Cyber Threat Intelligence Analyst/Engineer

Youngsoft, Inc. ( is a global software solutions IT company, delivering digital enterprise business betterment since 1996. Through collaborative engagement and discovery with our clients and vendors, we co-create industry specialized digital products, applications software, process, programs, and project outcomes. Headquartered in metro-Detroit, we leverage "pods" of Subject Matter Experts, Business Analysts, Solutions Architects, Software Engineers, and Project Managers, fused with HyperCare through our Global Support Centers. Through inclusivity, we share a singular vision to deliver world-class measurable upside results to our customers. It takes a village come join ours!

Job Summary

Works to defend the company from current and future cyber threats. Makes recommendations, leads projects, monitors and responds to emerging threats and performs complex tasks related to area of technical responsibility. May mentor and coach less experienced team members and other Cyber Security Operations Center (CSOC) employees.

Essential Duties & Responsibilities

• Processes both internal and external Cyber Threat Intel for determination of potential threat and impact, hunting to determine potential scope and recommendations of mitigating actions to defend ITC's enterprise; this includes reports from law enforcement, security researchers, industry leaders, peer entities and governmental agencies
• Conducts pivoting analysis on Threat Intelligence to identify current impact or proactively process mitigations for defense through security technologies and proactive mitigations including zero-day patching identification, anomalous behavior and recommendations of remediation action
• Identifies gaps in intelligence gathering strategy and leads changes in covering identified gaps
• Develops, creates and drives current and new reporting methods of Intelligence analysis to peers and leadership teams for purposes of situational awareness and making Intelligence actionable
• Operates, manages and leverages technology tools, such as SIEM, Vulnerability Identification, Security Gateway Appliances (Firewall, IPS, etc.) and other network defense tools, developing countermeasures such as custom signatures, firewall rules, etc. to mitigate highly dynamic threats to the enterprise using the latest threat information obtained from multiple sources
• Conducts trending and correlation of cyber intelligence for the purposes of attribution and establish strategic counter measures to increase ITC's defenses, including customized signatures, in-house identified indicators of compromise and behaviors associated with targeted behavior, with support from the threat
• Creates and maintains project work plans and budgets; schedules and manages work activities and projects to achieve on time and in budget implementation of best-in-class solutions that meet organization and corporate goals.
• Writes intelligence and technical articles for knowledge sharing; leads strategic projects and develops capabilities to enhance existing cyber Intelligence functions
• Continually monitors current threat climate and emerging threats and identifies, monitors and tracks activities of threat actors and groups; has an established professional presence in the industry and maintains business relationships with key technical dependent industries and organizations to support the application of technology to specific business areas
• Participate in computer security incident responses relevant to business (or enterprise wide), represent your respective position to the business while conveying their needs to the incident response team.
• Constructs and exploits open source and classified threat intelligence to detect, respond and defeat advanced persistent threats (APTs); fully analyzes network and host activity in successful and unsuccessful intrusions by advanced attackers
• Conducts advanced threat hunt operations using known adversary tactics, techniques and procedures as well as indicators of attack in order to detect adversaries with persistent access to the enterprise
• Correlates data from intrusion detection and prevention systems with data from other sources such as firewall, web server and DNS logs
• Notifies leadership team of significant changes in the security threats against ITC networks in a timely manner
• Coordinates with appropriate organizations within ITC regarding possible security incidents and works with other affected areas to determine the risk of a given event
• May mentor and coach less experienced team members and other Cyber Security Operations Center (CSOC) employees

Requirements

• Bachelor's degree in Computer Science or related technical area with a minimum of five (5) years of experience in Network Security or Information Technology, or relevant, equivalent experience and/or education.
• Previous experience with computer network penetration testing and techniques; firewall administration; SIEM Operations, Tuning, Correlation; computer evidence seizure; computer forensic analysis and data recovery; computer intrusion analysis and incident response; intrusion detection and prevention systems; computer network surveillance/monitoring; network protocols & devices
• Previous experience with various operating systems (Windows, Linux, Mac, iOS android); familiarity with security architecture standards and security framework standards (NIST, COBIT, etc.)
• Strong analytical and problem-solving skills
• Progressively responsible experience in cyber security analysis, incident response, or related experience
• Previous experience as Threat Researcher and/or Intelligence Analyst preferred
• Research experience in tracking cyber threat and malware campaign activity preferred
• Ability to create, modify and implement both Snort and YARA signatures preferred
• Prior experience in network forensics with an emphasis on detecting malicious activity using network traffic
• Visual Reporting / Dashboard Creation in tools such as Crystal Reports
• Strong analytical and problem-solving skills; well-developed organization and planning skills
• Good interpersonal, organizational, writing, communications and briefing skills
• Written and verbal communication and advocacy skills consistent with the ability to present results of projects and research to all levels of the business unit
• Ability to influence and build relationships to foster a positive work environment and elicit support for acceptance of new technology across the enterprise
• Flexibility and ability to work with shifting priorities; embrace new/evolving responsibilities.

Please respond with your updated resume, contact information