Cyber Threat Intelligence Analyst (Remote)
FireEye is the leader in intelligence-led security-as-a-service. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 7,000 customers across 67 countries, including more than 45 percent of the Forbes Global 2000.
FireEye is seeking a Cyber Threat Intelligence Analyst to join our International Incident Intelligence team. The Cyber Threat Intelligence Analyst will be responsible for providing intelligence analysis in order to identify threats, quantify vulnerabilities, and reduce risk to the client. The Analyst will interface directly with customers to field technical and threat intelligence questions, providing timely, actionable, clear, and concise intelligence.
The ideal candidate will possess a background in Information Security and the intelligence process, ideally gained in a global corporation. The Cyber Threat Intelligence will apply analytical rigor to all work while remaining open to non-traditional information or conclusions. The analyst will have excellent writing and presentation skills and be able to defend their analytical conclusions in logical and persuasive terms.
- Provide cogent cyber threat intelligence analysis to enterprise clients and various internal teams in written and oral form
- Create custom analytic products based on conclusions and judgments derived from FireEye's Mandiant Intelligence sources and independent research
- Provide timely support for clients' incident response, hunting, threat intelligence teams by collecting relevant intelligence and/or performing unique research and providing analysis
- Perform technical analysis on malicious or suspicious artifacts (malicious executables and documents, packet captures, etc.)
- Work closely with the other FireEye Mandiant Intelligence teams to update and improve intelligence products and collection processes
- Track customer requests from start to finish and engage with customers directly as required
- Provide some level of off-hours support for customer requests on a rotating basis
- 5 + years' experience in Information Security, gained in a hands-on technical or intelligence role
- Strong communication skills with a brisk writing style; able to build a compelling and effective narrative.
- Ability to work in fast-paced environment, to triage and to work within a small, highly-technical group while providing explanations to non-technical people
- Ability to work as part of a distributed virtual analysis team with limited supervision
- History of participation in industry or technology information sharing groups, formal or informal
- Ability to dynamically analyze malicious code and related threats
- Understanding of how operating systems work and the ways malware interacts with them
- Understanding of common network traffic protocols and familiarity with common network traffic analysis techniques
- Past exposure to a variety of malware families used by Espionage or Criminal campaigns, such as PlugX, Poison Ivy, Vawtrak, etc.
- Proficiency with Threat Intelligence Platforms and analyst software tools e.g. ThreatConnect, BAE systems, i2 Analyst Notebook, Maltego
- Significant experience with the following concepts and related tool sets:
- Network sniffers
- Process analysis tools
- Registry analysis tools
- File analysis tools
- Memory analysis tools
- Experience working in a large enterprise environment
- Ability to perform dynamic and static analysis
- Additional language fluency beyond English
- Experience with scripting or programming languages, notably VB, C++, Perl or Python
- Undergraduate degree in cyber security, computer science, intelligence studies, criminal justice, journalism, or equivalent experience
- Preferred certifications: GIAC Reverse Engineering Malware (GREM), GIAC Certified Incident Handler (GCIH) or GIAC Certified Forensics Analyst (GCFA)
Australia is the preferred location for this opening, but qualified candidates within the Asia Pacific and Japan region will also be considered.
At FireEye we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability. Requests for accommodation due to disability can be sent directly to [email protected].
FindTheBestJob is a free service and does not charge a fee at any stage of application or recruitment process. Don’t provide your bank account or credit card details to anyone during job application. FindTheBestJob does not guarantee the availability of a job since organizations may end applications earlier than due date.