Cyber Threat Intelligence Analyst
Amazon Web Services
The Amazon Web Services Threat Intel Group is responsible for developing actionable intelligence on cyber threats to our services and our customers. We collect indicators and intelligence from a variety of internal and external sources and use that information to develop an understanding of actors and their tools, techniques, and procedures.
The successful candidate will be required to analyze indicators to generate actionable intelligence and insight into current threats. He or she will help enhance our capabilities by formulating new analytic techniques and helping drive the supporting capabilities. A deep understanding of current actors and TTPs as well as performing question driven analysis is required. Candidates should have a solid understanding of network and host based indicators and how to best leverage them. An appreciation for operating systems internals will be an asset.
Key responsibilities include:
· Perform deep dive analysis of malicious artifacts
· Analyze large and unstructured data sets to identify trends and anomalies indicative of malicious activities
· Create security techniques and automation for internal use that enable the team to operate at high speed and broad scale.
· Provide situational awareness on the current threat landscape and the techniques, tactics and procedures associated with specific threats.
· Pursue actionable intelligence on current threats as they relate to AWS
· Periodic on-call responsibilities
· BS degree in Computer Science, MIS, Computer Engineering, or 5+ years equivalent technology experience.
· 5 years of experience analyzing threat intelligence to make it actionable or responding to targeted attacks.
· Strong written skills able to generate finished intelligence reports for stakeholders.
· Strong knowledge of current threat actors and TTPs.
· MS degree in Computer Science, MIS, Computer Engineering, or 8+ years’ equivalent technology experience.
· Excellent written and oral communication skills.
· Experience developing techniques to identify and track threat actors.
· Experience with AWS Services to include log analysis and development of automation.