Cyber Threat Analyst Job Description
Cyber threat analyst
provides direct administration and ownership of SIEM and Data Platform technologies to include configuration, access controls, tuning, integration, and continuous improvement activities.
Cyber Threat Analyst Duties & Responsibilities
To write an effective cyber threat analyst job description, begin by listing detailed duties, responsibilities and expectations. We have included cyber threat analyst job description templates that you can modify and use.
Sample responsibilities for this position include:
Conducts assessments of an adversary’s tactics, techniques and procedures (TTPs) and pattern recognition of tools used for exploitation
Conduct advanced threat hunt operations using known adversary tactics, techniques and procedures indicators of attack in order to detect adversaries with persistent access to the
Review attack activity in order to build attacker profiles and understand the tactics, techniques and procedures used
Adhere to policies, procedures, and security best practices
Resolve problems independently and understands the correct escalation procedures
Perform research on defensive controls that could be used to counter existing or emerging attack techniques
The ability to convey complex topics in cyber security to individuals in technical positions those in senior leadership
Provides support to incident response teams during cyber events in the form of attack attribution and recommended courses of action based on knowledge of the adversary
Develops and disseminates threat indicators for deployment to enterprise security solutions
Develop and deliver information security presentations (brown bags, formal) to internal Support Teams, business units and Leadership around relevant and timely information security topics of interest
Cyber Threat Analyst Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Cyber Threat Analyst
List any licenses or certifications required by the position: CEH, CISSP, SANS, GCIH, GSEC, IAT, II, CCNA, SSCP, CSIH
Education for Cyber Threat Analyst
Typically a job would require a certain level of education.
Employers hiring for the cyber threat analyst job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Information Security, Education, Cyber Security, Technical, Computer Engineering, Technology, Engineering, Intelligence, Information Technology
Skills for Cyber Threat Analyst
Desired skills for cyber threat analyst include:
Basic internet protocols
Procedures
Techniques
Perl
C
APT
Programming
Scripting
Security principles and best practices
Splunk and other SIEM technologies
Desired experience for cyber threat analyst includes:
Medical systems
Experience with Data Loss Prevention
Common security controls is required including
Experience of both Linux and Windows operating systems OS internals
SQL and administration skills for at least one major database Oracle, MSSQL, IBM DB2, Sybase, PostgreSQL or MySQL
3 years of HUMINT experience
Cyber Threat Analyst Examples
1
Cyber Threat Analyst Job Description
Job Description Example
Our company is looking for a cyber threat analyst. We appreciate you taking the time to review the list of qualifications and to apply for the position. If you don’t fill all of the qualifications, you may still be considered depending on your level of experience.
Responsibilities for cyber threat analyst
- Assess internal and external threat data and extract intelligence that could be useful in preventing or detecting attacks
- Contribute to the development / improvement of security tools
- Contribute to formal threat reports for management
- Build and maintain strong working relationships within and outside the security team
- Assist with investigations, incident response and compliance activities
- Providing cyber-security knowledge and advice to clients internally to our leadership
- Lead "hunt exercises" using threat intelligence, analysis of anomalous log data and results of brainstorming sessions to detect and eradicate threat actors within the Radian environment
- Provide expert analytic investigative support of complex security incidents
- Suggest modifications to internal defenses and continuously improve processes for more effective and efficient security operations
- Assist in development of best practice with Information Security staff by using available collaboration tools and workspaces
Qualifications for cyber threat analyst
- BS degree in CS- or IT-related field, including Information Assurance or Security
- BS degree in Business, CS, or an IT-related field, including Information Assurance or Security
- At least 3 years experience in intelligence research and producing finished intelligence products
- At least 3 years experience working with analytical tools
- At least 1 year of experience specifically focused on cyber adversaries
- Must include experience with a SIEM (e.g., ArcSight, Alienvault, LogRythm, QRadar, Splunk, ) and improving effective monitoring and alerting processes for suspicious activity
2
Cyber Threat Analyst Job Description
Job Description Example
Our innovative and growing company is hiring for a cyber threat analyst. To join our growing team, please review the list of responsibilities and qualifications.
Responsibilities for cyber threat analyst
- Analyze and correlate events from diverse network, end-point, application, and security log sources to identify security threats and incidents
- Process and resolve security incident reports received by the SOC
- Develop signatures and tune security devices to better prevent and detect security threats
- Services monitored will include, but are not limited to SIEM, IDS/IPS, Firewall, Cloud Environments, and Data Loss Prevention (DLP)
- Periodic on-call responsibilities
- Enable the automation and orchestration of threat intelligence IOCs in order to provide pre-enriched detail to cyber analysts, auto-blocking and/or removal of IOCs
- Parse vast amounts of threat intelligence data, and score the intelligence to determine risk and recommendations to leadership and/or analysts
- Assist with incident response, recovery, and prevention
- Develop/implement custom/open source/commercial solutions to reduce manual processes where possible
- Handle and organize disparate data about detections, attacks, and attackers
Qualifications for cyber threat analyst
- 5+ years of experience in Cyber Security related job (SOC, Threat Analyst, Malware Analyst, SysAdmin, ..)
- Ability to perform network forensics with tools such as Wireshark or Networkminer
- Level intelligence analysis of Cyber threats, vectors, and actors in support of Cyber defense and computer network operations
- Source analysis of Cyber threats, their vectors, and capabilities
- 1 Threat Guide and Threat to Aerospace Operations, and formal or informal briefings
- BA or BS degree in Information Security or Network or Cyber Security Additional Qualifications
3
Cyber Threat Analyst Job Description
Job Description Example
Our company is hiring for a cyber threat analyst. Thank you in advance for taking a look at the list of responsibilities and qualifications. We look forward to reviewing your resume.
Responsibilities for cyber threat analyst
- Work with other staff to define proper security procedures
- Assist with Incident Response and collection of artifacts to support improved operations and regulatory requirements
- Perform team lead duties, track CIRT actions, and conduct daily CIRT tag-up when Lead analyst is unavailable
- Lead incident response activities such as host triage and retrieval, malware analysis, remote system analysis, end-user interviews, and remediation efforts
- Compile detailed investigation and analysis reports for internal security SME stakeholder consumption and delivery to management
- Lead threat hunting activities across the network leveraging intelligence from multiple internal and external sources, cutting-edge security technologies
- Lead Root Cause Analysis of security incidents for further enhancement of alert catalog
- Continuously improve processes for use across multiple detection sets to improve preventative and detective capability
- Assist with response and investigation efforts into advanced/targeted attacks
- Provide analytic investigative support of large scale and complex security incidents
Qualifications for cyber threat analyst
- Level correspondence
- Bachelor’s Degree in Computer Science, Engineering, or MIS, STEM degree, or equivalent industry experience
- Applicant has coalition building skills to arrive at a consensus when opinions on subject matter differ
- A minimum of 5 years hands-on experience of cyber security technologies (WAF, NG Firewall, IPS, antivirus, proxy, strong authentication)
- Strong technical knowledge of SIEM technologies (previous experience on Splunk is a plus)
- Various general technical skills including knowledge of networking
4
Cyber Threat Analyst Job Description
Job Description Example
Our growing company is hiring for a cyber threat analyst. If you are looking for an exciting place to work, please take a look at the list of qualifications below.
Responsibilities for cyber threat analyst
- Identify threats and work to create steps to defend against them
- Perform vulnerability assessments and discovery scans across all network segments
- Monitor network traffic for suspicious behavior
- Analyze current security requirements and make suggestions for improvements
- Consult with staff, managers and executives on the best security practices
- Work with architects and engineers to create security standards across all company networks
- Defend the internal network from outside, Internet cyber threats
- Identify security breaches and take action to stop them and prevent them in the future
- Assess and report possible security flaws to key stakeholders in the IT department
- Create risk assessment reports based on correlation of large data sets across multiple data sources
Qualifications for cyber threat analyst
- This position will be located on a customer premise in Houston, TX
- Minimum of five years of directly-related IT experience with at least three years of security incident response and breach analysis experience
- Ability to coordinate and respond to events on all the monitored networks and the systems on those networks
- Bachelor's Degree in IT, Computer Science, related field or relevant work experience required
- Candidate with penetration testing background highly encouraged to apply
- Familiarity with structured cyber threat intelligence formats, including STIX, CybOX, and OpenIOC
5
Cyber Threat Analyst Job Description
Job Description Example
Our growing company is hiring for a cyber threat analyst. We appreciate you taking the time to review the list of qualifications and to apply for the position. If you don’t fill all of the qualifications, you may still be considered depending on your level of experience.
Responsibilities for cyber threat analyst
- Write reports based on findings for previous security breaches and threats
- Perform risk analysis to identify any security issues that could lead to lost or stolen data
- Responsible for confidential HR/Legal/Compliance investigations
- Analyze and profile malicious/compromised websites
- Build automated tools to collect and harvest threat data
- Process and resolve security event reports received by the SOC
- Conduct vulnerability scans and assessments
- Identify and differentiate between malicious and benign activity
- Produce weekly actionable cyber CI threat report in collaboration with teammates, NGA partners and the intelligence community to include threat data collected and reported by NGA Cyber CI team and network security personnel, fusion of all source threats, derived from multiple intelligence sources (INTS), and imagery when available
- Produce monthly cyber CI threat reports to include compilation of data collected and reported in weekly reports
Qualifications for cyber threat analyst
- Experience with Open Source Intelligence (OSINT), Deep/Dark Web threat data and intelligence sources
- Technical and industry certifications (CISSP, CISM, OSCP, CEH)
- Knowledge of Security Frameworks (ISO27000 series, NIST SP 800 series, NIST Cyber Security Framework)
- BA/BS in computer science, information security, information technology or a related field or equivalent experience
- Strong experience of full packet capture PCAP analysis and accompanying tools (Wireshark, netcat, hping)
- Incident response/security analyst triage experience required