Trustwave Holdings, Inc.
Cyber Threat Intelligence Analyst
Trustwave Holdings, Inc., Wilmington, Delaware, us, 19894
About Trustwave
Trustwave is a leading cybersecurity and managed security services provider focused on threat detection and response. We uncover threats that others can't and respond quicker than others can to protect against the devastating impacts of cyberattacks. We're a world-class team of cyber consultants, threat hunters and researchers serving clients in 96 countries. At Trustwave, you can learn alongside the best, make a personal impact on a global scale, and solve new challenges every day. Learn more about us at https://www.trustwave.com.
A Cyber Threat Intelligence Analyst is a member of the TDR SpiderLabs Applied Intelligence (SLAI) team within Trustwave Managed Security Services (MSS). The mission of this MSS team is to collect, curate and operationalize cyber threat intelligence (CTI) for internal security operations services teams. This team will provide advisory support to internal Trustwave stakeholders and lead the MSS organization active response and emerging threat functions as it relates to newly discovered incidents, threat campaigns, recently discovered 0-days, and geo-political events that may have significant impact to Trustwave MSS clients.
Responsibilities include but not limited to :
Source and execute an intel curation methodology to identify, classify and prioritize threats from internal sources, 3rd-party, OSINT, DarkINT, social, etc.Maintain the MSS Threat Intelligence PlatformProvide advisory support and reporting on threat actors, groups and campaigns to internal teamsManage and respond to emerging threat activity for MSSDevelop actionable threat intelligence; both tactical and operationalExecute proactive threat actor tracking and build a portfolio of threat profiles and trends from MSS activityApply intelligence through collaboration with peers to create use cases and detection rules for MSSPerform periodic cyber advisory presentations for Trustwave teamsKey Qualifications:
Complex critical thinking and security analysis skillsAdvanced written and verbal communication skills for a wide array of audiencesAbility to communicate technical risk details into easy-to-understand languageKnowledge of intelligence lifecycleSolid understanding of MITRE ATT&CK, Diamond model, NIST and other relevant frameworksAbility to prioritize and execute tasks in a high-pressure environmentExperience working in a team-oriented and collaborative environment including cross-functional collaborationSkills & Knowledge Requirements:Must have intermediate skills/knowledge in some of the following:
1 - 2 years' experience using and maintaining MISP or similar TIP solutionsMinimum of 2-years' experience producing threat intelligence, tracking cyber threats, incident response and/or threat hunting with a focus on attacker TTPs and attributionUnderstanding of STIX / TAXIIScripting, Python, and API experience1-3 years of SIEM experience with Microsoft Sentinel, Splunk, IBM Qradar or other platforms1-3 years of EDR experience with solutions from Microsoft, Palo Alto Networks, Sentinel One, Trellix, Crowdstrike or other platformsUnix/Linux and Windows system administrationExcellent analytical thinking and problem-solving skillsSuperb incident management and incident response skillsStrong oral and written communication skillsSelf-managed and team orientedDeadline and detail orientedHighly motivated with excellent teaming and customer service skillsPreferred :
Intermediate to advanced experience in Information Security related areas like CTI, SIEM, EDR, or DFIRCertified in Security related Industry, Vendor or Professional Certification- Certified Threat Intelligence Analyst, GCTI, Security+, etcEducation:
A high school diploma or equivalent is required; a college or university degree is a plus.
This is a remote opportunity open to anyone legally authorized to work in the United States. Guided by our flexible workplace philosophy, Moments That Matter, people gather in the office when in-person interaction is most impactful; full-time remote employees may be asked to travel occasionally based on the needs of the team and the business.
Per
Federal g
overnment contracting requirements, candidate must be a US citizen, as well as
potentially
pass and maintain a National Agency Check with Local Agency and Credit Checks (NACLC)
Trustwave is an Equal Opportunity Employer. We're committed to treating everyone with respect, one of our core TRUST Values, and strive to create a culture that empowers all Trustees to be their best, most authentic selves. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age, or any other federally protected class.
To All Agencies:
Please, no phone calls or emails to any employee of Trustwave outside of the Talent Acquisition team. Trustwave's policy is to only accept resumes from agencies via the Trustwave Agency Portal. Agencies must have a valid fee agreement in place and they must have been assigned the specific requisition to which they submit resumes, by the Talent Acquisition team. Any resume submitted outside of this process will be deemed the sole property of Trustwave and in the event a candidate is submitted outside of this policy is hired, no fee or payment of any kind will be paid.
Trustwave is a leading cybersecurity and managed security services provider focused on threat detection and response. We uncover threats that others can't and respond quicker than others can to protect against the devastating impacts of cyberattacks. We're a world-class team of cyber consultants, threat hunters and researchers serving clients in 96 countries. At Trustwave, you can learn alongside the best, make a personal impact on a global scale, and solve new challenges every day. Learn more about us at https://www.trustwave.com.
A Cyber Threat Intelligence Analyst is a member of the TDR SpiderLabs Applied Intelligence (SLAI) team within Trustwave Managed Security Services (MSS). The mission of this MSS team is to collect, curate and operationalize cyber threat intelligence (CTI) for internal security operations services teams. This team will provide advisory support to internal Trustwave stakeholders and lead the MSS organization active response and emerging threat functions as it relates to newly discovered incidents, threat campaigns, recently discovered 0-days, and geo-political events that may have significant impact to Trustwave MSS clients.
Responsibilities include but not limited to :
Source and execute an intel curation methodology to identify, classify and prioritize threats from internal sources, 3rd-party, OSINT, DarkINT, social, etc.Maintain the MSS Threat Intelligence PlatformProvide advisory support and reporting on threat actors, groups and campaigns to internal teamsManage and respond to emerging threat activity for MSSDevelop actionable threat intelligence; both tactical and operationalExecute proactive threat actor tracking and build a portfolio of threat profiles and trends from MSS activityApply intelligence through collaboration with peers to create use cases and detection rules for MSSPerform periodic cyber advisory presentations for Trustwave teamsKey Qualifications:
Complex critical thinking and security analysis skillsAdvanced written and verbal communication skills for a wide array of audiencesAbility to communicate technical risk details into easy-to-understand languageKnowledge of intelligence lifecycleSolid understanding of MITRE ATT&CK, Diamond model, NIST and other relevant frameworksAbility to prioritize and execute tasks in a high-pressure environmentExperience working in a team-oriented and collaborative environment including cross-functional collaborationSkills & Knowledge Requirements:Must have intermediate skills/knowledge in some of the following:
1 - 2 years' experience using and maintaining MISP or similar TIP solutionsMinimum of 2-years' experience producing threat intelligence, tracking cyber threats, incident response and/or threat hunting with a focus on attacker TTPs and attributionUnderstanding of STIX / TAXIIScripting, Python, and API experience1-3 years of SIEM experience with Microsoft Sentinel, Splunk, IBM Qradar or other platforms1-3 years of EDR experience with solutions from Microsoft, Palo Alto Networks, Sentinel One, Trellix, Crowdstrike or other platformsUnix/Linux and Windows system administrationExcellent analytical thinking and problem-solving skillsSuperb incident management and incident response skillsStrong oral and written communication skillsSelf-managed and team orientedDeadline and detail orientedHighly motivated with excellent teaming and customer service skillsPreferred :
Intermediate to advanced experience in Information Security related areas like CTI, SIEM, EDR, or DFIRCertified in Security related Industry, Vendor or Professional Certification- Certified Threat Intelligence Analyst, GCTI, Security+, etcEducation:
A high school diploma or equivalent is required; a college or university degree is a plus.
This is a remote opportunity open to anyone legally authorized to work in the United States. Guided by our flexible workplace philosophy, Moments That Matter, people gather in the office when in-person interaction is most impactful; full-time remote employees may be asked to travel occasionally based on the needs of the team and the business.
Per
Federal g
overnment contracting requirements, candidate must be a US citizen, as well as
potentially
pass and maintain a National Agency Check with Local Agency and Credit Checks (NACLC)
Trustwave is an Equal Opportunity Employer. We're committed to treating everyone with respect, one of our core TRUST Values, and strive to create a culture that empowers all Trustees to be their best, most authentic selves. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age, or any other federally protected class.
To All Agencies:
Please, no phone calls or emails to any employee of Trustwave outside of the Talent Acquisition team. Trustwave's policy is to only accept resumes from agencies via the Trustwave Agency Portal. Agencies must have a valid fee agreement in place and they must have been assigned the specific requisition to which they submit resumes, by the Talent Acquisition team. Any resume submitted outside of this process will be deemed the sole property of Trustwave and in the event a candidate is submitted outside of this policy is hired, no fee or payment of any kind will be paid.