Cyber Threat Analyst Job Description
Cyber Threat Analyst Duties & Responsibilities
To write an effective cyber threat analyst job description, begin by listing detailed duties, responsibilities and expectations. We have included cyber threat analyst job description templates that you can modify and use.
Sample responsibilities for this position include:
Cyber Threat Analyst Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Cyber Threat Analyst
List any licenses or certifications required by the position: CEH, CISSP, SANS, GCIH, GSEC, IAT, II, CCNA, SSCP, CSIH
Education for Cyber Threat Analyst
Typically a job would require a certain level of education.
Employers hiring for the cyber threat analyst job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Information Security, Education, Cyber Security, Technical, Computer Engineering, Technology, Engineering, Intelligence, Information Technology
Skills for Cyber Threat Analyst
Desired skills for cyber threat analyst include:
Desired experience for cyber threat analyst includes:
Cyber Threat Analyst Examples
Cyber Threat Analyst Job Description
- Assess internal and external threat data and extract intelligence that could be useful in preventing or detecting attacks
- Contribute to the development / improvement of security tools
- Contribute to formal threat reports for management
- Build and maintain strong working relationships within and outside the security team
- Assist with investigations, incident response and compliance activities
- Providing cyber-security knowledge and advice to clients internally to our leadership
- Lead "hunt exercises" using threat intelligence, analysis of anomalous log data and results of brainstorming sessions to detect and eradicate threat actors within the Radian environment
- Provide expert analytic investigative support of complex security incidents
- Suggest modifications to internal defenses and continuously improve processes for more effective and efficient security operations
- Assist in development of best practice with Information Security staff by using available collaboration tools and workspaces
- BS degree in CS- or IT-related field, including Information Assurance or Security
- BS degree in Business, CS, or an IT-related field, including Information Assurance or Security
- At least 3 years experience in intelligence research and producing finished intelligence products
- At least 3 years experience working with analytical tools
- At least 1 year of experience specifically focused on cyber adversaries
- Must include experience with a SIEM (e.g., ArcSight, Alienvault, LogRythm, QRadar, Splunk, ) and improving effective monitoring and alerting processes for suspicious activity
Cyber Threat Analyst Job Description
- Analyze and correlate events from diverse network, end-point, application, and security log sources to identify security threats and incidents
- Process and resolve security incident reports received by the SOC
- Develop signatures and tune security devices to better prevent and detect security threats
- Services monitored will include, but are not limited to SIEM, IDS/IPS, Firewall, Cloud Environments, and Data Loss Prevention (DLP)
- Periodic on-call responsibilities
- Enable the automation and orchestration of threat intelligence IOCs in order to provide pre-enriched detail to cyber analysts, auto-blocking and/or removal of IOCs
- Parse vast amounts of threat intelligence data, and score the intelligence to determine risk and recommendations to leadership and/or analysts
- Assist with incident response, recovery, and prevention
- Develop/implement custom/open source/commercial solutions to reduce manual processes where possible
- Handle and organize disparate data about detections, attacks, and attackers
- 5+ years of experience in Cyber Security related job (SOC, Threat Analyst, Malware Analyst, SysAdmin, ..)
- Ability to perform network forensics with tools such as Wireshark or Networkminer
- Level intelligence analysis of Cyber threats, vectors, and actors in support of Cyber defense and computer network operations
- Source analysis of Cyber threats, their vectors, and capabilities
- 1 Threat Guide and Threat to Aerospace Operations, and formal or informal briefings
- BA or BS degree in Information Security or Network or Cyber Security Additional Qualifications
Cyber Threat Analyst Job Description
- Work with other staff to define proper security procedures
- Assist with Incident Response and collection of artifacts to support improved operations and regulatory requirements
- Perform team lead duties, track CIRT actions, and conduct daily CIRT tag-up when Lead analyst is unavailable
- Lead incident response activities such as host triage and retrieval, malware analysis, remote system analysis, end-user interviews, and remediation efforts
- Compile detailed investigation and analysis reports for internal security SME stakeholder consumption and delivery to management
- Lead threat hunting activities across the network leveraging intelligence from multiple internal and external sources, cutting-edge security technologies
- Lead Root Cause Analysis of security incidents for further enhancement of alert catalog
- Continuously improve processes for use across multiple detection sets to improve preventative and detective capability
- Assist with response and investigation efforts into advanced/targeted attacks
- Provide analytic investigative support of large scale and complex security incidents
- Level correspondence
- Bachelor’s Degree in Computer Science, Engineering, or MIS, STEM degree, or equivalent industry experience
- Applicant has coalition building skills to arrive at a consensus when opinions on subject matter differ
- A minimum of 5 years hands-on experience of cyber security technologies (WAF, NG Firewall, IPS, antivirus, proxy, strong authentication)
- Strong technical knowledge of SIEM technologies (previous experience on Splunk is a plus)
- Various general technical skills including knowledge of networking
Cyber Threat Analyst Job Description
- Identify threats and work to create steps to defend against them
- Perform vulnerability assessments and discovery scans across all network segments
- Monitor network traffic for suspicious behavior
- Analyze current security requirements and make suggestions for improvements
- Consult with staff, managers and executives on the best security practices
- Work with architects and engineers to create security standards across all company networks
- Defend the internal network from outside, Internet cyber threats
- Identify security breaches and take action to stop them and prevent them in the future
- Assess and report possible security flaws to key stakeholders in the IT department
- Create risk assessment reports based on correlation of large data sets across multiple data sources
- This position will be located on a customer premise in Houston, TX
- Minimum of five years of directly-related IT experience with at least three years of security incident response and breach analysis experience
- Ability to coordinate and respond to events on all the monitored networks and the systems on those networks
- Bachelor's Degree in IT, Computer Science, related field or relevant work experience required
- Candidate with penetration testing background highly encouraged to apply
- Familiarity with structured cyber threat intelligence formats, including STIX, CybOX, and OpenIOC
Cyber Threat Analyst Job Description
- Write reports based on findings for previous security breaches and threats
- Perform risk analysis to identify any security issues that could lead to lost or stolen data
- Responsible for confidential HR/Legal/Compliance investigations
- Analyze and profile malicious/compromised websites
- Build automated tools to collect and harvest threat data
- Process and resolve security event reports received by the SOC
- Conduct vulnerability scans and assessments
- Identify and differentiate between malicious and benign activity
- Produce weekly actionable cyber CI threat report in collaboration with teammates, NGA partners and the intelligence community to include threat data collected and reported by NGA Cyber CI team and network security personnel, fusion of all source threats, derived from multiple intelligence sources (INTS), and imagery when available
- Produce monthly cyber CI threat reports to include compilation of data collected and reported in weekly reports
- Experience with Open Source Intelligence (OSINT), Deep/Dark Web threat data and intelligence sources
- Technical and industry certifications (CISSP, CISM, OSCP, CEH)
- Knowledge of Security Frameworks (ISO27000 series, NIST SP 800 series, NIST Cyber Security Framework)
- BA/BS in computer science, information security, information technology or a related field or equivalent experience
- Strong experience of full packet capture PCAP analysis and accompanying tools (Wireshark, netcat, hping)
- Incident response/security analyst triage experience required