Threat Intelligence Analyst

Job Title:

Threat Intelligence Analyst

About Trellix:

Trellix, the trusted CISO ally, is redefining the future of cybersecurity and soulful work. Our comprehensive, GenAI-powered platform helps organizations confronted by today’s most advanced threats gain confidence in the protection and resilience of their operations. Along with an extensive partner ecosystem, we accelerate technology innovation through artificial intelligence, automation, and analytics to empower over 53,000 customers with responsibly architected security solutions.
We also recognize the importance of closing the 4-million-person cybersecurity talent gap. We aim to create a home for anyone seeking a meaningful future in cybersecurity and look for candidates across industries to join us in soulful work. More at https://www.trellix.com/.

Role Overview:

Company Overview:
Join an industry leading team performing challenging and soulful work. Trellix is a global company redefining the future of cybersecurity. The company’s open and native extended detection and response (XDR) platform helps organizations confronted by today’s most advanced threats gain confidence in the protection and resilience of their operations. Trellix’ security experts, along with an extensive partner ecosystem, accelerate technology innovation through machine learning and automation to empower over 40,000 business and government customers. More at https://trellix.com.
Trellix’s TIG delivers cyber threat intelligence services to global customers to enable preparation, detection, and response to the wide array of malicious cyber activity that persistently threatens organizations across all industry sectors.
The Threat Intelligence Analyst will collaborate with customers to enhance their cyber threat intelligence capabilities by leveraging the experience, knowledge, tools, and data of the Trellix cyber defense enterprise.
The role is responsible for delivering cyber threat intelligence services, which include knowledge of sophisticated threat actors and associated tactics, techniques, and procedures, along with research, collection, analysis, and reporting of finished intelligence. The role will support customer security operations including planning and risk assessment, vulnerability assessment, 24x7x365 monitoring, and incident response.

About the Role:

The Threat Intelligence Analyst will report to the Director of the TIG.  This is an on-site role at a customer facility in Ottawa, Canada. As a member of the TIG, the Analyst will collaborate with TIG teammates, members of Trellix’ Advanced Research Center, Trellix Professional Services Consultants, and third-party partners.  The analyst will serve as a primary customer interface and will become immersed in customer operations through rapid learning and establishing relationships. This is a resident analyst role supporting a customer in a full-time capacity. Support may be 100% on-site or hybrid.

• You will serve as a cyber threat intelligence subject matter expert and trusted advisor.
• You will integrate with customers’ operations-intelligence cycles to inject cyber threat intelligence.
• You will develop information/intelligence requirements and associated priorities.
• You will identify intelligence gaps and opportunities to improve intelligence sharing and utility.
• You will create tailored strategies for research, data collection, analysis, and reporting focused on customers’ areas of interest.
• You will develop comprehensive responses to customer requests for information/intelligence (RFIs).
• You will perform all-source research and analysis using Trellix tools and data sets, third party tools, and open sources.
• You will develop comprehensive written and oral reporting including peer review and quality assurance.
• You will identify relationships between malicious cyber activity and world events such as geo-political events, natural disasters, crises, etc.
• You will deliver oral and written threat intelligence reports and presentations to customer teams comprised of representatives of varying organizational levels up to senior executive level (general officers, flag officers, SES/SIS, and C-Suite).
• You maintain current knowledge of the cyber threat landscape, including advanced persistent threats; including motivations, attack vectors, tools, and tactics, techniques, and procedures (TTPs) of attackers.

About You:

• You are self-motivated and passionate about cybersecurity.
• You have a keen interest in tracking threat actors.
• You have a strong understanding of structured analytical techniques, including but not limited to Quality of Information Check, Analysis of Competing Hypotheses, Key Assumptions Check, and Gap Analysis.
• You are a strong critical thinker with the ability to avoid biases.
• You are able to produce clear, complete, and concise reporting in a timely manner with extreme attention to detail.
• You have expertise with cyber threats, attack vectors, detection capabilities, and associated countermeasures.
• You have experience with open-source intelligence collection and associated methods and tools.
• You have experience working with Security Operations Center to monitor security alerts, respond and remediate detected issues.
• You have a clear understanding of organizational Incident Management processes in relation to threats and vulnerabilities. 
• You have knowledge and experience with XDR/EDR, Endpoint Security tools (AV, whitelisting, etc.) and Threat Hunting. 
• You have a high-level understanding of malware types, malware detection methods, and malware analysis techniques.
• You possess knowledge of MITRE ATTACK and DEFEND frameworks along with Kill Chain methodology and the Diamond Model.
• You have experience with identifying and mitigating cyber threats, including detection and countermeasures strategies and tools.
• You understand technical vulnerabilities and associated risk.
• You have experience with a SIEM tool and working with SIEM Analyst. 
• You have experience with event correlation and analysis. 
• You are willing to travel.
• Current Canadian Top Secret clearance or the ability to pursue in the future
• At least 10 years of intelligence gathering, analysis, and reporting experience.
• Bachelor’s degree in information security, cyber discipline, political science or a related analytical field. 

Company Benefits and Perks:

We work hard to embrace diversity and inclusion and encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees.

• Retirement Plans
• Medical, Dental and Vision Coverage
• Paid Time Off
• Paid Parental Leave
• Support for Community Involvement

We're serious about our commitment to diversity which is why we prohibit discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.