Cyber Threat Intelligence Analyst
We are looking for a Cyber Threat Intelligence Analyst who will manage our intrusion detection system (IDS) and Expert System content; ensuring detection for clients is optimal and up to date. The analyst will be responsible for monitoring a global network of sensors looking for trends and patterns in signatures, fixing and making updates as necessary. These changes will include creating and maintaining signatures while ensuring they perform accurately in a complex environment. Communication of these enhancements to our clients is an essential role for this position, which will require strong written and verbal qualities.
Primary Responsibilities:
- Monitor and collect information on information security threats from various sources
- Analyze, categorize, and rank threats so that clients have current information and detection
- Communicate updates to clients and partners on regular basis through email, blogs, and presentations
- Manage dependences between Signature, Expert System, and vulnerability scanner detection logic
- Track and report on detection performance
Required Skills:
- 2-5years of experience writing and tuning Intrusion Detection Signatures
- Ability to analyze raw network traffic through tools such as tcpdump
- Ability to automate computer operations through custom programming (Prefer Perl, Python, or C++)
- Experience with both Windows and Linux systems, including Command Line knowledge in Linux.
- Strong written and verbal communication skills
Education Requirements:
- A GIAC certified intrusion analyst certification or CISSP is preferred. If the candidate does not have one, it must be acquired within 6 months
- Possession of other certifications, including Snort Certified Professional or Sourcefire Certified Expert is preferred.
Alert Logic sits at the nexus of two of the hottest trends in IT: the adoption of cloud technologies and increased security and compliance requirements driven by an increasingly connected world. In a typical month, Alert Logic processes over 100 million security events and store petabytes of data for over 1,300 enterprise customers. We are an established company with a history of almost 10 years, yet maintain a pace, energy and agility that allows us to advance our offerings and technology and preserve a startup-like culture. Our revenues are strong. Our customer base is growing rapidly.
We are a group that works as a team to exceed our customer’s expectations and strive for excellence in our ability to recognize malicious network activity. Our company continues to grow at a strong pace and we offer a relaxed but professional environment in which to work. We offer competitive pay, a good benefits package and a chance to work along side some of the best security people around.
