|Preferred GIAC Certifications||GSEC, GCIH|
|Contact Name||Please apply using link|
Look for more than answers.
At Quest, we are on a continuous journey of discovery and development. It’s this attitude that has made us an industry leader and the #1 Diagnostic Lab in the US. For those joining us, we offer exciting and fast-moving career opportunities where you can affect change at a rate unheard of in many organizations of our size and scope. While we invest in and develop technology to drive our innovations, our ongoing success relies on our people.
As a Senior Threat Analyst you will work for the world leader in the industry, with a career where you will have the opportunity to collaborate and affect change while expanding your leadership skills and technical knowledge. You can make a real impact in a market that is growing and developing.
The Senior Threat Analyst will work from our world headquarters in Secaucus, NJ.
Senior Threat Analyst, the role:
The Senior Threat Analyst provides analytical, technical and investigative expertise across cyber security disciplines.
This professional leads and participates in investigations of cyber incidents, external threats and sensitive insider threats in a complex enterprise environment. The Senior Threat Analyst conducts research and analysis of adversarial threats posed to Quest’s resources to derive facts, inferences, and projections concerning capabilities, intentions, and likelihood of adversarial attacks under various situations.
Collect, analyze, and deliver intelligence products utilizing multiple commercial, government and open-source threat intelligence sources.
Keep track of current and emerging threats. Understand, identify and prioritize potential threats to Quest systems, people and data and suggest measures to prevent and mitigate attacks.
Review external reports, extract actionable intelligence, such as indicators of compromise (IOCs), and assign to relevant IT teams for action.
Leverage a wide range of security technologies, controls and tools during investigations.
Identify, action, process, and search for the presence of Indicators of Compromise (IOCs) across the enterprise.
Conduct analysis of potentially anomalous events, behavioral and technical indicators to detect evidence of Insider Threat activity.
Partner with Global Security, Legal, Compliance, HR and other teams to provide cybersecurity support to misconduct, policy violations, intellectual property theft, sabotage or fraud investigations.
Collaborate and build trust and relationships with cross-functional internal and vendor teams in pursuit of common objectives.
Create, document and follow detailed standard operating procedures and playbooks to appropriately analyze, escalate, and assist in remediation of cybersecurity incidents.
Drive efforts towards the containment of threats and the remediation of the environment during and after a cyber incident.
Upon detection of an incident, determine extent of compromise and impact; promptly recommend containment and mitigation measures.
Conduct technical analysis against impacted systems to determine impact, scope, and recovery from active and potential cyber incidents.
Collect, develop, and report key metrics to evaluate trending, articulate threats, and inform policy decisions.
Present detailed threat briefings to a wide audience of intelligence consumers at varying levels across the Company.
Document findings and prepare detailed reports related to incident response efforts.
Coordinate with the Security Operations Center (SOC) on investigations and integrating intelligence into security operations.
Actively participate in the development, documentation, and implementation of new processes to expand and mature capabilities for the organization.
To qualify, the ideal candidate will have the following skills and experience:
3+ years of IT Security related experience, preferably in areas of Incident Response, Threat Intelligence, Security Engineering, Cyber Threat Intelligence or Malware Analysis.
Experience with Insider Threat Investigations
Exceptional analytic, writing, and critical-thinking skills. Able to convey ideas clearly and unambiguously, explain complex subjects to technical and executive audiences.
Excellent organizational and time management skills.
Ability to take ownership of tasks and works with other teams to see them to completion.
Solid understanding of TCP/IP, Networking protocols, modern Operating Systems, Information Security concepts and controls.
Experience conducting cyber intelligence analysis and/or cyber security investigations in the private sector or government/military/law enforcement.
Demonstrate a high level of discretion, ability to handle confidential information and exercise sound judgment.
Bachelor’s degree or equivalent.
Additional preferred qualifications:
Hands-on experience with Security tools and Technologies, including Security Incident and Event Management platforms (SIEM), Threat Intelligence platform, insider threat monitoring tools, user and entity behavior analysis (UEBA), IDS/IPS, Firewalls, Proxies, Endpoint Security solutions, Malware Sandboxes, etc.
Familiarity with Security concepts including Vulnerability and Patch Management, DLP, Access Control, Cryptography, Web application attacks, etc.
Exposure to Enterprise technologies including VPN, Active Directory, Virtualization Platforms, Cloud Services, Databases and Application Infrastructure.
Formal technical certifications in Networking, Cyber Security or Intelligence analysis fields (GSEC, GCIH, etc.)
Knowledge of current malware landscape, threat actor types, motivations, tools, tactics, techniques and procedures.
Experience with host, network and application log analysis.
Experience leveraging Open Source Intelligence sources during investigations.
Passion for the Information Security field and the desire to continue to learn.