Logo
ThreatLocker

Threat Analyst

ThreatLocker, Orlando, FL, United States


ThreatLocker is a global leader in Zero Trust endpoint security. The ThreatLocker Zero Trust Endpoint Protection Platform combines Application Allowlisting, Ringfencing, Network Control, Storage Control, Elevation Control, and Endpoint Detection and Response solutions in ways that make security simple for the IT professional. 

ThreatLocker utilizes a deny by default approach that blocks all software, including ransomware, from running unless it is explicitly allowed. Since its founding in 2017, ThreatLocker has been recognized as one of the best cybersecurity protection platforms that now includes EDR, MDR, and compliance-friendly controls and monitoring. 

Job Summary

The Threat Analyst is responsible for identifying, investigating, and responding to cyber threats, vulnerabilities, and security incidents, as well as conducting adversary simulations to test and improve system resilience. 

Key Responsibilities

  • Threat Detection & Monitoring
    Monitor security tools (SIEM, IDS/IPS, EDR) for suspicious activity. Analyze alerts and data to identify threats. 

  • Incident Response
    Lead and participate in security incident response. Develop incident handling processes and create post-incident reports. 

  • Tool Development & Automation
    Develop automated tools and scripts. Maintain and enhance detection tools, including custom SNORT, SIGMA, and YARA rules. 

  • Security Investigations
    Conduct forensic analysis and threat hunting. Review logs to uncover unauthorized activities. 

  • Adversary Simulation
    Design and execute adversary simulations. Develop scenarios based on real-world TTPs and provide detailed reports. 

  • Red Team Operations
    Plan and execute red team engagements. Simulate advanced threats to evaluate security posture. 

  • Internal Security Research
    Research emerging threats and vulnerabilities. Develop internal security tools and share insights with the team. 

  • Penetration Testing
    Conduct penetration tests on platforms, applications, and networks. Identify and document vulnerabilities. 

  • Collaboration & Reporting
    Collaborate with cross-functional teams. Prepare and present detailed reports on testing outcomes to senior analysts and team leads. 

Key Skills & Qualifications

  • Education
    Bachelor’s degree in information security, Cybersecurity, Computer Science, or related field (or equivalent experience). 

  • Experience
    3+ years in a security-focused role. 

  • Technical Skills
    Familiarity with SIEM, EDR, IDS/IPS systems; scripting languages (Python, PowerShell, Bash); custom SNORT, SIGMA, and YARA rule creation. 

  • Certifications (Preferred)
    GCIA, GSEC, CISSP, CEH, OSCP, CompTIA Security+, Network+, Pentest+, CASP+. 

  • Soft Skills
    Analytical and problem-solving abilities, strong communication skills, detail-oriented