Cyber Defense Analyst

• Identify, defend, and mitigate against web application attacks, reconnaissance, network attacks like Windows Active Directory or cloud environments, password attacks, post exploitation attacks (against an attacker already in a traditional network or a cloud environment), drive-by attacks, endpoint attacks and so on.
• Detect use of covert or exploitation tools, evasive techniques (used by threat actors to hide their presence in the network), handling incidents by using industry best practices of skills including but not limited to memory & malware analysis, network investigation, etc.
• Responsible for performing deep dive investigation on information security incidents to contain and remediate appropriately. Use in-depth Forensic and Malware analysis, Reverse Engineering Malware skills for proactive identification of threats to Ford.
  

Responsibilities

Detection and Response:

• Harness AI/ML-powered platforms and solutions to identify, defend against, and mitigate a wide spectrum of attacks, including sophisticated web application attacks, reconnaissance, advanced network intrusions (e.g., Windows Active Directory, cloud environments), credential attacks, post-exploitation techniques, drive-by attacks, and endpoint compromises.
• Manage AI-driven anomaly detection systems to proactively identify the use of covert tools, exploitation techniques, and evasive methods employed by threat actors, ensuring rapid detection of stealthy activities.
• Command and orchestrate defensive AI agents to engage directly against adversarial agents within the network, leading defensive 'swarms' to hunt malicious code, stop attack sequences, and initiate automated system repair at machine speed, far outpacing human capabilities.
• Orchestrate AI agents and automated playbooks to accelerate incident containment and remediation processes, significantly reducing dwell time and minimizing impact.
• Conduct deep-dive investigations on critical security incidents, leveraging AI-assisted forensic analysis, AI-powered malware analysis, and AI-enhanced network investigation tools to understand attack vectors, scope, and impact, ensuring comprehensive containment and remediation.
• Utilize AI/ML for proactive threat identification through advanced malware analysis, reverse engineering, and behavioral profiling, anticipating emerging threats before they materialize.
• Threat Intelligence & Hunting Guidance: Recognizing and proactively identifying AI-enhanced attacker Tools, Tactics, Techniques, and Procedures (TTPs) and Indicators of Compromise (IOCs), especially those related to API exploitation and attacks against LLMs (e.g., OWASP Top 10 for LLMs). Apply these insights to current and future AI-driven investigations and predictive threat hunting operations.
  

AI-Driven Prompt Orchestration:

• Contribute to the development and optimization of AI models for security applications, including threat prediction, anomaly detection, and automated response.
• AI-powered Security Orchestration, Automation, and Response (SOAR) platforms, enabling autonomous detection, investigation, correlation, and response to threats.
• Utilize Prompt Engineering techniques to optimize AI model interactions for security analysis, threat hunting, and incident response, developing prompt libraries for various security AI tools.
  

Qualifications

Industry Certifications:

• ComptiA+
• GCIH (GIAC Certified Incident Handler)
• EC-Council IH (EC-Council Certified Incident Handler)
• GREM (GIAC Reverse Engineering Malware)
• GCFA (GIAC Certified Forensic Analyst)
• Recommended AI/ML Security Certifications Relevant such as SANS, GCP, Azure certifications focused on AI/ML in cybersecurityor other advanced AI/ML security accreditations.
• Automation and Scripting - Python, PowerShell, Shell
  

Basic Qualifications:

• Bachelor’s Degree in Computer Science, Cybersecurity, Data Science, or a related field.
• 3+ Years of Information Technology (IT) experience, with at least 1 year demonstrating practical application of AI/ML concepts in a security context.