Lead Threat Intelligence Analyst - Full-time / Part-time

Position Purpose:

The Home Depot is seeking a Lead Threat Intelligence Analyst to join its Threat Detection and Response Center in Atlanta, Georgia. The position is responsible for the collection and analysis of multiple open source and subscription data points to create intelligence that focuses on strategic adversarial activities  The position also focuses on collecting, cataloging and analyzing IOC data points as well as tools, techniques and procedures used by adversaries. The threat intelligence produced by this group is used by many different areas within the organization as well as various partners within the retail community. Day to day activities for this group include IOC review, intelligence analysis, report creation and briefings to internal and external partners to include VP level staff.

Major Tasks, Responsibilities & Key Accountabilities:
Develop internal processes and standards for threat intelligence workflow
Drive the normalization, correlation, and integration of internal and subscription threat intelligence source
Produce actionable intelligence in the form of reports, notifications, alerts, and briefings
Support production of signatures and IOC sets based on internal and externally sourced data and information
Drive research innovation and continuous coverage of malicious activity in underground and deep-web forums Support development of custom intelligence research tools
Lead research into intelligence analysis, including analytic tradecraft, and demonstrate critical thinking skills
Translate complex information sets into concise labels to assist incident response efficacy
Present new research to at conferences and at meetings as desired
Develop mitigation and countermeasure strategies from collected threat intelligence

Nature and Scope: 
Typically reports to Manager, Information Technology 
Responsible for helping others and providing on-the-job training or guidance

Environmental Job Requirements: 
Located in a comfortable indoor area. Any unpleasant conditions would be infrequent and not objectionable. 
Typically requires overnight travel less than 10% of the time.

Minimum Qualifications: 
Must be eighteen years of age or older. 
Must pass the Drug Test. 
Must successfully complete any required training or orientation courses.

Education Required: 
The knowledge, skills and abilities typically acquired through the completion of a high school diplomas and/or GED. 

Years of Relevant Work Experience Required: 5

Physical Job Requirements: 
Most of the time is spent sitting in a comfortable position and there is frequent opportunity to move about. On rare occasions there may be a need to move or lift light articles.

Additional Qualifications

Minium of 5 years’ experience working in a Security Operation Center environment

A solid understanding of Linux/Windows system security settings

Comfortable securing Linux/Windows clients and servers

 A solid understanding of Linux/Windows internals such as:

-File permissions

-System and network logging

-System authentication

-The kernel

Experience performing system technical assessments

2+ years of experience performing security test against Linux/Windows systems.

Experience using penetration testing tools such as Nmap, Metasploit, Burp Suite Pro, Wireshark, Aircrack-ng suite, etc.

A firm understanding of PCI-DSS

Excellent written and verbal communication skills

The ability to work both independently and as part of a team

Preferred Qualifications:

Experience with the following platforms:
-Maltego
-CRITs
-Cuckoo
-Github

An understanding of threat actors specially targeting retailers  
Experience with python and powershell is a plus

Knowledge, Skills, & Competencies

A minimum of 5 years’ experience in security information analysis to include an understanding of threat sources and countermeasures
Experience drafting reports, conducting presentations, and verbally articulating technical topics
Able to work independently and as part of a team
Excellent written and verbal skills
A curious and open minded, question driven disposition
Ability to partner and communicate effectively with IT and business leadership 
Knowledge of relevant threat analysis methods