Job Title:

Threat Intelligence Analyst

About Trellix:

Trellix is a global company redefining the future of cybersecurity and soulful work. The company’s comprehensive, open and native cybersecurity platform helps organizations confronted by today’s most advanced threats gain confidence in the protection and resilience of their operations. Trellix, along with an extensive partner ecosystem, accelerates technology innovation through artificial intelligence, automation, and analytics to empower over 50,000 business and government customers with responsibly architected security. More at  https://trellix.com.

Role Overview:

Join an industry leading team performing challenging and soulful work. Trellix is a global company redefining the future of cybersecurity. The company’s open and native extended detection and response (XDR) platform helps organizations confronted by today’s most advanced threats gain confidence in the protection and resilience of their operations. Trellix’ security experts, along with an extensive partner ecosystem, accelerate technology innovation through machine learning and automation to empower over 40,000 business and government customers. More at https://trellix.com.

Trellix Threat Intelligence is a portfolio comprised of solutions and services from our team of experts including our cybersecurity product team and Threat Intelligence Group (TIG). We help defend our customers against everyday threats with the tight collaboration between both our product team and our threat researchers working together in real time.

Trellix’s TIG delivers cyber threat intelligence services to global customers to enable preparation, detection, and response to the wide array of malicious cyber activity that persistently threatens organizations across all industry sectors.
The Threat Intelligence Analyst will collaborate with customers to enhance their cyber threat intelligence capabilities by leveraging the experience, knowledge, tools, and data of the Trellix cyber defense enterprise. The role is responsible for delivering cyber threat intelligence services, which include knowledge of sophisticated threat actors and associated tactics, techniques, and procedures, along with research, collection, analysis, and reporting of finished intelligence. The role will support customer security operations including planning and risk assessment, vulnerability assessment, 24x7x365 monitoring, and incident response.

About the Role:

The Threat Intelligence Analyst will report to the Director of the TIG.  As a member of the TIG, the Analyst will collaborate with TIG teammates, members of Trellix’ Advanced Research Center, Trellix Professional Services Consultants, and third-party partners.  The analyst will serve as a primary customer interface and will become immersed in customer operations through rapid learning and establishing relationships.  

• You will serve as a cyber threat intelligence subject matter expert and trusted advisor.

• You will integrate with customers’ operations-intelligence cycles to inject cyber threat intelligence.

• You will develop information/intelligence requirements and associated priorities.

• You will identify intelligence gaps and opportunities to improve intelligence sharing and utility.

• You will create tailored strategies for research, data collection, analysis, and reporting focused on customers’ areas of interest.

• You will need to communicate with the OCONUS customer at irregular hours frequently.  

• You will develop comprehensive responses to customer requests for information/intelligence (RFIs).

• You will perform all-source research and analysis using Trellix tools and data sets, third-party tools, and open sources.

• You will develop comprehensive written and oral reporting, including peer review and quality assurance.

• You will identify relationships between malicious cyber activity and world events such as geopolitical events, natural disasters, crises, etc.

• You will deliver oral and written threat intelligence reports and presentations to customer teams comprised of representatives of varying organizational levels up to senior executive level (general officers, flag officers, SES/SIS, and C-Suite).

• You maintain current knowledge of the cyber threat landscape, including advanced persistent threats, including motivations, attack vectors, tools, and tactics, techniques, and procedures (TTPs) of attackers.

About You:

• You are self-motivated and passionate about cybersecurity.

• You have a keen interest in tracking threat actors.

• You have a strong understanding of structured analytical techniques, including but not limited to Quality of Information Check, Analysis of Competing Hypotheses, Key Assumptions Check, and Gap Analysis.

• You are a strong critical thinker with the ability to avoid biases.

• You are able to produce clear, complete, and concise reporting in a timely manner with extreme attention to detail.

• You have expertise with cyber threats, attack vectors, detection capabilities, and associated countermeasures.

• You have experience with open-source intelligence collection and associated methods and tools.

• You have experience working with the Security Operations Center to monitor security alerts, respond and remediate detected issues.

• You have a clear understanding of organizational Incident Management processes in relation to threats and vulnerabilities. 

• You have knowledge and experience with XDR/EDR, Endpoint Security tools (AV, whitelisting, etc.) and Threat Hunting. 

• You have a high-level understanding of malware types, malware detection methods, and malware analysis techniques.

• You possess knowledge of MITRE ATTACK and DEFEND frameworks along with Kill Chain methodology and the Diamond Model.

• You have experience with identifying and mitigating cyber threats, including detection and countermeasures strategies and tools.

• You understand technical vulnerabilities and associated risks.

• You have experience with SIEM tools and working with SIEM Analyst. 

• You have experience with event correlation and analysis. 

• You are willing to travel internationally as frequently as every quarter per year. The customer for this position is located at Ramstein Air Base Germany.

Required Qualifications:

• At least 10 years of intelligence gathering, analysis, and reporting experience.

• Bachelor’s degree in information security, cyber discipline, political science or a related analytical field.  

• DoD 8570.01 Information Assurance Technical (IAT) Level II, required (or a willingness to achieve IAT Level II within six months of hiring)

Clearance Requirement:DOD Top Secret clearance with SCI eligibility

Company Benefits and Perks:

We work hard to embrace diversity and inclusion and encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees.

• Retirement Plans
• Medical, Dental and Vision Coverage
• Paid Time Off
• Paid Parental Leave
• Support for Community Involvement

We’re serious about our commitment to diversity which is why we prohibit discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.