Vacancy expired!
CSAA Insurance Group (CSAA IG), a AAA insurer, is one of the top personal lines property and casualty insurance groups in the U.S. Our employees proudly live our core beliefs and fulfill our enduring purpose to help members prevent, prepare for and recover from life's uncertainties, and we're proud of the culture we create together. As we commit to progress over perfection, we recognize that every day is an opportunity to be innovative and adaptable. At CSAA IG, we hire good people for a brighter tomorrow. We are actively hiring for an IT Security Analyst IV! Join us and support CSAA IG in achieving our goals.
Your Role: The CSAA Cyber Defense Services Team is responsible for developing actionable intelligence on advanced cyber threats to our services and our customers. We collect indicators and intelligence from a variety of internal and external sources and use that information to develop an understanding of high-grade actors and their tools, techniques, and procedures. We then bring to bear that understanding to purposefully identify and mitigate malicious activity.Your work:- The Threat Intel Engineer will consolidate comprehensive analytical intelligence information to enhance security operations teams understanding of and response to threats, gaps, and vulnerabilities
- Independent collection, analysis, and production of actionable threat intelligence
- Collecting information and conducting technical analysis to develop intelligence
- Monitor and analyze the cyber threat landscape in order to identify external and emerging cyber threats
- Conduct analysis on threat information to identify current impact and identify potential mitigations
- Maintain awareness of global threat landscape and review sophisticated, technical threat data, enrich it with contextual information and produce in finished intelligence for stakeholder consumption
- Regularly collaborate with its partners across security operations units to respond to incidents and aid in investigation, to improve overall threat detection and response
- Provide situational awareness on the current threat landscape and the techniques, tactics and procedures associated with specific threats
- Periodic on-call responsibilities
- Deep technical experience and familiarity with various techniques of cyber-attacks, MITRE Att&ck framework
- Experience supporting incident response and/or investigations
- Experience reviewing and assessing logs for anomalous activity
- Knowledge and ability to identify threat actor attack methods and track their developments
- Solid experience conveying complex information in simple, succinct explanations
- Support incident response and threat hunting activities to include providing intelligence context, analysis support, industry expertise, and recommendations around remediation and countermeasures
- Evaluate new intelligence sources and make recommendations for improvements and new sources
- Exceptional attention to detail
- Splunk ES (Security)
- Splunk UBA
- Splunk Phantom
- Cloud
- Python coding experience
- Endpoint Protection
- Correlation rule development
- SPL - search processing language
- Understanding of basic network, platform, and authentication technologies such as LDAP and TCPIP
- Able to work with a changing schedule that includes standard or non-standard business hours of work
- Solid grasp and technical expertise in security architecture
- BS degree in Computer Science, MIS, Computer Engineering, or 8+ years equivalent technology experience
- 6+ years of experience with tracking APT groups and other high-grade threats
- 6+ years of experience in system, network, and/or application security
- 6+ years of experience building automation
- 6+ Years demonstrated ability with SQL or other query languages
- Shows respect for differences through good communication skills with people from an array of backgrounds.
- GCIH Certification
- Confidence can sometimes hold us back from applying for a job. But we'll let you in on a secret: there's no such thing as a 'perfect' candidate. CSAA IG is a place where everyone can grow. So, however you identify and whatever background you bring with you, please apply if you meet most of the requirements (not all) and this is a role that would make you excited to come to work every day.
- BELIEVE in a mission focused on building a community of service, rooted in inclusion and belonging.
- COMMIT to being there for our customers and employees.
- CREATE a sense of purpose that serves the greater good through innovation.
Vacancy expired!