Lead Threat Intelligence Analyst

Job Description

Are you passionate about cybersecurity and eager to make a difference? As a Lead Threat Intelligence Analyst, you will play a crucial role in tracking the activities of threat actors. You will independently monitor multiple groups and lead vital operational activities when necessary. This position offers the exciting opportunity to work with large and complex datasets while developing innovative solutions to enhance your analysis capabilities. Your expertise in researching and investigating current and emerging threats will be essential as you adapt to a dynamic environment.

Key Responsibilities

• Lead thorough investigations through in-depth analysis and collection efforts of suspected adversary campaigns to deliver actionable intelligence and create effective remediation strategies.
• Provide detailed attribution analysis to identify threat actors and inform proactive defense strategies.
• Manage cross-company and executive communications, translating intricate technical matters for non-technical audiences.
• Facilitate post-incident reviews to extract vital lessons, document emerging threat intelligence, and drive resolution actions with affected teams.
• Stay informed on emerging threats, vulnerabilities, security technologies, and global geopolitical issues to evaluate their potential impact on our defenses.
• Manage and maintain threat intelligence platforms and other CTI-related tools to enrich data and optimize workflows.
• Collaborate with partner Cloud security teams during all stages of the incident response lifecycle to integrate intelligence findings into resolution and mitigation efforts.
• Build strategic relationships with key members of the Threat Intelligence community to enhance information access and strengthen trust networks.
• Develop and refine intelligence processes to ensure the timely and accurate delivery of strategic, operational, and tactical intelligence.
• Elevate analytic quality and reporting standards by providing critical peer review and strategic feedback to fellow investigators.
• Manage a high volume of time-sensitive intelligence requests from internal and external sources by prioritizing and delivering accurate information promptly.
• Deliver comprehensive intelligence analysis and assessments through written reports, demonstrating expertise to enable informed decision-making.

Preferred Qualifications

• 6-10+ years of experience in analytical and operational threat intelligence focused on advanced persistent threats (APTs).
• Track record of investigative experience monitoring distinct APT groups and their methodologies.
• Expertise in areas such as national security, defense, intelligence, or relevant language proficiency for threat analysis.
• Knowledge of cloud services encompassing storage, computing, and networking.
• In-depth understanding of various operating systems including Windows, UNIX/Linux, and macOS, alongside the associated threat landscapes.
• Proficient in conducting open-source intelligence (OSINT) research across diverse topics.
• Strong verbal, written, and interpersonal communication skills, with the ability to convey complex technical information effectively to diverse audiences.
• Experience in Incident Response, Security Operations Center (SOC), and/or Digital Forensics Analysis is preferred.
• Desirable experience with malware analysis.
• Solid understanding of common attack types, vectors, and mitigations.
• Proficient in using structured queries for data extraction and developing detection signatures (i.e., YARA, Snort, Suricata, Bro/Zeek).
• Bachelor or Master of Science degree in Computer Science, Computer Engineering, Information Systems, Cybersecurity, or equivalent experience.
• Experience on a globally distributed security team is a plus.
• Active TS/SCI security clearance.

Disclaimer:

Certain US customer or client-facing roles may require compliance with applicable requirements, including immunization and occupational health mandates.

This position offers a comprehensive benefits package including medical, dental, vision insurance, 401(k) savings plan, paid time off, and more.

The role will generally accept applications for at least three calendar days from the posting date or as long as the job remains posted.

About Us

As a leader in cloud solutions, Oracle leverages advanced technology to address modern challenges. We boast partnerships with industry leaders and emphasize integrity and inclusivity in the workplace. Join us to thrive in a supportive environment where innovation and work-life balance take center stage.