UPS Sr. Cyber Intelligence Analyst in Louisville, Kentucky
Sr. Cyber Intelligence Analyst
We’re the obstacle overcomers, the problem get-arounders. From figuring it out to getting it done…our innovative culture demands “yes and how!” We are UPS. We are the United Problem Solvers.
About Information Security at UPS Technology:
Our top-notch Information Security team quickly finds and responds to real time threats. These critical-thinkers have a hunger to keep ahead of new exploits and security trends. As a part of UPS InfoSec, you’ll continue to uphold our reputation for integrity in this growing and ever-changing field.
About this role:
The Sr. Cyber Intelligence Analyst engages in the identification, tracking, monitoring, containment and mitigation of information security threats. He/She performs quality assurance functions to validate existing methods of research are successful in identifying and documenting security incidents. This position defines procedures for analysis and makes adjustments as technologies and methodologies advance.
The Sr. Cyber Intelligence Analyst:
Assesses, prioritizes and takes action on requests that improve existing Security Operation Center (SOC) tools and procedures
Partners with management to coordinate security incident response efforts to communicate information, drive resource actions and decisions, provide recommendations, and ensure resolution
Evaluates and analyzes complex malicious code through the use of tools including disassemblers, debuggers, hex editors, un-packers, virtual machines and network sniffers
Conducts reverse-engineering for known and suspected malware files
Investigates instances of malicious code to determine attack vector and payload, and to determine the extent of damage and data exfiltration
Performs research in the area of malicious software, vulnerabilities, and exploitation tactics, and recommend preventative or defensive actions
Produces reports detailing attributes and functionality of malware, and indicators that can be used for malware identification/detection, to include behavior, identified infrastructure used for command and control, and mitigation techniques
Analyses the relationship between a given sample of malware and other known samples/families of malware, and notable features that indicate the origin or sophistication of the malware and its authors
The Candidate must have:
2 to 3 years' experience as Security Operations Center (SOC) Analyst including Incident Response and Handling roles
Experience in Malware Reverse Engineering and Sandboxing
Experience with IBM QRadar
Significant experience with Linux, TCP/IP, UNIX, MS-Windows, IP Routing, Firewalls and IPS
Understanding of behavioral based threat models, including ATT&CK, Cyber Kill Chain, Diamond Model, etc.
A deep understanding of advanced cyber threats targeting enterprises, along with the tools, tactics, and procedures used by those threats
Demonstrated experience using Open Source (OllyDbg, Radare, GDB, etc.) malware analysis tools
Ability to analyze shellcode, and packed and obfuscated code, and their associated algorithms
Ability to develop network and host based signatures to identify specific malware. Recommend heuristic or anomaly based detection methods
Subject matter expertise in the detection, analysis and mitigation of malware
Minimum Qualifications :
Experience with Information Security Research, Malware Reverse Engineering, Cyber Threat Analysis, Windows Operating System and Data Analysis
Knowledge of Research skills, Technical Writing, Information Security Research, Security Incident Response, Security Risk Assessment/Analysis
- Bachelor's degree in Computer Science or equivalent.
This position offers an exceptional opportunity to work for a Fortune 50 industry leader. If you are selected, you will join our dynamic technology team in making a difference to our business and customers. Do you think you have what it takes? Prove it! At UPS, ambition knows no time zone.
UPS is an equal opportunity employer. UPS does not discriminate on the basis of race/color/religion/sex/national origin/veteran/disability/age/sexual orientation/gender identity or any other characteristic protected by law
Company: UNITED PARCEL SERVICE
Category: Information Technology, Engineering, Technology, Professional
Requisition Number: 227094