McKesson is hiring a Senior Cyber Threat Intelligence Analyst
Position Description/Responsibilities
- Ability to manage short and long-term intel priorities and internal customer relationships.
- Identify gaps in business process, technology, and threats to elevate specific Risks.
- Write clear, succinct, and audience-specific reports and presentations to convey analytic insight from publicly available information (PAI) and commercially available intelligence (CAI).
- Respond to requests for information by investigating threats in PAI and CAI, and developing further context in investigative tools (e.g. virus total, silent push, spy cloud, etc.)
- Leverage threat intelligence platform data collection and triage to deliver value via ticket, alert, or dashboard for insight into an IOC, TTP rule, actor behavior, campaign, or trend.
- Enable detection with proactive investigative threat hunting leads and directly support incident response with real-time context during investigations.
- Develop and refine playbooks, workflow, and process mapping ensuring proper escalation and handoffs within the CTI and Information Security Risk Management organization.
Critical Requirements
Demonstrated interpersonal, organizational, and communication skills with both technical and non-technical stakeholders.
Analytic skills—qualitative and quantitative; creative and curious problem-solving skills.
Experience delivering engineering requirements for features, tools, or data improvements.
Knowledge working with data, scripting, normalizing, and automating inputs and outputs (e.g. excel macros, python scripts/notebooks, API integration, SIEM dashboards, BI tools)
Knowledge of tracking actors across the eCrime, nation state, and fraud domains.
Experience driving intel innovation forward, from manual (google), semi-automated (RSS), to automated processing (TIP), dissemination (SOAR), and analytics (e.g. SEIM or business intel)
Knowledge of frameworks and how to leverage them to prioritize TTP gaps, actor tracking, and intrusion analysis among others (e.g. MITRE ATT&CK, Diamond Model, Cyber Kill Chain)
Following Qualifications would be advantageous:
5+ years of professional experience in CTI, incident response, threat hunting, or security engineering or detection roles.
Bachelor's degree in computer science, Information Security, Security Engineering, Management Information Systems, Risk Management.
The ideal candidate should possess experience in two or more of the following areas, including: Intel analysis, security research, host and network security, pentesting/offensive security, and security automation. Certifications in or courses like the below are competitive:
FOR578: Cyber Threat Intelligence Training
FOR610: Reverse Engineering Malware Training
SEC503: Network Monitoring and Threat Detection In-Depth
SEC560: Enterprise Penetration Testing Course
SEC573: Automating Information Security with Python
OffSec Certified Professional (OSCP) certification
#J-18808-Ljbffr