Information Security Analyst
We’re looking for builders. People that like to get their hands dirty creating something from scratch. We don’t actually know how many security startups our team members have helped launch, but it’s a lot. RSA, ArcSight, VeriSign, Imperva, Riptech, Solera and Cloudmark are a few you might recognize. We’ve led change initiatives for multinationals. We’ve reinvented whole technologies. And now we’re reinventing security, around Intelligence. Somebody has to — because security-as-usual isn’t working. Join us.
Description:An experienced opportunity for an information security analyst familiar with analyzing massive amounts of data and applying mathematical, statistical, and other analytical tools in combination with a deep understanding of the discipline of information security in order to provide context for stakeholders and the community at large. The individual filling this will be reviewing our data looking for malicious actors, generating reports on such activity for consumption by staff, our customers, third parties, and the information security community as a whole. Such reporting will be technical in nature, digestible by C-level executives (such as Chief Information Security Officers (CISOs)), as well as technical information security and information technology practitioners. In addition, this role will provide recommendations and suggestions to enhance Norse’s powerful live attack and advanced threat intelligence capabilities.
- Monitor, evaluating and interpreting: vulnerabilities/CVEs, mitigation measures and compensating controls, vulnerability assessments, system/device/IDS/IPS logs, threat analysis, malware, open and closed source reporting.
- Understanding and in-depth knowledge regarding the administration, use, securing and exploiting common operating systems.
- Understanding and in-depth knowledge regarding the administration, use, securing and exploiting common consumer and enterprise devices.
- Thorough understanding of computer networking, routing and protocols.
- Understanding of information security architecture; mitigations of threats and compensating controls.
- Demonstrated experience and proven methods for performing information security incident management lifecycle, to include response and mitigations.
- Experience with application of open- and closed-source information resources within the industry.
- Demonstrated excellent communications skills, both oral and written, for working with a diverse, professional clientele with varying skill levels and technical experience/competency. Ability to interact with customers and staff in person and via written communications. Ability to research highly technical topics, pull together various sources into one concise technical document and put the research into process and procedural documentation and explain technical details clearly and concisely.
- Willingness and desire to learn. Possess and nurture a hacker mentality, being able to visualize issues and possible solutions ‘outside the box.’ Must be a punctual, professional and devoted member of our team; with the ability to safeguard sensitive, restricted and other information deemed to have special handling and dissemination protocols.
- High level of ethics and core values.
- Start-Up Experience.
- Demonstrated experience and proven methods for performing analysis and interpretation of information from Security Operations Center (SOC) and/or Computer Security Incident Response Team (CSIRT) systems.
- Understanding of digital forensics procedures and tools, malware analysis and reverse engineering
- Fundamental understanding of statistics, mathematics and its application to the science of data analysis.
- Certifications are great, if you have the practical experience to back them up. Having or aspiring to obtain SANS certifications such as GIAC Certified Incident Handler (GCIH) and/or GCIA: GIAC Certified Intrusion Analyst would be looked upon favorably. More importantly is being able to articulate and demonstrate skills, with the ability to obtain certification.
Educational / Certifications and Other Requirements:
- Bachelor’s degree, a combination of experience and/or Associates degree, or an equivalent combination of education and work experience. Degree must be from an accredited institution, prefer degree be in a technical discipline or majority of coursework in Information Security or Information Technology.
- Minimum of five (5) years of Information Technology and/or Information Security experience. Minimum of 3+ (three plus) years of related experience in the field of Information Security, to include monitoring and detection, intrusion analysis, threat and/or vulnerability analysis
We offer a competitive salary and benefits. This is a full-time, exempt position reporting to the director of DarkWolf Labs. The responsibilities and duties described here are intended to provide typical examples of the role and are not comprehensive.
The Norse Intelligence Network, a globally-distributed “distant early warning” grid of millions of sensors, honeypots, crawlers, and agents, delivers unmatched visibility into difficult-to-penetrate geographies and darknets, where bad actors operate.
Norse processes hundreds of terabytes daily against a 7 petabyte attack history database, and weighs over 1,500 variables to compute real-time risk scores for millions of IP addresses and URLs every day.
Network Security, Internet Security, Threat Intelligence, Live Attack Intelligence
Company Type: Privately Held
Company Size: 51 - 200