Humana Cyber Intelligence Threat Analyst (virtual remote home office eligible) in Springfield, Missouri
The Cyber Intelligence Threat Analyst (TVM Engineer 2) ensures that threats and vulnerabilities to the organization's business systems and applications (both in-house and cloud-based) are minimized. The Cyber Intelligence Threat Analyst will focus on collections based on established requirements, enrichment, and analysis of phishing, malware, and exploitable vulnerabilities. The candidate should have strong computer, language skills, and analytical abilities. The analyst will work on assignments that are varied and frequently require interpretation and independent determination of the appropriate courses of action.
The Cyber Intelligence Threat Analyst will work within the Operational and Tactical Intelligence team in EIP's Cyber Threat Intelligence Department. The position includes understanding department, segment, and organizational strategy and operating objectives, including their linkages to related areas. Makes decisions regarding own work methods, occasionally in ambiguous situations, and requires minimal direction and receives guidance where needed. Follows established guidelines/procedures. Essential Job Functions include:
Review and analyze open source datasets to find threat information and use it to provide value to Humana.
Create and deliver technical alerts and vulnerability notifications.
Gather and record key indicators and information about threat infrastructure and campaigns.
Collect intelligence based on established requirements and fully analyze based on operational procedures.
Collect and exploit intelligence from others to support organizational goals.
Prepare assessments and cyber threat profiles of current events based on collection, research and analysis of open source information.
Provide intelligence support during incident response and forensic security investigations.
Process and enrich information to ensure timely, actionable, high confidence IOC's are ingested and shared with key stakeholders.
Conduct detailed technical analysis supported by industry accepted threat intelligence analytical frameworks, tools, and standards.
Work with peers to develop and test technology integrations used for automation and enrichment.
Apply technical knowledge of security architectures, tools and controls to proactively detect, mitigate, and resolve advanced cyberattacks and/or threats.
Develop and maintain threat profiles that can be used in preparation of red team exercises.
Apply knowledge of current cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks.
Maintain or develop professional contacts in the various communities in support of operations.
Required: Bachelor's degree in IT, Computer Science, Intelligence or equivalent
3+ years of cybersecurity, threat intelligence or IT experience; experience can include one or more of the following cyber-security functions: Cyber Threat Intelligence, Threat Hunting, System Administration, Intrusion Detection/Prevention, Monitoring, Incident Response, Digital Forensics, Vulnerability Management
Holds certifications such as CEH, CASP+, GCED or similar training and certification.
Prior experience as a technical subject matter expert that has worked across organizational boundaries to analyze threats to their organizations infrastructure and services.
Knowledge of advanced cyber threats, threat vectors, attacker methodology to include, tools, tactics, and procedures and how they tie into the Cyber Kill Chain or ATT&CK framework, Diamond Model etc.
Experience in malware detection and analysis using static and dynamic malware analysis methods.
Knowledge of cloud services and their attack surface.
Knowledge of how malicious code operates and how technical vulnerabilities are exploited.
Experience with premium threat intelligence tooling and/or open source intelligence techniques.
Experience with disseminating information in accordance with TLP classification and handling protocols, to the sector through the appropriate mechanisms.
Experience with developing tools to enhance cyber-threat intelligence capabilities.
Subject matter expertise in the detection, analysis and mitigation of malware
Collection and analysis of artifacts including malicious executables, scripts, documents, and packet captures.
Healthcare or Financial industry experience
Scheduled Weekly Hours