Security Analyst (H-ISAC)

H-ISAC Security Operations Center (Titusville, FL)

The Perch Security Operations Center (SOC) is looking for talented flockers to add to our team of security analysts. At Perch Security we marry quality threat intelligence with innovative detection techniques to provide our customers with actionable information to respond to the latest threats.

We are looking for a fledgling flocker to roost with our Partner, the Health Information Sharing & Analysis Center (H-ISAC). The SOC Analyst’s nest is located in Titusville, Florida (minutes from Cape Canaveral’s launch facility). In the H-ISAC SOC, you will have the opportunity to put your skills to the test and hunt down evil-doers exposing their malicious activity while working alongside industry and subject matter experts to learn and develop your skills.

About H-ISAC

The H-ISAC is a trusted community of critical infrastructure owners and operators within the Health Care and Public Health sector. The community is focused on sharing timely, actionable and relevant information including threat intelligence, incidents and vulnerabilities that can include indicators ofcompromise (IOCs), tactics, techniques and procedures (TTPs) of threat actors, best practices, mitigation strategies and other valuable material. H-ISAC fosters the building of relationships and networking through a number of conferences, workshops and educational events to facilitate trust.

H-ISAC’s mission is to enable and preserve the public trust by advancing cyber and physical security protection and resilience of the global health sector. H-ISAC works with international CERTS, other ISACs, governments, law enforcement, vendors and associations such as HIMSS, MDISS, EHNAC and CHIME.

A day in the life

  • Work with a security team that has a wide range of talents to research and respond to customers alerts
  • Develop and deliver cyber and physical threat intelligence products for H-ISAC members and subscribers, including strategic and tactical reportsspecific to the healthcare sector. Tactical reports include threat, event and incident driven reports.
  • Develop and deliver other regular reporting, including Daily Cyber Headline, Weekly Threat Update, Monthly Threat Briefing and Annual Threat Landscape.

  • Provide Cyber and Physical Threat Intelligence and Geopolitical Intelligence and analysis to H-ISAC members

  • Stay up-to-date and evaluate security trends, evolving threats, risks and vulnerabilities and apply tools to evaluate the risk in the context of the healthcare sector to mitigate risk

  • Support H-ISAC member activities during incident response including malware outbreaks, zero-day vulnerabilities and other major security events

  • Synthesize and analyze H-ISAC member sharing data, relevant commercial and open source feeds to provide trending analysis and a regular annual report

  • Collaborate with H-ISAC teams to deliver informative content to H-ISACmembers, cross sector entities and public sector partners

  • Help H-ISAC staff provide training and support analyst exchange eventsat the H-ISAC SOC

  • Occasional need to work varied shifts, including weekends and holidaysin support of incidents or other events

  • Incorporate the latest indicators of compromise from private and publicsources into threat - hunting (thrunting) exercises across H-ISACs ever expanding membership base

  • Perform Threat Intelligence research on campaigns and threat actors

  • Monitor systems and processes and recommend improvements

  • Develop use cases and supporting content for security tools (e.g., dashboards, alerts, reports, rules)

A perfect match

  • Bachelor’s degree or equivalent experience in Information Systems, Computer Science, or a related discipline
  • 1 year working in Information Security Technology or Cyber Threat Intelligence or related discipline or equivalent work experience
  • Highly motivated team player, eager to learn new skills; take on expanded roles and expanded responsibility
  • Knowledgeable in threat intelligence practices, terms and functions
  • Experience in malware and network traffic analysis
  • Experience and knowledge around network topology
  • Knowledge of network protocols (IP, TCP, UDP, HTTP, DNS, SMTP, TLS, etc)
  • Scripting/Programming in a popular language (Python, Bash, etc)
  • Experience with SOC ticketing systems and SOC processes
  • Experience with different operating systems (Linux, Windows) and endpoint security solutions

  • Experience developing and maintaining policies, procedures, standardsand guidelines

  • Understanding ofrisk management, risk assessment, and risk communication functions.

  • Proven analytical and problem-solving skills

  • Ability to communicate technical issues to technical and non-technical audiences.

  • Ability to balance multiple demands and lead a team to develop solutions in a fast-paced environment.

  • Customer service-oriented self-starter with an outgoing personality

Above and beyond

  • Previous experience as a Cyber Analyst, preferably in Incident Response/Security Operations
  • Excellent interpersonal and organizational skills
  • Excellent oral and written communication skills
  • A desire to learn, research and mentor other team members
  • Experience with intelligence analytics tools (IBM/i2’s Analyst Notebook,Paterva/Maltego, MITRE CRITs, for example)
  • Working knowledge of Microsoft Office products with focus in Excel, Access, and Visio; SharePoint