Anexperienced opportunity for an informationsecurity analyst familiar with analyzing massive amounts of data andapplying mathematical, statistical, andother analytical tools in combination with a deep understanding of the discipline of informationsecurity in order to provide context for stakeholders and the community at large. The individual filling this will be reviewing our data looking for malicious actors, generatingreports on such activity for consumption by staff, our customers, third parties, and the informationsecurity community as a whole. Suchreporting will be technical in nature, digestible by C-level executives (such as Chief InformationSecurity Officers (CISOs)), as well as technical informationsecurity andinformation technology practitioners. In addition, this role will provide recommendations and suggestions to enhance Norse’s powerful live attack and advancedthreatintelligence capabilities.
- Monitor, evaluating and interpreting: vulnerabilities/CVEs, mitigation measures and compensating controls, vulnerability assessments, system/device/IDS/IPS logs, threat analysis, malware, open and closed source reporting.
- Understanding and in-depth knowledge regarding the administration, use, securing and exploiting common operating systems.
- Understanding and in-depth knowledge regarding the administration, use, securing and exploiting common consumer and enterprise devices.
- Thorough understanding of computer networking, routing and protocols.
- Understanding of information securityarchitecture; mitigations of threats and compensating controls.
- Demonstrated experience and proven methods for performing information securityincident management lifecycle, to include response and mitigations.
- Experience with application of open- and closed-source information resources within the industry.
- Demonstrated excellent communications skills, both oral and written, for working with a diverse, professional clientele with varying skill levels and technical experience/competency. Ability to interact with customers and staff in person and via written communications. Ability to research highly technical topics, pull together various sources into one concise technical document and put the research into process and procedural documentation and explain technical details clearly and concisely.
- Willingness and desire to learn. Possess and nurture a hacker mentality, being able to visualize issues and possible solutions ‘outside the box.’ Must be a punctual, professional and devoted member of our team; with the ability to safeguard sensitive, restricted and other information deemed to have special handling and dissemination protocols.
- High level of ethics and core values.
Educational / Certifications and Other Requirements:
- Bachelor’s degree, a combination of experience and/or Associates degree, or an equivalent combination of education and work experience. Degree must be from an accredited institution, prefer degree be in a technical discipline or majority of coursework in Information Security or Information Technology.
- Minimum of five (5) years of Information Technology and/or Information Securityexperience. Minimum of 3+ (three plus) years of related experience in the field of Information Security, to include monitoring and detection, intrusion analysis, threat and/or vulnerability analysis
We offer a competitive salary and benefits. This is a full-time, exempt position reporting to the director of DarkWolf Labs. The responsibilities and duties described here are intended to provide typical examples of the role and are not comprehensive.