Security Threat Architect
8 - 10 years experience • Software
Position: Security Threat Architect,
Location: Irving TX,
Duration: Full Time,
· Experience understanding and interpreting Threat intelligence from various external sources including validation of related IOCs in customer environment
· Working understanding of Common Vulnerability Scoring System (CVSS) and their application to cyber analysis; knowledge of cyber intelligence lifecycle
· Good understanding securitythreat modeling
· Knowledge of and familiarity with enterprise information systems (web servers, databases, file sharing, etc.); experience with Perl, Python, or otherscriptinglanguages
· Understanding of common network services (web, mail, DNS, FTP, etc.), network vulnerabilities, and network attack patterns
· Should have good conceptual understanding of Windows, Linux operating systems & Networking – TCP/IP Protocol Suite, Application architecture
· Possess knowledge and experience in Threat Ecosystem, remediating Malware, Rootkits and Botnets
· Strong analytical and problem solving skills
· Strong communication (verbal and written) and interpersonal skills
Good-to-Have:- Certifications preferred - CISSP, GCIH, GCFA, CHFI, CEH, SEC+ , Executive briefing & reporting skills with attention to detail.
Responsibility of / Expectations from the Role:-
· Collect, assess and analyze intelligence reports from multiple sources and disciplines; monitor open source, mailing lists, social media, and otherchannels to report findings through various alerts
· Determine the applicability of security vulnerabilities based on customer architecture and/or inventory and assess the severity of the vulnerability for customer environments.
· Synthesize and place intelligence information into context; communicate the nature, impact and mitigations for applicable security vulnerabilities - draw insights about the possible implications through threat modeling
· Understand overall threatlandscape; knowledge of different operational threats and vulnerabilities, tactics, techniques, and procedures (TTPs) practiced by threat actors - hacktivist, criminal, and nation-state actors
· Engage with stakeholders to identify intelligence requirements; participate in customer and partner-facing meetings and projects -- execute tasks or lead small projects as needed.
· Monitor and gather intelligence on cyber vulnerabilities and threats ; review threat and vulnerability data – contextualize intelligence for customer environment
· Conduct proactive threat and compromise analysis by reviewing reports to understand threatcampaign(s) techniques, lateral movements and extract indicators of compromise (IOCs).
· Monitor, evaluate, and assist with the maintenance of assigned security systems in accordance with industry best practices to safe guard internal information systems and databases
Maintain an expert understanding of vulnerabilities, response, and mitigation strategies.