Sr. Cyber Threat Intelligence Analyst

Job Locations US-IL-Chicago
Job ID
2022-3848
# of Openings
1
Category
Information Security
Level
Mid Senior Level

Overview

Are you someone who enjoys thriving in an exciting and fast paced environment where innovation, building secure solutions, being part of something bigger, and seeing your results come alive are all rewarded? If so, Blue Cross Blue Shield Association (BCBSA) Information Security may be the right fit for you.

 

Sr. Cyber Threat Intelligence Analyst will be the tactical subject matter expert of the system-wide focused Cyber Threat Intelligence (CTI) function. This is a highly technical role at BCBSA and across the Blues that will be leading in sourcing, curating and distributing relevant and actionable threat intelligence. This role will provide thought leadership, strategy, direction on infrastructure development, engineering and automation to enhance existing and new threat intelligence capabilities. Your core mission will be the demystify the threat landscape and make it easily discoverable for Blue Plans to understand the full operational picture of attacks and the cyber criminals behind them. We use a Actionable Threat Intelligence approach focusing on deep research to help customers know what really matters to them in the endless stream of security news and chatter.


By combining our unparalleled data visibility and collaborating with threat analysts across the Blue system you'll be using a customer driven focus to cut through the noise to reveal the signal and making it easy to understand the actual risk from a threat and how to protect and defend against it.

Responsibilities

Responsibilities include but are not limited to:

  • Assist in the development of discrete CTI services provided to the Blue Plans, including identifying intelligence requirements and assisting defining the service, process and deliverables
  • Respond to Blue plan requests for information, research or assistance
  • Detect and track cyber threat operations and campaigns, authoring intelligence products for a national audience
  • Collaborate on big data technology to produce solutions for threat intelligence services
  • Use the MITRE ATT&CK Framework to create, groom and disseminate threat intelligence and reporting
  • Proactively hunt adversarial threats in complex environments

 

Reporting & Communication

  • Collect and analyze technical indicators related to malicious activity, determining the significance and reliability of incoming information and translating that analysis into actionable intelligence and threat intel products
  • Create professional quality documentation and collateral for both technical and executive audiences
  • Produce curated threat intelligence reports, briefs and communications
  • Provide threat hunting, investigation, best practice guidance to a national team of threat intelligence analysts

 

Continuous Improvement

  • Work to continuously improve a network of intelligence sources, with focus on sources identified as relevant to healthcare
  • Work closely with the rest of the intelligence teams to advance and improve intelligence products and collection processes

Qualifications

Required Basic Qualifications:

  • BS degree in Computer Science, MIS, Computer Engineering or equivalent work experience
  • At least 3 years of cybersecurity experience
  • Advanced knowledge of networking and protocols
  • Experience with SIEM or SOC analyst work using very large data sets
  • Basic threat hunting or incident response experience including forensic artifact examination, particularly with networking artifacts
  • Experience with static and dynamic file analysis
  • Proficient with Linux command line tools
  • Proficient with Windows tools and applications
  • Familiar with threat intelligence, threat analysis including actor attribution, understanding of TTPs and APT groups, threat intelligence reporting and threat intelligence metrics OR Have a background in applying a rigorous investigatory mindset to researching and conducting analysis to threat intelligence (or similar analytically rigorous disciple)
  • Strong communication, presentation and customer service skills
  • 1 year scripting or programming experience in Ruby, Python, Shell/BASH scripting, Java, C/C++, Perl, or other languages
  • Use knowledge, creativity and analytic best practices to obtain solutions to complex problems
  • A successful candidate can prioritize well, communicate clearly, and has a consistent track record of delivery

 

 

Preferred Basic Qualifications:

  • Security related certifications such as OSCP, CISSP, CRTP, GCTI, GIAC, GCIH, GCFA, GCIA, GPEN, GNFA, GCUX, CEH

Equal Opportunity Employer

Blue Cross Blue Shield Association is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, national origin, age, gender identity, disability, veteran status, genetic information or any other legally protected characteristics

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed

Need help finding the right job?

We can recommend jobs specifically for you! Click here to get started.