Cyber Threat Intelligence Analyst

Massachusetts - Boston
Quality & Security & Compliance – 824-G&A Security Ops /
Full-Time /
Remote
Apply for this job
The Role

This position is responsible for discovering, analyzing, and vetting relevant cyber threat information to produce detection and defensive mechanisms for the SOC. Additionally, the CTI Analyst will author reports to Senior Leadership and other stakeholders to maintain excellent company situational awareness of emerging threats relevant to Veeva. A repository of IOCs will be maintained to correlate attack patterns to further predict and defend against adversary personas.

What You'll Do

    • Leverage a Collection Management Framework (CMF) that organizes all threat intelligence feeds, both internal and external, by indicators and data that can be ascertained as well as the methods in how data is collected
    • Report on potential areas of compromise and areas of concern through information provided by threat intelligence sources
    • Apply the indicator lifecycle (revealed, matured, utilized) to validate incoming indicators and determine relevance to Veeva
    • Detect patterns of ongoing intrusion and intrusion attempts across Veeva and the industry to predict future IOCs and suggest implementations
    • Utilize current CTI tools to detect/report on trends to drive decisions influencing defensive operations
    • Report meaningful and actionable metrics related to adversarial behavior to drive prioritized defensive actions
    • Support incident responders with relevant IOCs and historical data during ongoing investigations
    • Author intelligence reports that address specific intelligence requirements and RFIs from across the company

Requirements

    • Good understanding of the Kill Chain and Diamond models, and means to merge them
    • Good familiarity with some OSINT and proprietary CTI tools, examples as: DomainTools, MISP, YARA, ISAC/ISAO feeds, CyberChef, DataSploit, FireHOL, Maltego, Shodan, ThreatQuotient, Recorded Future Anomali, etc.
    • Good familiarity of modern threats, top delivery vectors, and methods of exploitation
    • Experience in organizing, processing, analyzing, and vetting indicators using sorting/processing tools to maintain a current, relevant threat database
    • Experience in leveraging existing threat intelligence to augment investigations during incident response
    • 2+ years of experience in a cyber threat intelligence-related field, or 3+ years of experience in a cybersecurity operations field

Nice to Have

    • Threat Intelligence or Intrusion Detection-related certification, such as GCTI, GOSI, CTIA, GCDA, GCIA, CCTIA, CTIP, CPTIA, CRTIA, etc.
    • Experience in enriching data of the four atomic indicators (domains, strings, IP addresses, accounts) to deliver additional context to incident responders
    • Solid background in cloud security principles
    • Experience in creating and maintaining a prioritized list of critical assets and understanding the top threats against them

Perks & Benefits

    • Medical, dental, vision, and basic life insurance
    • Flexible PTO and company paid holidays
    • Retirement programs
    • 1% charitable giving program

Compensation

    • Base pay: $75,000 - $145,000
    • The salary range listed here has been provided to comply with local regulations and represents a potential base salary range for this role. Please note that actual salaries may vary within the range above or below, depending on experience and location. We look at compensation for each individual and base our offer on your unique qualifications, experience, and expected contributions. This position may also be eligible for other types of compensation in addition to base salary, such as variable bonus and/or stock bonus.
#LI-RemoteUS
Apply for this job

Veeva Systems Home Page

Jobs powered by Lever logo