This job is closed

We regret to inform you that the job you were interested in has been closed. Although this specific position is no longer available, we encourage you to continue exploring other opportunities on our job board.

Principal Threat Analyst

Optiv Security - Tampa, FL

posted about 2 months ago

Full-time - Principal
Remote - Tampa, FL
Professional, Scientific, and Technical Services

About the position

The Principal Threat Analyst at Optiv will provide in-depth analysis for client investigations using various data sources and monitoring tools. This fully remote position requires collaboration with technology engineers and threat analysts to enhance security measures for clients. The role involves proactive threat hunting, incident response, and mentoring junior analysts while developing innovative methods to detect malicious activities.

Responsibilities

  • Operate independently in a geographically dispersed team, maintaining situational awareness and keeping the team updated.
  • Perform security monitoring and incident response activities across networks using various tools and techniques.
  • Detect incidents through proactive hunting across security-relevant data sets.
  • Document incident response analysis activities thoroughly.
  • Review investigations conducted by junior analysts to ensure quality standards are met.
  • Develop new, repeatable methods for finding malicious activity across networks.
  • Provide recommendations to enhance detection and protection capabilities.
  • Present technical topics to both technical and non-technical audiences regularly.
  • Develop and follow detailed operational processes and procedures for analyzing, escalating, and assisting in the remediation of information security incidents.
  • Prioritize multiple high-priority tasks and formulate responses/recommendations in a fast-paced environment.
  • Assist other security teams as needed.
  • Continually develop new technical skills and push overall team capabilities forward.
  • Engage with and mentor other team members.
  • Collaborate with other teams on major engineering and architecture initiatives.
  • Innovate understanding of attack methodologies, malware analysis, and malicious toolkits.
  • Conduct advanced proactive threat hunting and understand advanced adversary emulation concepts.
  • Design advanced use cases for insider threat, operational threat detection, and response.
  • Review defensive and detective controls to reduce client attack surface.

Requirements

  • 6+ years operational experience assessing, reviewing, and remediating infrastructure vulnerabilities, CVEs, and risks.
  • Knowledge of third-party software vulnerabilities and the security threat landscape, especially network and server threats.
  • Understanding of cyber security threats and risks, vendor computing environments, basic systems, and network technologies.
  • Experience with CVEs and CVSS scores.
  • Knowledge of compensating controls and mitigating factors.
  • Familiarity with Information Security frameworks, guidelines, and standard methodologies.
  • Knowledge of Windows and/or Linux operating systems.
  • Understanding of Cybersecurity controls and logging and monitoring tools.
  • Ability to interact expertly with all levels of personnel.
  • Excellent verbal and written communication skills.
  • Strong problem-solving and analytical skills.
  • Ability to manage multiple projects with a prioritizing and results-oriented approach.
  • Good teamwork skills with flexibility for support operations.
  • Advanced understanding of the cyber threat landscape and adversary tactics and techniques.
  • Experience with moderate to complex investigations using multiple tools including endpoint, UEBA, public cloud, SAAS, and packet analysis.
  • Experience in security use case design recommendations for threat detection.
  • Experience in threat response activities such as quarantining hosts and other common response playbook activities.
  • Proactive threat hunting using multiple client tools.
  • Process development and documentation skills.
  • Application of threat intelligence to improve detection and response capabilities.
  • Extensive experience with the MITRE ATT&CK framework and associated tactics.
  • Experience with alert triage and endpoint investigations using technologies such as EDR.
  • Experience in phishing analysis and malware analysis (not including reverse engineering).
  • Knowledge of AWS, Azure, and GCP cloud service technology.
  • Basic fraud and insider threat investigation skills.
  • Knowledge of metrics and reporting using data visualization tools such as Tableau.
  • Demonstrable data analytics skills.
  • Passion for data analysis.

Nice-to-haves

  • Experience with data visualization tools such as Tableau.
  • Familiarity with advanced adversary emulation concepts.

Benefits

  • Work/life balance
  • Professional training resources
  • Creative problem-solving opportunities
  • Volunteer opportunities through "Optiv Chips In"
  • Technology necessary for remote work
Job Description Matching

Match and compare your resume to any job description

Start Matching

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service