Cyber Threat Job Description
Cyber Threat Duties & Responsibilities
To write an effective cyber threat job description, begin by listing detailed duties, responsibilities and expectations. We have included cyber threat job description templates that you can modify and use.
Sample responsibilities for this position include:
Cyber Threat Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Cyber Threat
List any licenses or certifications required by the position: CISSP, CEH, IAT, SANS, GCIH, III, CCNA, GSEC, II, CSIH
Education for Cyber Threat
Typically a job would require a certain level of education.
Employers hiring for the cyber threat job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Information Security, Technical, Education, Cyber Security, Information Technology, Engineering, Technology, Computer Engineering, Intelligence
Skills for Cyber Threat
Desired skills for cyber threat include:
Desired experience for cyber threat includes:
Cyber Threat Examples
Cyber Threat Job Description
- Perform rotating on-call duties (nights/weekend rotations)
- Act as a mentor and escalation point for analysts within the Global Threat Operations team
- Help develop dashboards and reports to identify potential threats, suspicious/anomalous activity, malware
- Provide forensic analysis, including network packet captures, DNS, proxy, Netflow, malware, host-based security and application logs, logs from various types of security sensors
- Maintain an understanding of the overall threat landscape (malware, botnets, phishing, DDoS, fraud)
- Coding/Automation of incident response and cybersecurity processes and tool creation
- Performing the investigation and remediation of security incidents
- Documenting incidents using a case management system to enable proper handling of the incident from identification to lessons learned
- Provides subject matter expertise and technical stewardship of Cyber Threat Prevention infrastructure and service offerings, including – but not limited to - vulnerability management, event logging/correlation, and remediation
- Hunt for and identify indicators of compromise
- Bachelor’s Degree in Computer Science or equivalent threat intelligence related experience
- Minimum of 5+ years of experience in cyber threat intelligence
- Candidate should have relevant hardware, OS, and software experience to the job
- 3+ years of recent operational security experience (SOC, Incident Response, Malware Analysis, IDS/IPS Analysis)
- Working knowledge of full packet capture PCAP analysis and accompanying tools (Wireshark)
- 5+ years direct management experience leading the design, implementation and management of Information Security Shared services (governance and/or security operations) for a global corporation (Fortune 500)
Cyber Threat Job Description
- Pre-sales solution design and support
- Reverse engineers heavily armored malware and other adversary tools to extract key information about the functionality, actor attribution, and associated indicators
- Uses a broad set of technical and non-technical data sources to uncover new operations
- Produces clearly written and concise research reports in response to taskings focused on specific cyber threats
- Develops tracking strategies to monitor adversary activities over time using a combination of multiple t..."
- Manages Tier 1 Analysts
- Continues to be research and understand new threats to increase
- Knowledge base of the evolving threat landscape
- Assists NTC3 manager in the department’s recruiting and retention efforts, as needed
- Coordinate threat hunting activities across the network leveraging intelligence from multiple internal and external sources, cutting-edge security technologies
- Experience leading functional business and technical teams in a large and complex, environment to deliver related capabilities and services
- Seasoned leader who can attract, develop and retain top talent in the field
- Demonstrated success in implementing an Information Security Framework, solution and service for a cross functional and multi-national corporation
- 8 years of leadership experience in the information security field, IT operations and compliance management roles which may include architecture assurance, risk management, business continuity, and related process design
- Ability to establish solid relationships with vendors in support of initiatives
- Excellent track record communicating, managing complex projects and influencing others, in a diversified and international matrix organization
Cyber Threat Job Description
- Work with and support CISO areas and support teams to assist in validating, risk assessing and remediating vulnerabilities
- Assist in the management of security events and incidents as appropriate
- Produce weekly actionable cyber CI cyber threat reports in collaboration with teammates, NGA partners and intelligence community peers, as necessary
- Work with business stakeholders to define cyber monitoring use cases based on the cyber threat model and business requirements
- Write threat reports and manage recommendations with affected stakeholders
- Assist in the identification of threats related to technology related assets and processes
- Assist in the development and production of intelligence reports and products used to inform technical departments within Information Security regarding emerging threats, trends and indicators
- Support the Global CISO business engagement model via direct dialogue with specialist areas/individuals that support security control operation
- Support the assessment of security control operation across business lines and third-party suppliers
- Provide analytic support in the areas of dependency and inter-dependency analysis, analysis of cascading impacts, and cyber/physical risks to critical infrastructure
- Minimum 5-7 years in the Information Security field in a client-facing security services advisor, security analyst, or security engineer
- Must have a Secret government security clearance
- Training and certifications in GRC (like CEH, CISSP) and DLP/RSA solutions required
- Extensive experience in consulting activities, some of which should be in customer experience and marketing technologies
- 2+ years of experience with software development languages, including Python, Scala, Java, Map/Reduce, or Spark
- Ability to socialize new concepts with senior Government sponsors the larger Intelligence Community
Cyber Threat Job Description
- Contribute to Information Security polices procedures and standards related to endpoint security
- Provide proactive and reactive end-to-end Insider threat services to help protect external facing and internal based computing assets, data, and Government clients
- Support key, high profile cyber security related activities and projects, including support the Government agency’s incident management program
- Stand up a new Insider Threat (InT) program and validate InT tools
- Possess a strong understanding of intrusion sets
- Provide actionable Insider Threat intelligence for enterprise risk reduction and remediation by partnering with key groups in identifying and driving risk remediation approaches to current and emerging threats
- Exhibit strong critical thinking/writing skills - prepare extensive assessments, documents, and disseminates information through reports and briefs to technical and non-technical audiences
- Maintain and update databases, systems, and mechanisms for information sharing relevant Insider Threat information to support ongoing and projected projects
- Performing threat modeling, in-depth dynamic and static file analysis reverse engineering to determine the nature of unknown or potentially malicious files found during investigations
- Submit malicious samples obtained to anti-virus vendors for signature creation and distribute DAT files to appropriate groups of deployment and implementation
- 5-7 years in the Information Security field in a client-facing security threat advisor or experience as a security threat analyst
- Ability to obtain a government clearance at the Public Trust level
- Maintaining an inventory/catalogue of data assets for which they have responsibility and which are agreed with the respective Business Managers and Information Asset Owners
- Proven ability to synchronize and cooperate with data librarians of other departments
- Great working knowledge of cyber security challenges, analytics and big data concepts (feeds, catalogues, on-boarding processes, access management)
- Experience with web application security and common exploits
Cyber Threat Job Description
- Facilitates the implementation of information security policies and procedures
- Monitors external threat data sources to maintain currency of CND threat conditions and determine which security issues may have an impact on the enterprise
- Researches, identifies, and verifies new cyber threat adversary tools, tactics, and processes (TTPs)
- Performs detailed analysis of cyber threat adversary and develops recommendations for countermeasures
- Assist with Information Security processes and outcomes for interrelated information technology security incidents, recoveries, potential intrusion, and system abuses
- Evaluate complex business and technical requirements, and communicate to appropriate parties’ potential inherent security risks
- Maintain awareness of cyber threat activity and emerging threats by reviewing open source reporting for new vulnerabilities, malware and other threats
- Providing threat intelligence services and analysis capabilities to our customers, primarily CSD
- Serving as an SME for all aspects of the threat intelligence platforms and solutions provided by the team
- Acting as a change agent while the organization migrates from previous solutions onto the new platforms
- Critical thinking and problem solving skills with the ability to efficiently analyze conflicting data and make sound decisions in stressful situations
- Ability to communicate effectively with technical and non-technical audiences (written and oral)
- Ability to provide risk analysis for vulnerabilities, incidents and change requests
- Ability to work as part of a team and independently with limited supervision
- Relevant experience in a highly regulated industry
- Industry recognized technical or security certifications such as SANs GSEC, Cisco Certified Network Associate (CCNA), Network +, Security +