Threat Intelligence Analyst

Service Definition:

This position supports the Iowa Department of Management Division of Information Technology DOM DoIT) Security Operations Center (SOC).The purpose of this position is to collect, review and analyze data to produce reports to identify threats to state and local government. Responsibilities include:

• •Develop and maintain priority intelligence requirements.
• •Collect and maintain intelligence data.
• •Analyze threat data and assess threat/risks to state and local government, and other partners.
• •Identify tactics, techniques, and procedures(TTPs) used by threat actor.

•Use and maintain CTI tools and platforms.

The SOC Threat Intelligence Analyst will be responsible for collecting and disseminating CTI. They will compile reports and translate the content into actionable activities for SOC analysts, threat hunters, information technology staff, leadership and other stakeholders. The position will also be responsible for coordinating and communicating CTI with external partners. Demonstrated detailed technical knowledge of threat actor motives, targets, and tactics and how to investigate, mitigate and defend against them.

Candidate Requirements:

• •Strong problem solving and critical thinking skills.
• •Five years’ experience with threat intelligence and analytics techniques.
• •Must be an individual of high integrity and be a model of unwavering integrity to others.
• •Strong understanding of cyber security technologies and strategies, including but not limited to: MITRE ATT&ACK framework, attack surface management, security processes, best-practice logging/monitoring, OSINT and incident response.
• •Demonstrated ability to work effectively with customers to solve business challenges while balancing the need for confidentiality, integrity, and availability.
• •Strong understanding of common and emerging attack vectors, penetration methods and countermeasures.
• •Demonstrated ability to work independently, as part of a team of peers, and also to support and make assignments in multidisciplinary team environment.
• •Takes initiative to develop threat intel products that match the organization’s general and priority intel requirements.
• •Demonstrated ability to solve complex problems,convey both oral and written instruction, and handle multiple task interruptions while providing services in a professional and courteous manner.
• •Excellent communication and presentation skills with the ability to address both technical and non-technical audiences.
• •Capable of documenting and explaining technical details/efforts in a concise, actionable manner
• •Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), GIAC Security Essentials(GSEC), or other information security certification is preferred.