Job Title: Governance InfoSec Threat Intelligence Analyst, Specialist IV
Location: 2 Metrotech Center, Brooklyn, NY
Duration: 12+ months
Work hours: 7hrs/day
Required Skills:
· Minimum of 14 years’ experience (at least 5 years in senior roles) providing specialized knowledge of system requirements and programming specifications.
· Training or advanced degrees in analysis or cyber threat intelligence.
· Experience serving in production-oriented roles with an intelligence vendor serving large organizations with a variety of internal and external stakeholders.
· Strong understanding of cybersecurity and risk management concepts.
· Proficient with Threat intelligence collection and tools.
Preferred skills/experience:
· Excellent verbal and written communication skills.
· Previous experience briefing both technical and executive audiences.
· Experience tracking and monitoring changes in geo-political events, malware, phishing campaigns, actor TTPs, etc.
· Previous experience vetting intelligence partners and data sources.
· Experience capturing and actioning strategic intelligence requirements across a large organization.
· In-depth knowledge of the cyber threat landscape and how to apply attacker motivation, capability and intent to an organizational threat landscape.
· Experience performing security assessments and detecting forensic artifacts on host and network-based systems.
· Strong knowledge of how malware functions and how vulnerabilities are exploited - ability to apply necessary courses of action.
SCOPE OF SERVICES: Governance InfoSec Threat Intelligence Analyst, Specialist IV The Governance InfoSec Threat Intelligence Analyst role provides DoITT stakeholders with real-time reporting on cyber developments and events that may impact DoITT, its employees, supported Agencies, or the City of New York, or may have wider reverberations across the cyber threat landscape. The role requires liaising between teams (e.g., Vulnerability Management) and high-level decision-makers (e.g., DoITT's Deputy CISO) to ensure that action is being taken in response to developments reported by government sources, open sources, and intelligence vendors. Ensuring that such stakeholders are well-informed requires a familiarity with all aspects of the cyber threat landscape (including vulnerabilities, malware, phishing, fraud, nation-state actors, destructive and hacktivist actors, and insider threats, among others) as well as knowledge of Cyber Threat Intelligence (CTI) analysis, production, and communication standards. While many CTI analysts and IT professionals have experience in one of the aforementioned areas, this role requires experience in surveying, triaging, and assessing developments across the entire landscape in order to communicate their importance to stakeholders across the organization. Monitoring, validating, and presenting relevant information from a range of sources also requires experience navigating the open-source and intel vendor ecosystem, as well as the judgment to decide what requires attention from individual teams, high-level decision-makers, or Monitoring, validating, and presenting relevant information from a range of sources also requires experience navigating the open-source and intel vendor ecosystem, as well as the judgment to decide what requires attention from individual teams, high-level decision-makers, or wider audiences. Both writing and communication skills, as well as a familiarity with technical concepts, are required to translate often highly technical industry reporting into actionable information accessible to a non-technical audience. Additionally, this role frequently requires producing specialized reports and risk assessments in response to time-sensitive requests for information that span a wide range of topics, requiring a high degree of analytical and research skills.