Cyber Threat Analyst

Description

Cellebrite’s (Nasdaq: CLBT) mission is to enable its customers to protect and save lives, accelerate justice, and preserve privacy in communities around the world. Cellebrite is a global leader in Digital Intelligence solutions for the public and private sectors, empowering organizations to master the complexities of legally sanctioned digital investigations by streamlining intelligence processes. Trusted by thousands of leading agencies and companies globally, Cellebrite’s Digital Intelligence platform and solutions transform how customers collect, review, analyze, and manage investigative digital data in legally sanctioned investigations

We are expanding our Threat Ops team and looking for a Cyber Threat Analyst to join our first line of defense. Our team investigates and responds to security incidents, creates alerting rules, administrates various security products and is responsible for integration and automation security projects.

Responsibilities:

• Monitor and respond to security events, execute response related actions including documentation, manage the event to its fast resolution.
• Continuously monitor SIEM alerts to improve and tune the identification and response rule. Create new rules based on trending cyber-attack methods and business threats strategy.
• Threat Hunting – perform hunting activities
• Vulnerability Management – Generate reports using vulnerability scanning tools and collaborate with stakeholders to ensure progress
• Generate reports for IT administrators, business managers, and security leaders to evaluate the efficiency of the security policies and controls.
•  Advise and implement necessary changes required to counter the attack or improve security standards. This to include automating processes.
• Document incidents to contribute to incident response and disaster recovery plans.
• Perform internal and external security audits.

Requirements:

• Minimum 5 years experience as a Tier 2 Cyber Threat Analyst
• Certifications: Security+ or CEH
• Proven experience with SIEM (Rules, Parsing, Correlation, Investigation) - MUST.
• Proven experience with Playbook implementation (e.g. Palo Alto XSOAR) - MUST.
• Proven experience with Threat Hunting - MUST.
• Familiarity with methodologies, such as Cyber Kill Chain and MITRE ATT&CK. – MUST
• Experienced with multi-cloud platforms (Azure, AWS) – MUST.
• Strong knowledge of the TCP/IP topology, network protocols, active directory, and File permissions.
• Experienced with network and security systems (network device, security device, endpoint devices, EDR, FW, OS- Windows, Linux, Mac) - Advantage
• Experience with writing incident response reports.
• Scripting: Powershell, Python -Advantage
• Excellent communication skills to engage with stakeholders at all levels.
• Team player, very organized and structured, attention to detail
• Must be a US Citizen with the ability to obtain a clearance.
• This is a Remote position, but prefer candidates in the Eastern timezone

Cellebrite is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law.