We are seeking individuals with both broad and deep managed security services experience and skills to join our team and help provide in-depth threat intelligence services to RSM clients in a variety of industries and geographic locations. Successful candidates will have solid working knowledge of threat intelligence leading practices, understanding of threat actors, industry threats and attack models, experience conducting and supporting threat intelligence collection and dissemination activities, automation and orchestration trends, as well as experience leveraging this knowledge and expertise to benefit organizations in an operational capacity.
At RSM, threat intelligence analysts work with clients in a variety of industries. They develop strong working relationships with their peers on the threat intelligence team as well as within the broader security operations center (SOC), threat hunting team, and vulnerability intelligence team while learning about our clients businesses and challenges facing their organizations. Working in a mutually respectful team environment helps our analysts perform at their best and integrate their career with their personal life. You will have the opportunity to:
- Disseminate threat intelligence briefs and reports to key stakeholders (both client teams as well as internal RSM teams), and incorporate feedback from key stakeholders as necessary
- Provide technical guidance to SOC and client teams about specific risks and potential controls measures to address and reduce the impact of new and emerging threats
- Identify potential security vulnerabilities or exposures that could pose a risk to clients networks, systems or application
- Communicate technical findings to both technical and non-technical teams
- Develop threat intelligence briefs and reports based on results of investigations
- Perform analytical investigations about specific security events and incidents impacting client infrastructure and data
- Identify and investigate emerging and persistent threats to clients networks, systems and applications
- Monitor and report on real-time security incidents and campaigns across various industries
- Analyze threat data and information from a variety of open and closed sources
- Perform analytical investigations about indicators of compromise (IOCs), threat actors, and campaigns as identified by the SOC
Qualifications for this Associate-level position include:
- Minimum B.A. or B.S. degree or equivalent from an accredited university by the time employment commences or prior relevant military / law enforcement experience
- Computer science, information technology, information systems management, or other similar degrees preferably with a focus on information security
- Conversational-level English
- Strong written and verbal communication skills
- Strong analytical and investigation skills
- 2+ years previous threat intelligence experience
- 2+ years experience with the incident response process
- Must have a naturally curious mindset and approach
- Experience investigating security threats using a variety of tools and techniques
- Knowledge of operating systems including Linux/Unix and Windows
- Basic experience with security incident and event management (SIEM) tools such as Splunk, LogRhythm, Elastic, etc.
- Working knowledge of threat intelligence consumption and management
- Working knowledge of threat intelligence lifecycle
- Working knowledge of a variety of threat actor groups, TTPs and campaigns
- Ability to convert intelligence into actionable mitigation and technical control recommendations
- Knowledge of typical behaviors of both malware and threat actors
- Outstanding time management and multitasking skills with a high level of attention to detail
