Sr. Analyst 2 - Content Developer

At Optiv, we’re on a mission to help our clients make their businesses more secure. We’re one of the fastest-growing companies in a truly essential industry.In your role at Optiv, you’ll be inspired by a team of the brightest business and technical minds in cybersecurity. We are passionate champions for our clients and know from experience that the best solutions for our clients’ needs come from working hard together. As part of our team, your voice matters, and you will do important work that has an impact, on people, businesses, and nations. Our industry and our company move fast, and you can be sure that you will always have room to learn and grow. We’re proud of our team and the important work we do to build confidence for a more connected world.The Optiv Threat Intelligence Researcher will focus on conducting in-depth analysis and investigating complicated cyber attacks which are conducted by APTs and cyber criminal organizations. You will be required to perform forensic analysis, malware research, attribution of tools and infrastructure, and identify indicators of compromise (IOCs). You will collaborate with the Optiv Threat Hunting, Threat Intelligence, Detection & Response and R&D teams to produce detailed and actionable intelligence and enhancements to our products.  In addition, to account for ever-evolving threats and with the emergence of new log sources, the employee is expected to stay adaptable and proactive to remain knowledgeable of the latest strategies and tools to help the business leverage that data for increased profitability and growth as well as security.   The Threat Intel Researcher will be responsible for the creation of documentation, processes, and visualizations to aid in the comprehension and integration of threat detection and response activities across a wide range of client and threat detection platforms. Experience and knowledge of SIEM/Threat Intelligence Platforms and Situational Awareness are essential.   The employee will serve as a primary responder for high level threat responses involving critical and/or zero-day threats where threat platform Use Case coverage is needed.  Remote is acceptable. Shift work will overlap with US hours at times. 

Primary Responsibilities

• Act as a point of escalation for other Engineers (Analyst at all levels) and provide guidance and mentoring regarding emerging threats and Use Case overview. 
• Explain and model how Optiv Use Cases and SIEM content align to MITRE Att&ck Framework to both technical and relatively non-technical personnel. 
• Perform in-depth research and analysis of attacks and compromises 
• Produce technical reports and white papers for both internal audiences and customers. 
• Partner with development teams to transform research into actionable detections. 
• Serve as the authoritative subject matter expert for forensics and malware analysis. 
• Provide technical detailed and proactive research for emerging security trends. 

Qualifications

• 5+ years of experience in one or more of the following: 
• Threat Intelligence & threat actor research 
• Malware reverse engineering & research 
• Threat Hunting 
• Incident Response and digital forensics 
• Extensive experience with Threat Intelligence tools: 
• TIPs (Threat Intelligence Platforms) 
• OSINT 
• MITRE ATT&CK 
• Experience producing intelligence reports 
• Expert understanding of Threat Actors and their corresponding TTPs 
• Ability to digest technical assessment and/or malware analysis reports 
• Producing Cloud Security Use Cases (Azure, AWS and Google Cloud) based on best practices and clients needs 

DESIRED QUALIFICATIONS

• Experience working with Internal and client Ticketing and Knowledge Base Systems for Incident and Problem tracking as well as procedures. (i.e. Jira, Confluence, ServiceNow.). 
• General security knowledge (GIAC, CISSP, CCSE, CISA, HBSS, NSA, CEH, Cisco Security, Security +, or other security certifications). 
• 8+ years of Cybersecurity experience which can include any of the following: 
• Threat Intelligence 
• Incident Response/ Forensics 
• Security Operations 
• Penetration Testing 
• Threat Hunting 
• Malware reverse engineering 
• Advanced experience with security assessment toolsets 
• Proven record of delivering threat intelligence reports, presentations, courses, and webinars 
• Proficiency with languages: Python, JavaScript, HTML, Bash, C/C++ 
• Experience with SQL or SPL 
• Proficiency with debuggers 
• Knowledge of network and application stacks, OS internals, and/or hypervisors 
• Knowledge of Cloud architectures 
• Certifications: GIAC, ISC2, or CEH 

Language Skills

• Ability to read and comprehend simple instructions, short correspondence, and memos.  Ability to write correspondence.  Ability to effectively present information in one-on-one and small group situations to customers, clients and other employees of the organization. Strong written and verbal communication skills are a must. 

Reasoning Ability

• Ability to apply common sense understanding (understanding that a reasonable person would have) to carry out instructions furnished in written, oral, or diagram form.  Ability to deal with problems involving several concrete variables in standardized situations. Ability to interpret a variety of instructions furnished in written, oral, diagram, or schedule form 

If you are seeking a culture that supports growth, fosters success, and moves the industry forward, find your place at Optiv! As a market-leading provider of cyber security solutions, Optiv has the most comprehensive ecosystem of security products and partners to deliver unparalleled services. Our rich and successful history with our clients is based on trust, serving more than 12,000 clients of varying sizes and industries, including commercial, government, and education. We have the proven expertise to plan, build, and run successful security programs across Risk Management, Cyber Digital Transformation, Threat Management, Security Operations - Managed Services, and Identity and Data Management.With Optiv you can expect:• A company committed to championing Diversity, Equality, and Inclusion through our Affinity groups including, Black Employee Network, Disabled Employee Network, Latino Employee Network, Optiv Pride (LGBTQIA+), Veterans Support Network, and Women's Network.• Work/life balance. • Professional training resources• Creative problem-solving and the ability to tackle unique, complex projects• Volunteer Opportunities. “Optiv Chips In” encourages employees to volunteer and engage with their teams and communities.• The ability and technology necessary to productively work remote/from home (where applicable)Optiv is an equal opportunity employer. All qualified applicants for employment will be considered without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, status as an individual with a disability, veteran status, or any other basis protected by federal, state, or local law.