplicantAccommodations@Estee.com.
