Threat Intelligence Resume Samples
4.5
(130 votes) for
Threat Intelligence Resume Samples
The Guide To Resume Tailoring
Guide the recruiter to the conclusion that you are the best candidate for the threat intelligence job. It’s actually very simple. Tailor your resume by picking relevant responsibilities from the examples below and then add your accomplishments. This way, you can position yourself in the best way to get hired.
Craft your perfect resume by picking job responsibilities written by professional recruiters
Pick from the thousands of curated job responsibilities used by the leading companies
Tailor your resume & cover letter with wording that best fits for each job you apply
Resume Builder
Create a Resume in Minutes with Professional Resume Templates
CHOOSE THE BEST TEMPLATE
- Choose from 15 Leading Templates. No need to think about design details.
USE PRE-WRITTEN BULLET POINTS
- Select from thousands of pre-written bullet points.
SAVE YOUR DOCUMENTS IN PDF FILES
- Instantly download in PDF format or share a custom link.
ER
E Rohan
Emely
Rohan
33823 Ferry Pass
Detroit
MI
+1 (555) 900 9788
33823 Ferry Pass
Detroit
MI
Phone
p
+1 (555) 900 9788
Experience
Experience
Houston, TX
Threat Intelligence
Houston, TX
Koelpin, Harber and Rice
Houston, TX
Threat Intelligence
- Communicating tactical threat information to assist in defensive mitigations
- Assist CTI peers in regular production and dissemination of intelligence products
- Passively monitor forums and content sharing sites for unauthorized posted content
- Producing written intelligence reports constructed from analysis and collected threat information for JPMC internal consumers
- Maintaining technical proficiency in the use of tools, techniques and countermeasures
- Coordinate with threat intelligence analysts and partners on matters relating to collection, analysis and reporting of open source/deep web information
- Monitor social media and blogs for content presenting risk to the firm
Dallas, TX
Threat Intelligence Manager
Dallas, TX
Okuneva Inc
Dallas, TX
Threat Intelligence Manager
- Provide day-to-day operational reporting/tracking indicators
- Provide training program
- Currently be a US Citizen
- Regulatory/Legal/Corporate Compliance: Stay abreast of all information security related laws and regulations to ensure compliance to them. Ensure compliance to corporate policies
- Make recommendations for assigned personnel regarding employment, career development, performance evaluations, salary changes, promotions, transfers and terminations within established policies and guidelines
- Supervision/ management of an IT function/site/corporate operation
- Day-to-day functional management of the organization, to include performance management, training/developing, forecasting/reporting, and budgeting/expense control
present
Detroit, MI
Incident Response & Threat Intelligence Manager
Detroit, MI
Lynch LLC
present
Detroit, MI
Incident Response & Threat Intelligence Manager
present
- Manage vendor relationships to ensure business satisfaction with network and system security services
- Provide continuous feedback, write annual appraisals, and oversees staff development
- Responsible for creating and evaluating workflow processes, procedures, and checklists
- Responsible for managing workflow processes including timely monitoring and response to internal threat escalations
- Manage team short-range planning including and training programs for team
- Ensure network security systems comply with company policies, standards, and procedures
- Lead development and maintenance of effective information security policies, standards, and procedures for areas of responsibility
Education
Education
Bachelor’s Degree in Computer Science
Bachelor’s Degree in Computer Science
University of North Texas
Bachelor’s Degree in Computer Science
Skills
Skills
- Qualifications within the IT Security field desirable though not essential. SANS Certified Intrusion Analyst (GCIA), Certified Incident Handler (GCIH), Malware Analysis, Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM)
- Highly adaptable to a constantly changing business and technology environment
- Demonstrated SME level knowledge in one of the following areas: Firewall Administration, Intrusion Detection, Communications, Incident Response, RACF, Encryption, Access Control, Threat Management, or any other security-related field
- Strong oral and written communications skills; strong presentation and marketing skills
- Familiarity with multi-platform environments and their operational/security risk considerations
- Seven years experience in IT, of which at least three years was in the information security field in a leadership/supervisory position
- 30%/70%business/technology acumen
- Programming skills C++, Python, C# or any other language
- Certification in information security fundamentals (GISF or higher)
15 Threat Intelligence resume templates
Read our complete resume writing guides
1
Threat Intelligence Resume Examples & Samples
- 2+ year’s experience in deep web collection and retrieval
- 5+ year’s total technology experience
- Knowledge of open source collection and deep web ingress
- Experienced in legal unattributed data extraction
- Functional knowledge of common anonymity networks and proxy/VPN services
- Knowledge of web application development and infrastructure
- Proficiency with Unix and Windows
- Knowledge of IP protocols, networks, and routing
- Familiarity with data protection laws and regulations
- Strong written and verbal communication skills; ability to document findings in clear and concise reports
- Ability to coordinate, work with, and gain the trust of business stakeholders and technical resources
- Strong work ethic and ability to self-motivate
- Capable of being an independent contributor as well as a team player
- Multilingual competence highly desired (Arabic, Russian, Farsi)
- Previous intelligence and/or law enforcement background, a plus
- Coding (scripting) experience (e.g. Python, Perl, VB Script, etc.), a plus
2
Incident Response & Threat Intelligence Manager Resume Examples & Samples
- Lead the growth, maintenance, and training for the security incident management program and teams including best practices for breach identification, analysis, containment, eradication, recovery, legal evidence preservation, internal and external communications, and conducting post mortems
- Lead the growth and maintenance of the data loss prevention program and products including monitoring the effectiveness of key data loss controls such as employee de-provisioning
- Lead the growth and maintenance of the threat intelligence program including gathering, assessment, action items, and information dissemination
- Oversee proactive support of internal and external investigations through data analysis and information gathering
- Responsible for managing workflow processes including timely monitoring and response to internal threat escalations
- Responsible for maturity and maintenance of metrics and reporting for areas of responsibility
- Responsible for evaluating new and existing regulatory requirements and ensuring the compliance posture of the bank for areas of responsibility
- Lead development and maintenance of effective information security policies, standards, and procedures for areas of responsibility
- Demonstrates compliance with all bank regulations for assigned job function and applies to designated job responsibilities – knowledge may be gained through coursework and on-the-job training. Keeps up to date on regulation changes. Follows all Bank policies and procedures, compliance regulations, and completes all required annual required or job-specific training. Follows all Bank policies and procedures and compliance regulations, and completes all required annual required or job-specific training. May be asked to coach, mentor, or train others and teach coursework as subject matter expert. Actively learns, demonstrates, and fosters the Umpqua corporate culture in all actions and words. Takes personal initiative and is a positive example for others to emulate. Embraces our vision to become "The World's Greatest Bank."
- Bachelor’s degree in the field of information security, computer science, or management information systems required
- CISSP, CISA, CISM, SANS GIAC, and CCFP preferred
- 5-8 years of experience in security disciplines including incident management, data loss prevention, threat intelligence, and correlated data analysis
- 1-3 years managing a team of professionals including providing effective coaching, training, feedback, and development plans
- Experience managing projects or programs to achieve information security objectives
- Experience implementing and utilizing industry guidance such as NIST SP 800-61
- Extensive experience developing, leading, implementing, and training security incident management programs and teams including best practices for breach identification, analysis, containment, eradication, recovery, legal evidence preservation, internal and external communications, and conducting post mortems
- Demonstrate operational knowledge and experience with implementing, maturing, and maintaining data loss prevention products and programs
- Demonstrate knowledge and experience with threat intelligence gathering, assessment, action items, and information dissemination
- Advanced knowledge of malware, delivery of payloads via email phishing, and methods to confirm whether payload is malicious
- Experience using proxies, email security appliances, SIEM, and other similar tools to investigate potential threats
- Proven knowledge and ability to stay abreast of information security trends and threats in multiple areas
- Extensive data analysis skills
- Experience identifying and documenting appropriate policies, standards, and operational procedures
- Advanced written and verbal communication skills
- Possess strong leadership skills including the ability to build high performing teams and to direct, influence, and motivate your direct team and teams and professionals outside of your direct supervision
- Proven ability to effectively prioritize and execute tasks in a high-pressure environment
3
Threat & Intelligence Group Manager Resume Examples & Samples
- At least 3 years of experience managing multiple teams
- Highly organized with exceptional time management skills and the ability to organize and prioritize a large number of tasks
- Effective management through stressful situations, consistently reaching effective, high quality decisions
- Analytical, thorough, experience in information security and malware research
- Superior communication skills (both verbal and written) and the ability to interact effectively with all levels of a large, international corporation
- Excellent written & verbal communication skills in English
- A Bachelor’s degree in a related discipline
4
Threat Intelligence Manager Resume Examples & Samples
- *Other locations/Remote are possible***
- Privacy/Protection: Provide the necessary subject matter expertise and ensure the implementation of the information security architecture, risk management standards, best practices and systems/processes to ensure information privacy/protection
- Risk Management: Interact with management to determine acceptable levels of risks as the business model and risk profile changes and align the security program accordingly
- Monitoring of security procedures and practices: Review on a timely basis the various analyses of the reports and logs available. Review the recommendations for noted irregularities
- Security policies for the bank: Be aware of and review the security features of new information security practices, systems and business services to ensure that they meet the security requirements of the existing policies. Review and propose changes to existing policy as external emerging issues and conditions warrant
- Ensure adequate security for new business services and systems: Assist in the development of scenarios of usage, test for abnormalities or exposures. Prepare documentation to augment vendor materials that include local enhancements and implementations
- Regulatory/Legal/Corporate Compliance: Stay abreast of all information security related laws and regulations to ensure compliance to them. Ensure compliance to corporate policies
- Support or direct enterprise level information security related functions such as: Firewall Administration, Intrusion Detection, Communications, Incident Response, RACF, Encryption, Access Control, Threat Management, Cyber Forensics, and other security related functions as required. . Make recommendations for improvements to the program, respond to alleged policy violations and act as participant in event of a breach. Ensure communications to the CISO, and other senior level officers, are accurate and timely
- Make recommendations for assigned personnel regarding employment, career development, performance evaluations, salary changes, promotions, transfers and terminations within established policies and guidelines
- Plans and develop departmental budgets in accordance with established guidelines; administer compliance to meet budgetary goals and negotiates changes as required
- Maintain awareness of changes in industry: Attend classes and seminars as required to maintain a high level of proficiency in the fields of information security and business resumption. Network with other information security professionals. Read about and be aware of the trends regarding BRP and Security in the industry
- Bachelor's degree in computer science, business, or related discipline, or equivalent education and related training
- Certification in information security fundamentals (GISF or higher)
- Seven years experience in IT, of which at least three years was in the information security field in a leadership/supervisory position
- Demonstrated SME level knowledge in one of the following areas: Firewall Administration, Intrusion Detection, Communications, Incident Response, RACF, Encryption, Access Control, Threat Management, or any other security-related field
- Familiarity with multi-platform environments and their operational/security risk considerations
- Strong oral and written communications skills; strong presentation and marketing skills
- Highly adaptable to a constantly changing business and technology environment
- 30%/70%business/technology acumen
5
Cybersecurity, Threat Intelligence Res Resume Examples & Samples
- Currently pursuing a Bachelor's or Master's degree from a United States-based college or university
- Major: Computer Science, Engineering or a related field
- Strong attention to detail, technical acumen, positive attitude, and aptitude to learn and be a self-starter
- Desire to enter the Media / Technology / Advertising industry upon graduation and passionate about innovation
6
Senior Manager Threat Intelligence Resume Examples & Samples
- Manage Intelligence Efforts: Ensure that the GPS strategic and tactical threat intelligence efforts support the greater S&I intelligence requirements. Oversee the production and dissemination of GPS intelligence products in support of BNS operations both domestically and internationally. Ensure that all analytical efforts support operations by providing timely and relevant intelligence to decision makers
- Develop Intelligence Capacity & Capabilities: Identify functional and structural challenges and opportunities for the team, propose recommendations to higher and implement recommendation if required. Ensure that all aspects of the intelligence function provide value to GPS, S&I and BNS operations. Collaborate and coordinate cross functionally within BNS business units, S&I hubs internationally, and FIs to benchmark and a more comprehensive intelligence product. Determine the value of existing and future information sources and approve / reject recommendations from Analyst Managers
- Manage Governance & Compliance: Provide guidance and security advice to business units and S&I regarding security screening compliance matters. Ensure that affected BNS employees are aware and accountable to security compliance requirements
- Liaison & Engagement: Participate in strategic intelligence initiatives and ensure that the Threat Intelligence team is aligned with S&I partners. Engage and liaise with senior analytical and operational counterparts at other financial institutions, S&I hubs, and police authorities to ensure the alignment of intelligence focus and the allocation of resources
- Management of Team: Supervise, coach and mentor the GPS Analysts, providing guidance and oversight of their daily work. Develop the skill level of direct reports in order to continue their long term development solid succession planning for the overall success of the department
- Provide Support to S&I: Be prepared to support and/or complement broader GPS roles and responsibilities on an as required basis. Contribute to the development of high level plans for the achievement of the Unit’s future goals that involve multiple business lines/countries. Identify new potential customers within the Bank for GPS products/services. Promote and foster a positive working environment for staff development
7
Threat Intelligence Resume Examples & Samples
- 2+ years cyber intelligence experience
- 3+ years experience in a large, mission-critical environment
- 5+ total years technology experience
- Working knowledge of the intelligence lifecycle and current cyber threat landscape
- Ability to apply a thorough knowledge of attacker capabilities, intentions, motives, and historical operations/targets to inform JPMC Cybersecurity strategies quickly, clearly and effectively
- Bachelors Degree in Computer Science or related field, or equivalent experience
- Experience determining source information accuracy
- Experience leveraging Open Source Intelligence (OSINT) in tactical intelligence tradecraft
- Experience with Lockheed Martin’s Cyber Kill ChainTM and Intelligence Driven Defense
- Experience in the Financial Industry
- Experience with Splunk Enterprise
- Experience with Threat Intelligence Platforms
- Malware analysis, virus exploitation and mitigation techniques experience
- Coding (scripting) experience e.g. Perl, VB Script, Python etc
8
Cybersecurity Threat Intelligence Resume Examples & Samples
- Assess Solutions Against Established Standards - The ability to understand and assess proposed solutions in order to determine how closely they meet requirements and if they will deliver the desired business outcomes. The ability to understand the organization, and its readiness, to determine what is necessary to transition to the solution
- Audit Methodologies - The ability to inspect and evaluate an assertion of fact using a mixture of qualitative and quantitative analysis techniques. The ability to apply such techniques using appropriate judgment to produce accurate and consistent conclusions regardless of the nature of assertions being evaluated
- Risk Management - The identification, assessment, and prioritization of risks followed by coordinated response to minimize, monitor, and control the probability and/or impact of unfortunate future events
- Investigation - Able to lead a systematic and thorough process to learn the facts about something complex or hidden
- Troubleshooting - Able to diagnose and problem solve issues with computer hardware or software components with little or no direction. May require ability to install, configure, or disposition of server or client pc infrastructure and application issues
- Research - Able to conduct a process of steps used to collect and analyze information to increase our understanding of a topic or issue
- Research – In depth knowledge acquiring and utilizing open source information security threat intelligence to determine potential impact to the environment
- Incident handling – Ability to effectively respond to information security incidents and coordinate incident response efforts
- Investigation - Ability to utilize logs and other system information to determine if an incident has taken place and determine root cause
- Excellent written skills to articulate and document research and investigation findings
- Self-motivated to handle, track and complete multiple tasks at the same time
9
Senior Cybersecurity Lead-threat Intelligence Resume Examples & Samples
- 1) Contributes into a development, management and execution of cybersecurity monitoring service for medical devices
- 2) Advises in selection of tools, equipment, methodology, report templates for the cybersecurity monitoring service
- 3) Coordinates R&D capabilities for security vulnerability discovery and penetration testing across multiple products
- 4) Provides subject matter expertise in establishment of cybersecurity information sharing capabilities
- 5) Leads a development of cybersecurity event definition framework to be adopted by medical devices
- 6) Develops cybersecurity forensics capabilities as applicable to medical devices
- 7) Provides cybersecurity technical guidance to other technical personnel
- 8) Works cooperatively with technical personnel in other divisions and functions to accomplish enterprise-wide goals
- 9) Participates in setting strategic cybersecurity direction
- 10) Evaluates and recommends products and systems in key technology areas
- 11) Identifies and implements process improvements in the architecture and/or infrastructure of existing systems in the area of cybersecurity
- 12) Advice and mentor the development of junior staff members, provide guidance in self-learning activities
- 13) Understand and ensure compliance with all current and applicable laws, regulations, and guidance’s from US and EU that affect Medical Device Cybersecurity
- 14) Remains up to date on new and emerging technologies within area of technical expertise and serves as resource to other Baxter employees
- Competency with security event monitoring tools and techniques
- Subject matter expertise in cybersecurity event analysis including requirements, design, architecture and operations
- Maturity to accept direction, confidence to give direction
- Creativity in addressing technical challenges
- Technical expertise and/or breadth in one or more systems environments and strategic technologies
- Ability to understand and assist in evolution and/or integration of Baxter applications
- Strong oral and presentation skills
- Proven record to deliver results
10
Threat Intelligence Expert Resume Examples & Samples
- Perform research and analysis of malware, security threats and vulnerabilities, including statistical views
- Query and analyze threat trend analysis data, IOC (indicators of compromise) from multiple database sources
- Hands on experience in database design/operation/maintenance and MySQL
- Big data hands on experience required (Apache Hadoop, Spark, NoSQL, etc)
- Deep appreciation and understanding of how web service work together, include HTTP, REST, XMLRPC, JSON and preferably STIX/TAXII
- Data visualization experience (Tableau, Qlikview, etc)
- Experience with of at least one scripting language: Shell, Ruby, Perl, Python, etc o Further development skills (C/C++) an asset
- Familiar understanding of malware and sandbox concepts
- Familiar understanding of security vulnerability and exploit lifecycle
- Networking concepts and Linux system administration skills
- Clear understanding of competitive landscape and differentiators in regard to APT defense
- Statistical and quantitative analysis (R, Matlab, SAS, Stata, etc) is a very strong asset
- Comprehensive understanding of machine learning concepts is a strong asset
- Highly motivated and responsible quick learner
11
Threat Intelligence Manager Resume Examples & Samples
- Develops, sets the direction, designs, and implements threat intelligence programs and plans in threat environments evolving and complex, international or domestic, predictable and unpredictable. Works with Corporate Security managers and subsidiaries to ensure plans are predictive, not just reactive, while appropriate for the location/culture and aligned to Corporate Security business plans
- Acts as a key participant in forming response options to high profile threats to business such as terrorist attacks, strikes, and hostile communications to executives. Undertakes assignments that have a broad impact across the company, such as conceiving of and proposing new security initiatives and guidelines, broader studies of areas such as crisis management, multidisciplinary intellectual property programs, and other broader projects normally done by the director. Able to maturely deal with interdepartmental obstacles to achieving company strategic goals. Uses a deep understanding of global threats to businesses, such as state sponsored attempts to leverage company IP and terrorist targeting of western businesses
- Manages internal and external resources in the development and delivery of products and services in the travel security and risk assessment space. Formulates and manages Corporate Security’s role in business continuity. May make decisions with others regarding allocation and management of financial resources. Continually develops sources, generating reports based on data mining tools driven by business requirements. Able to act as a persuasive, credible representative with senior and executive leadership on the expenditure of financial resources
- Supports Director of Corporate Security’s special initiatives as needed. Provides direct supervision to assigned direct reports, including setting objectives and creating a business plan. Collaborates with Security Managers to influence subsidiary management regarding budgetary plans. Provides guidance and leadership with respect to analytical tools and techniques in order to spread threat analysis expertise within key company threat nodes
- Willingness to be on-call for response to emergent situations as needed
- Minimum of seven (7) years of intelligence, analysis, and/or Intelligence Community experience
- Minimum of two (2) years Threat Intelligence experience in a commercial and/or business setting
- Master's degree is preferred
- Experience in both public and private sector threat analysis preferred
- A demonstrated ability to work with ambiguous information in resource constrained environments
- Firm understanding of the US Intelligence Community and associated federal and local agencies
- Strong understanding of global business practices
- Complex professional level understanding of organizations posing a threat to company personnel and IP
- Works comfortably in foreign environments
- Ability to work irregular hours as needed
- Outstanding verbal and written communication skills, adaptable to all levels of the organization
- Must have demonstrated experience and exposure in the international security arena
- Demonstrates ability to use independent decision making to adjust actions, decisions, and communications in a variety of different situations and cultures
- Required to apply a broad spectrum of knowledge on a daily basis for issues that include physical security, compliance, investigation strategy, intelligence gathering and evaluation in a manner meaningful and credible to the customer
12
Threat Intelligence Developer Resume Examples & Samples
- Maintain, develop, and continuously evaluate cyber, brand & threat intelligence/data sources
- Maintain an understanding of the overall threat landscape (cyber, malware, botnets, phishing, DDoS, physical)
- Collect, analyze, investigate, store, and disseminate indicators of compromise (IOCs), threat intelligence
- Regularly develop and produce written cyber brand and threat intelligence reports
- Provide support to the FIS Security Incident Response Team and SOC in the effective detection, analysis, and containment of attacks, as well as researching potential IOCs and linking to intelligence
- Partner with incident response, physical security, legal, and other teams
- Partner with peers at other organizations through the FS-ISAC and other groups we belong to, as well as through personal trust groups and relationships
- Draft, edit, and disseminate threat intelligence information/briefs to stakeholders, executive leadership, and others
- Monitoring of security procedures and practices, recommend optimizations and improvements when gaps are identified
13
Incident Response & Threat Intelligence Manager Resume Examples & Samples
- Manage and lead the bank’s highly technical Incident Response and Threat Intelligence team
- Conduct and oversee incident detection, containment, eradication, and recovery procedures
- Oversee and support investigations through data analysis and information gathering. Collect and protect evidence, provide internal and external communications, and document lessons learned
- Participate and lead key functional areas of the Computer Security Incident Response Team (CSIRT)
- Lead and manage security incidents to ensure timely mitigation and remediation efforts are completed
- Monitor and assess a range of threat intelligence feeds for actionable indicators or potential risks
- Responsible for creating and evaluating workflow processes, procedures, and checklists
- Coordinate with internal and external customers to identify, analyze, and mitigate security incidents
- Create, mature, and maintain applicable metrics and reports for areas of responsibility
- Evaluate new and existing regulatory incident reporting requirements to ensure bank compliance
- Experience responding to attacks vectors such as malware, data exfiltration, DDoS, and phishing
- Build and maintain effective relationships with other technology and business departments
- Manage team short-range planning including and training programs for team
- Provide continuous feedback, write annual appraisals, and oversees staff development
- Implementing technical solutions for requirements supporting GLBA, SOX, NIST, ISO, and PCI
- Manage vendor relationships to ensure business satisfaction with network and system security services
- Ensure network security systems comply with company policies, standards, and procedures
- Research emerging technologies in support of security enhancement and development efforts
- Awareness of security contracts and management of capital and operating budgets
- Identify and resolve gaps in security program and defense in depth strategies
- Stay current with regulations, emerging threats, technology risks, and risks to financial institutions
- Continually re-asses the status quo and evaluate and adopt alternative processes and solutions
- Extensive experience and technical knowledge of system and network security practices, incident handling, authentication and security protocols, application security, and defense in depth practices
- Ability to present to small and large audiences
- At least 10 years combined systems, networks, and/or application security experience
- At least 3 years of experience managing and leading teams, programs, or departments
14
Lead Threat Intelligence Resume Examples & Samples
- Barclays Africa, its clients and partners. GIS Africa Intelligence’s role includes centralizing and coordinating all intelligence functions within GIS by providing timely, actionable, and high quality intelligence in support of critical operations globally
- Key accountabilities of the GIS Africa Intelligence team are conducting active intelligence gathering, analysis of multiple data feeds and engagements to provide actionable intelligence, consultancy and reporting to defense and fraud teams across Barclays Africa
- Lead and take action on a diverse range of technical and threat information related to the cyber-enabled fraud threat landscape
- Conduct deep-dive analysis to draw out cyber-enabled fraud trend analysis and context, drawing relevant conclusions and assessment. Continual added value is essential
- Increase Barclays Africa ability in the technical analysis of information linked to cyber-fraud cases, both external and internal, in order to generate actionable intelligence to prevent further attacks against Barclays Africa
- Conduct and communicate analysis into cyber threat campaigns, threat actors and threat evolution, placing into context the resulting current and future threat to Barclays Africa
- Develop additional skills and capability to deliver team objectives, identifying needs and making opportunities to fulfil these. Contribute to the growth of the team’s technical capability and understanding of cyber fraud and delivery by utilizing (learning if necessary and) suitable tools and analysis
- B-degree in a Technology related field (NQF level no. 6). Postgrad Degree preferred
- Ten (10) years’ experience in a technology environment with at least five (5) years focused on Information Security
- Proven experience managing people
15
SOC Threat Intelligence Resume Examples & Samples
- Identify and prevent current and future threats to user/customer security and privacy
- Provide level 2 proactive security events analysis and threat analytics
- Monitoring of security events in the SIEM, as well as other security feeds and then take appropriate action based on the company security policy
- Ownership and triage of Information Security incidents through to service recovery
- Documenting event analysis in sufficient detail that the analysis process can be passed to other security personnel or subject matter experts
- Must be able to read and interpret raw packet data
- Understanding of common network services (TCP/IP web, mail, FTP, DNS etc.), vulnerabilities, and attack patterns is a must
- Knowledge of firewalls, intrusion detection/prevention systems and various Operating Systems
- Experience with End Point Forensics tools such as Carbon Black and Network Forensics Tools such as Security Analytics (Netwitness)
- Investigate security breaches and provide guidance to other SOC Analysts
- Be an advocate of information security and privacy programs across the company
- Provide management with metrics and reports
- Generates daily Threat Tracking reports and Advisories and works with the Security Awareness Manager for the purpose of proactive awareness and response
- Serves as an internal security threat/incident response subject matter expert
- Identifies key security concerns based on threat analysis and uses them to provide Threat Prevention based solutions
- Bachelor Degree in Computer Sciences, or equivalent prior work experience in a related field
- One or more of the following security certifications is required. (GREM, GCIH, GCIA, GAWN)
- One or more of the following certifications is preferred (Security+, Network+, CISSP, and CRISC)
- A broad understanding of the security landscape and its business context / impact
- Exceptional written and verbal communication skills, including the ability to describe technical mechanics and put them into a humanized context
- Eight to ten years in a computer related field, with at least seven in Information Security
- Advanced knowledge of network security infrastructure, risk analysis, data/voice communication systems, services and system/network configurations. Network operations, design, and systems management
- Strong knowledge of OWASP, NIST, PCI, and best practices
- Strong security knowledge and conceptual understanding of current technologies such as firewalls, VPNs, IDS/IPS and other security devices
- Strong analytical skills (i.e., technical and non-technical problem solving skills)
- Must have the ability to communicate technical and security-related concepts to a broad range of technical and non-technical staff and management
- Possess strong interpersonal and project management skills
- High personal credibility and integrity
- Strong ability to persuade, convince and influence others through collaboration
- Must have the ability to work and effectively prioritize in a highly dynamic work environment
- Act responsibly and professionally as part of an enterprise team
- Maintain a professional working relationship throughout all levels of the organization
- Must have strong analytical and problem solving skills
16
Incident Response / Threat Intelligence Resume Examples & Samples
- Work with Prospects and Clients to rapidly assess Cyber Security Incidents and Incident Response/Threat Intelligence Service Request that are escalated to SecureWorks
- Rapidly assess Cyber Security Incidents, likely response plan, skillsets required to respond, and ability for SCWX to respond
- Enable sales staff through confidence inspiring interactions with Prospects and Clients, demonstrating best in class Incident Response Knowledge
- First line of defense against project risks: legal risks, scope risks, budget risks
- Manage urgent and critical interactions with all levels of prospect and client staff from Leadership to Technical Staff
- Maintain professional, calming, and authoritative presence in crisis situations
- Monitor several communication channels for Incoming IR and threat intelligence enrichment service requests
- Take ownership of, triage, and update tracking systems for service requests
- Gather contextual information from multiple sources to establish a service request course of action or respond to a standard request for information, to include threat intelligence data sets, service delivery engagements in progress, previous service delivery engagements, service delivery procedures, and service descriptions
- Meet service level agreements regarding initial response time and client notification as it pertains to SecureWorks IR and TI services
- Determine the appropriate contract vehicle for net new client service requests to ensure contractual coverage and funding for the service request
- Liaise with practice leaders, team leads, and account executives to schedule the appropriate personnel to join teleconference calls with prospects and clients seeking IR and TI services
- Facilitate communications with prospects, clients, account executives, and service delivery specialists to assess scope, objectives, and required skillsets for IR and TI enrichment service requests at the “pre-sales” stage or “pre-delivery” stage of potential service requests
- Provide instructions in written and oral formats to prospects and clients for media handling and artifact collection that are required for IR and TI enrichment service requests
- Provide internal stakeholders the necessary information for decision support and situational awareness on service request intake activities
- Document all communications with clients and intradepartmental constituents related to outstanding service requests in order to escalate to the next level and track intake activities
- Route service requests to the proper service delivery team with the appropriate level of urgency and communication channel in a professional and courteous manner with an emphasis on client satisfaction. Assess and escalate to the next level as needed
- Support the development and documentation of process improvements for efficient and effective response to IR and TI service requests
- Minimum five (5) years of experience in cybersecurity operations or IT/Network Security Engineer and
- Professional degree relevant to cybersecurity
- GCIH, GCFE, GCFA, GREM, CISSP, CISM, or similar cybersecurity technical and managerial certifications
17
Threat Intelligence / Red Team Manager Resume Examples & Samples
- Development, analysis and assimilation of threat intelligence feeds with intention to automate handling of new intel where possible
- Establishment of intelligence sharing with industry security experts
- Creation, implementation and testing of logic to prevent and detect malicious actions across the Huntington network
- Partnering with business segments to decision a penetration test, define the control objectives to test, overseeing and guiding the test leading technical and business personnel in the remediation of any findings from the test
- Working closely with other teams within Information Security, as well as Corporate Security and Fraud teams to expand an insider threat program
- Defining the scope, rules of engagement, and primary objectives for red team exercises
- Identifying and integrate detective measures to better support existing components throughout the enterprise
- Development and curation of a Threat Actor Library
- Providing guidance and advice to the Chief Information Security Officer related to emerging threat actors, methodologies, and eminent threat events
- Providing corporate-level expertise and support to individual lines of business as well as the corporate risk functions on risk, trends, and activity concerning top threat actor motives, means, techniques and timing
- Demonstrate comprehensive understanding of varied Threat Actors, remain vigilant to their changing tactics, stay abreast of industry trends, and strategize operational enhancements to combat emerging threats
- Provides specific information and assessment of exposure covering aspects such as: cross channel fraud, hacktivists movement, high profile cases and criminal behavior patterns discovered; articulating trends in management and tactical briefings
- Analysis of deep web and covert communication mechanisms to facilitate ongoing understanding of criminal communications specific to Huntington Bank
- Regularly communicates with Business Unit, Information Security and Risk partners to establish, maintain and improve upon monitoring and methods to address and mitigate risks both within the Business Unit and core network
- Working knowledge of consumer and commercial banking across multiple channels preferred
- Working knowledge of various detection and prevention systems, their capabilities and application
- Broad knowledge of technology and how it can be exploited
- Understand the technical details of various attacks, including network, web application and wireless exploits
- Experience assessing multiple concurrent complex systems or processes from a risk perspective and documenting recommended mitigation options
- Demonstrated experience influencing system and business leaders to enhance security process and enable the business through security
- Ability to create well written documents and deliver high quality presentations
- Specific experience working in threat intelligence, red teams, or incident response is preferred; with deep industry contacts in security research, cross channel fraud, and information security
- Preferably served in senior level risk, information security or investigations role(s) within a complex banking organization
- Exceptional analytical and problem solving skills; ability to identify, escalate, investigate and resolve issues
- Strong verbal and written communication skills; able to correspond effectively with segment risk officers, various operations teams and senior management
- Capable of sharing knowledge, mentoring, and training other team members
- Ability to manage and prioritize complex and occasionally competing tasks
- Self-motivated with the ability to work independently and as a member of a team
18
Threat Intelligence & Vulnerability Management Lead Resume Examples & Samples
- Provide overall management of the Threat Intelligence program
- Maintain an up-to-date understanding of emerging cyber threats
- Support program to inform stakeholders of threats
- Utilize Threat Intelligence information to increase awareness and monitoring capabilities
- Identify and implement sources of intelligence
- Provide overall management of the Vulnerability Management program
- Work with multiple teams to ingest vulnerability data and process for remediation
- Build effective relationships with key stakeholders who own and support IT infrastructure applications, processes, and operations to further the effectiveness of the vulnerability management program
- Analyzes data from threat and vulnerability feeds and analyzes data for applicability to the organization
- Seek opportunities for strengthening Vulnerabilities detection capabilities
- Gain commitment from stakeholders to implement recommended and agreed information security controls for the mitigation of risk related to vulnerabilities
- Demonstrated experience building and managing vulnerability management programs
- Strong knowledge of remediation work
- Strong knowledge of common vulnerabilities and exploitation techniques
- Strong understanding of patch deployment and management
- Ability to track multiple work streams
- Ability to digest multiple flows of intelligence and vulnerability data to create actionable intel and drive remediation activities
- Experience with multiple vulnerability scanning technologies
- Ability to brief technical risks and issues to executives and business leaders
- BS or MA in Computer Science, Information Security, or a related field
- 10+ years of experience in Information Technology 5+ years of experience in Information Security space
- Russian language skills
19
Senior Threat Intelligence Manager Resume Examples & Samples
- Responsible for leading the tactical and strategic components of the Intelligence function within the TMC to include people, process, and technology
- Supervises the processing of both internal and external Cyber Threat Intelligence for determination of impact, hunting to determine scope, and implementation of mitigations to defend Verizon’s enterprise
- Identifies new intel feeds and implements process intake
- Ensures intelligence analysts conduct pivoting analysis on Threat Intelligence to identify current impact or proactively process mitigations for defense
- Review reporting of Intelligence analysis to peers and leadership teams for purposes of situational awareness and making Intelligence actionable
- Ensure tactical mitigations are processed based on results of analysis and determination of threat validity
- Support the Threat Management Center during incident response and threat monitoring activities to include intelligence context and analysis support
- Drive the technical oversight and guidance required to support junior and mid-career team during Intelligence analysis efforts
- Review intelligence and technical articles for knowledge sharing
- Lead strategic projects and develop capabilities to enhance and mature existing cyber Intelligence functions
- Attracts, retains, and leads a team of employees by educating, developing and managing them to deliver strong results
- Responsible for all aspects of their team’s performance management activities including goal setting, conducting reviews, check-ins and disciplinary action, as needed
20
Threat Intelligence Manager Resume Examples & Samples
- Supervision/ management of an IT function/site/corporate operation
- Day-to-day functional management of the organization, to include performance management, training/developing, forecasting/reporting, and budgeting/expense control
- Set future direction and plans
- Ensures operation meets basic user, headcount, and quality guidelines
- Represent operation
- Provide training program
- Provide day-to-day operational reporting/tracking indicators
- Contributes to the development of new principles and concepts
- Currently be a US Citizen
- Bachelor's Degree with 9 years or a Master's Degree with 6 years or PhD with 4 years in Computer Science, International Relations, Security Studies, Intelligence Studies, Cyber Security, Information Management or related field in a Thread Intelligences Management role
- Turn threat analysis into actionable intelligent (change in software, integration, design, etc)
- Tech-expertise in the cyber warfare simulation
- Ability to influence using insight, logic, and data to effectively persuade partners or customers or partners on recommendation or course of action
- Proven leadership in building effective security teams and ability to influence strategic and tactical decisions that affect security objectives
- Understanding of emerging threats, including tactics, techniques and procedures used by advanced adversaries
- Knowledge of current hacking techniques, vulnerability disclosures, data breach incidents, and security analysis techniques
- Strong understanding of threat intelligence automation technologies, architectures, contextual engines, and instrumentation
- Expert knowledge of and experience with all phases of the incident response lifecycle
- Experience working and sharing within high-trust communities internally and externally
- Ability to write and deliver high-quality intelligence assessments and briefings for a senior-level audience
- Make sure they put in place policies, with information sharing with regards to cyber security threats
- Ability to clearly and concisely articulate issues to both technical and non-technical audience Advanced knowledge of a highly technical or professional field. Applies advanced principles, theories, and concepts
- Building an effective global intelligence network through strategic internal and external partnerships, and enabling information sharing among Intel group of companies and with trusted external partners
- Proven record establishing an effective information security team, experience working for a global, multinational company, have demonstrated experience leading a team to deliver timely and actionable threat intelligence, and ability to influence decision makers with data and objective analysis
- Strong technical security and risk management expertise, deep understanding of incident response and the cyber threat intelligence lifecycle, experience delivering penetration testing capabilities and business process and customer relationship management skills
21
Threat Intelligence Intern Resume Examples & Samples
- Evaluate malware detonation sandbox provisioning
- Analyze cyber threats to identify IOCs and functionality
- Develop automation for collection and processing of data
- Collect and analyze OSINT
- Work with regular expressions and YARA signatures
22
Threat Intelligence, Senior Manager Resume Examples & Samples
- Consistently meet Service Level Agreements for service requests
- Gather saturation and protection metrics and ensure action is taken to immediately resolve any defects
- Manage on-call rotation for priority events
- Work with other IT support departments to ensure best practices are followed for maintaining SEP (e.g. Gold image maintained with newest SEP client)
- Threat Detection, gather intelligence on new cyber-threat and create prioritized correlation content to address relevant threats
- Govern the correlation content program to ensure content is active for relevant threats and removed for threats that are not relevant
- Work closely with the Security Operation Center to ensure their needs are met and that new content is handed off efficiently
- Govern the log management process to ensure devices are logging as intended and if gaps are identified and re-mediate them immediately
- Follow and implement all CVS processes and procedures
- Provide evidence to our various audit teams and 3rd parties regarding PCI,PHI, PII and HIPPA compliance
- Maintain positive morale in a high demand high pressure organization
23
Senior Manager, Threat Intelligence Resume Examples & Samples
- Manage and continue to build the Global Threat Analysis Team
- Develop and maintain up to date threat analysis procedures
- Ensure threat analysts provide timely and customer-appropriate intelligence and briefings
- Interface with stakeholders across all Sony Group companies worldwide to drive a deep understanding of relevant threats
- Lead projects to improve data collection and interpretation processes and initiatives regarding threat intelligence and information security
- Monitor, research, analyze, brief, and develop mitigation for information security threats
- Maintain awareness of the latest emerging threats and exploitation vectors
- Provide analysis to help protect Sony from advanced threats and create awareness of unique threats to Sony
- Work closely with other technical, forensic and incident management personnel
- Develop and maintain analytical procedures to meet changing requirements and ensure maximum operational effectiveness
- Bachelor’s degree, preferably in Information Technology or other applicable area, or other equivalent experience
- Minimum of 7 years’ experience in one or more of the following areas: Information Security, Data Analytics, Intelligence Analysis
- Minimum of 3 years’ of experience in management of analysis teams
- Demonstrated understanding of threat information gathering and analysis
- Ability to engage with business stakeholders translating detailed analysis into relevant briefings
- Ability to work and communicate effectively and tactfully with all levels of executives
- Exceptional communication and advocacy skills, both verbal and written, with the ability to express complex and technical issues as understandable language
- Ability to manage multiple activities and events simultaneously, with a strong ability to prioritize multiple tasks and respond to high-priority events; organizing and scheduling work effectively
- All candidates must be authorized to work in the USA
24
Incidence Response & Threat Intelligence Manager Resume Examples & Samples
- A four-year college degree
- Demonstrated, extensive experience and knowledge of network security practices
- At least one of the following certifications: CISSP, CISM, GSLC, GCIH, GCIA, GCFA, CSIH, CEH, CHFI
- Hands-on experience in incident handling, IR documentation, risk and incident escalation, applications security, security protocols, and authentication
- A minimum of 8 years of combined networks, applications, and/or systems security experience
- A minimum of 2 years of experience in leading teams
- Demonstrated experience in cloud security
- A technical certification in cloud computing
- Certified Ethical Hacker (CEH)
25
Threat Intelligence Expert Resume Examples & Samples
- The analyst will assist with collection of data from Novartis (IT) security community, intelligence from vendors, open source intelligence and social media
- Identifying and analyzing patterns and changes in tactics, techniques and procedures used by attackers to attack Novartis IT infrastructure and management staff
- Proactively identify and analyze vulnerabilities as well as related exploits and attack vectors
- Debrief management through presentations and written briefs on the threats facing our industry and company with likelihood of occurrence
- Analysis will result in indicators of compromise, accurate understanding of the risk to Novartis IT infrastructure and prioritization of remediation efforts and manpower
- Monitoring for emerging vulnerabilities impacting resources used within Novartis
- Track attack vectors used by Threat Actors and evaluate the effectiveness of existing controls
- Support the Threat and Vulnerability Assessment process to ensure proper prioritization of remediation
- Establish required contact to identify targeted campaigns against the company
- Review available intelligence feeds
- Identify potential trade of data belonging to the company
- Validate profile of potential threat actors to define likelihood of occurrence and validity of new threats
- Collect and consume intelligence on likely targeting or past targeting leading to data being available on the dark web
- Maintain up-to-date awareness of computer network exploitation and attack tools, threats and vulnerabilities and respective counter/mitigation measures
- Develop a working understanding of attackers capabilities and intentions
- Provide trend/correlation analysis and scenario forecasting
- Respond to requests for information (RFI’s) from (IT, internal, management, security) staff
- Create consumable intelligence briefs
- Brief senior leaders on likely threats targeting our company