Threat Hunt Analyst – 1387158
Cisco Talos Intelligence Group
Who You Are
Are you interested in digging through an endless supply of data to find malicious actors and improve security products in Cisco’s portfolio?
Join the Talos Threat Hunting team where you will review hunt tickets, evaluate current hunts, generate new hunts, and research new threats. If you want to be able to protect millions from malware, fraud, phishing attacks, and future threats: this is your opportunity.
What You’ll Do – Role and Responsibilities
Hunt across telemetry generated by security products throughout the Cisco portfolio
Research and identify attack patterns
Develop attack detection & response playbooks, counter-measure definition and strategies to mitigate emerging threats
Conduct cyber threat modeling to improve threat detection & mitigation
Collaborate virtually with engineers, managers, & intelligence operations
Understand the “how,” “when,” “where,” & “why” of the incident threat
Investigate threat hunt tickets, document findings, & advise customers with remediation recommendations
Provide timely, comprehensive, & accurate information in both written and verbal communications
Collaborate with User Experience (UX) designers to recommend enhancements to the threat hunting platform
Collaborate with the team members to ensure threat hunting workflows are up to date for our operations
Always keep customer’s security posture in mind, seek to improve the customer experience
Typically, Bachelors + 7 years related experience or Masters + 4 years related experience or equivalent experience
4+ years of SOC Analyst experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
Experience in using data mining, analytic and visualization tools against large data sets
Experience with MITRE ATT&CK framework.
Ability to understand end-to-end threat landscape of all sectors.
Skills to analyze attack vectors against a particular system to determine attack surface.
Ability to produce contextual attack models applied to a scenario.
Knowledge of security controls, how they can be monitored, and thwarted
Knowledge on vulnerability detection and response from Threat Hunting point of view.
Knowledge and experience in analysis of various threat actor groups, attack patterns and tactics, techniques, and procedures (TTPs), deep analysis of threats across the enterprise by combining security rules, content, policy and relevant datasets
Strong critical thinking skills, consistent attention to detail, & ability to meet deadlines amidst competing priorities
At Cisco, each person brings their unique talents to work as a team and make a difference. Yes, our technology changes the way the world works, lives, plays, and learns, but our edge comes from our people. Our People Are The Heart of Cisco.
Cisco is proud to be an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis.
We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.
We see inclusion and diversity as essential to fueling the power of connection. Learn about inclusion and collaboration in action at Cisco. Diversity, Inclusion and Collaboration at Cisco.
Benefits and Perks
We strive to keep our teams happy and healthy. Many roles have the option to be Remote or Hybrid. Cisco provides competitive pay, excellent medical, dental and vision coverage, 401(k) match, 20 days of paid time off plus holidays, support for parents and paid time to volunteer. View the benefits overview. Benefits and Perks – Cisco.
Join us! #WeAreCisco
Cisco Covid-19 Vaccination Requirements
The health and safety of Cisco’s employees, customers, and partners is a top priority. Our goal is to protect and mitigate the spread of COVID-19 infection for strong business resiliency during the pandemic. Therefore, Cisco may require new hires to be fully vaccinated against COVID-19 if the role requires business-related travel, meeting with customers/partners (including visiting third-party sites on behalf of Cisco), attending trade events, and Cisco office entry, unless otherwise prohibited by applicable law, and in countries where COVID-19 vaccination is legally required. The company will consider legally required accommodations/exceptions for medical, religious, and other reasons as per the requirements of the role and in accordance with applicable law. Additional information will be provided to candidates about the requirements and accommodation process at the offer time based on region.