Humana Senior Cyber Threat/Vulnerability Analyst (virtual remote home office eligible) in Billings, Montana
This position is within the EIP Cyber Threat Intelligence (CTI) Operational Team. Senior Cyber Intelligence Analyst focus on understanding and conducting in depth analysis on adversarial capabilities, infrastructure, and TTPs; leveraging that understanding to conduct more targeted and prioritized cybersecurity operations by delivering timely and actionable intelligence to Humana stakeholders. The Senior Cyber Intelligence Analyst should be an independent, critical thinker skilled in the intelligence process and able to satisfy intelligence requirements under tight deadlines. This position requires the analysis of adversaries intent and capabilities to determine the impact and severity to the environment. The Senior Cyber Intelligence Analyst will work on moderate to high complexity assignments where analysis requires an in-depth evaluation of variable factors.
The Senior Cyber Intelligence Analyst will be part of the Cyber Threat Intelligence Operational Team. Senior Cyber Intelligence Analyst deliver timely and actionable intelligence and influences department strategy based on the relevant threats. Senior Cyber Intelligence Analyst will provide decision making support and work on moderate to highly complex assignments requiring technical expertise. These are the essential job functions:
Essential Job Functions :
Generate tailored and actionable products based on analyzed threat campaigns, external and internal events and incidents.
Collaborate with technical and threat intelligence analysts to provide indications and warnings, and contribute to predictive analysis of malicious activity.
Develop analytical hypotheses, prove (or disprove) those hypotheses through research; communicate that information to stakeholders both verbally and in writing.
Review and analyze internal, open source, and dark web datasets to find threat information and use it to provide value to Humana.
Apply knowledge of current cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks.
Provide accurate and priority driven analysis on cyber activity/threats, and present complex operational/technical topics to senior managers and stakeholders.
Establish and maintain excellent working relationships/partnerships with the cyber security and infrastructure support teams throughout the organization, as well as different business segments.
Produce intelligence products at the Strategic, Operational, and Tactical level for audiences with diverse technological backgrounds.
Conduct detailed technical analysis supported by industry accepted threat intelligence analytical frameworks, tools, and standards.
Create and evaluate trend/correlation analysis for scenario forecasting at both the tactical and operational level.
Develop and refine cyber-threat intelligence collection and analysis processes.
Provide expertise and recommend relevant remediation and countermeasures during incident response efforts.
Provide security risk mitigation methods and compensating controls to help drive remediation efforts for the business.
Collect and analyze artifacts including malicious executables, scripts, documents, and packet captures.
Generate presentations that illustrate research through visualizations, charts, graphs, infographics, and evidence capture for senior leadership.
Provide input for the development of objectives, key results, and program metrics.
Exhibit strong critical thinking and problem solving skills with sound judgement.
Maintain or develop professional contacts in the various communities in support of operations.
Required: Bachelor's degree in IT, Computer Science, Intelligence or equivalent
5+ years of cybersecurity, threat intelligence or IT experience; 2+ years of experience in operational or tactical cyber threat analysis; experience can include one or more of the following cyber-security functions: Cyber Threat Intelligence, Threat Hunting, System Administration, Intrusion Detection/Prevention, Monitoring, Incident Response, Digital Forensics, Vulnerability Management
Holds certifications such as CISSP, GCTI, GREM, OSCP or similar training and certification.
Prior experience as a technical cyber threat intelligence (or related) subject matter expert that has worked across organizational boundaries to analyze cyber threats to their organizations infrastructure and services.
Knowledge of advanced cyber threats, threat vectors, attacker methodology to include, tools, tactics, and procedures and how they tie into the Cyber Kill Chain or ATT&CK framework, Diamond Model etc.
Experience in malware detection and analysis using static and dynamic malware analysis methods.
Knowledge of cloud services and their attack surface.
Knowledge of how malicious code operates and how technical vulnerabilities are exploited.
Experience with premium threat intelligence tooling and/or open source intelligence techniques.
Experienced in developing network and host based signatures to identify specific malware.
Experience with disseminating information in accordance with TLP classification and handling protocols, to the sector through the appropriate mechanisms.
Experience with developing tools to enhance cyber-threat intelligence capabilities.
Healthcare or Financial industry experience
Scheduled Weekly Hours