Principal Cyber Threat Analyst

Other Locations:

• Getzville, NY, US
• Rancho Cordova, CA, US
• Saint Louis, MO, US
• Tampa, FL, US

• Lead day-to-day hunt execution and serve as an escalation point for complex technical issues
• Perform hunt planning by utilizing advanced analysis of adversary tactics, exploits, malicious code, and capabilities
• Identify gaps or vulnerabilities in security systems, network devices, and controls to validate effectiveness and configuring of security devices and tools; assign appropriate SLAs to drive system compliance and remediation efforts
• Use hunt execution strategies to identify, analyze, correlate, mitigate, track, and develop content for tools and processes related to indicators of comprise
• Identify anomalous activity and potential insider threats by analyzing external and internal log sources to identify attack trends and threat tactics; create strategic threat intelligence reports and briefings
• Collect and analyze post exploit data and leverage the results to prevent recurrences
• Assist with execution of monitoring, incident response, and threat hunting efforts
• Develop new threat hunting capabilities, identify requirements and collaborate with IT Security and traditional IT teams
• Conduct system and network threat analysis to identify weaknesses and propose remediation, fine tune security tools and system hardening guidelines
• Conduct active defense of the network in support of incident response / crisis management and breach response activities
• Lead insider threat monitoring and investigation in coordination with Physical Security, Human Resources, and CSIRT team
• Train Cyber Threat Analysts in the process and technical skills needed for threat hunting
• Responsible for leading execution of daily enterprise threat hunting activities, supporting incident response activities and maturing the threat hunting program.
• Conduct detailed technical analysis of internal and external cyber threat intelligence to proactively hunt for indicators of compromise, identify system weaknesses, and propose technical fixes.
• Provide tactical expertise during the execution of high and critical severity crisis management engagements to actively defend the network. Build and execute new threat hunting capabilities to support Centene’s strategic direction in cloud migration and M&A activities.

• Bachelor’s degree in Computer Science, Cyber Security, Information Systems, or related or equivalent experience.
• 7+ years of experience in Cyber Security, Forensics or Cloud Security.
• Experience in health care / insurance industry and data analysis experience preferred