Cyber security Intel & Detection Analyst - 2021 - 016

at Ashland, LLC in wilmington, Delaware, United States

Job Description

Ashland LLC

Are you the kind of person that is always thinking, sketching, seeking, and adjusting? Who needs to understand how things work and then figure out how they can work better? Are you a passionate, tenacious, solver who loves to work with others who share your drive? Are you positive, constructive, and ingenious?

Are you always solving?

Then wed like to meet you and bet youd like to meet us.

Ashland has an exciting opportunity for an early career Cyber Security Intel & Detection Analyst to join our Cyber Security team. This position is directly mentored by the threat intelligence leader and will have visibility into all areas of cyber security detection and response.

This highly technical role will be responsible for supporting the continuous development of an advanced intel and detection feedback loop. Responsibilities will include, but are not limited to, the following:

  • Root cause analysis and threat hunting investigations.
  • Automating analysis routines and data correlations for a SOAR-like platform.
  • Promoting initiatives that support and advance toolsets and capabilities.
  • Forensic analysis, Malware analysis, and Network analysis.
  • Documenting and reporting discoveries and results to the rest of the IDR/CSIRT team.
  • Part-time triage of custom, heavily correlated and analysis rich alerts.
  • Detection development.
  • Integrate open-source, custom developed, and commercial products.
  • Help support existing intel, detection, and response systems and tools.
  • Research based and observation driven Threat Hunting.
  • Threat research, enrichment, classification, and documentation.

In order to be qualified for this role, you must possess the following:

  • A self-driven desire to learn independently and appease a naturally occurring curiosity.
  • Possess an action-oriented attitude toward achieving desired ends.
  • Knowledge of cybersecurity and privacy principles, cyber threats, and vulnerabilities.
  • Familiarity with the Kill Chain as an analytical framework.
  • Ability to work both independently (without direction) and within a group for day-to-day activities.
  • Basic understanding of distributed architectures.
  • Experience developing with Python.
  • Experience working with development tools, especially GIT.
  • Proficient knowledge of the Linux based systems and shells, especially Bash.
  • Knowledge of concepts used in IaaS cloud platforms (AWS, GCP, Azure).
  • Demonstrated competency performing analysis of and correlation with structured and unstructured data.
  • Working knowledge of SIEM/SOAR and data lake/log aggregation tools, such as, Splunk.
  • Knowledge of Yara and experience writing Yara rules.

The following are preferred by the business unit:

  • Bachelor's degree or above in a computer related field.
  • One or more years of working experience on an enterprise scale IDR/CSIRT team.
  • Linux certifications.
  • Cyber Security certifications.

Please click the link below to view the rest of the job on our career site.

Equal Opportunity Employer–minorities/females/veterans/individuals with disabilities/sexual orientation/gender identity

Copy Link

Job Posting: 860386

Posted On: Oct 20, 2021

Updated On: Nov 19, 2021