Security Operations – Cyber Threat Analyst

POSITION SUMMARY
Zoetis is seeking a motivated and talented individual to join our team as a Cyber Threat Analyst. This vital position involves delving into the analysis and mitigation of advanced cyber threats as well as initiating threat hunting campaigns. Your role will be central in examining logs, alerts, and emerging threats. Familiarity with tools like Splunk, Palo Alto Firewalls, EDR solutions, and especially Active Directory will be beneficial, as they are key in identifying and addressing new cyber threats.
Your knowledge and interest in cybersecurity will play a significant role in continuously improving our security stance. You will identify weaknesses in our defenses and incorporate the latest threat intelligence feeds into our security strategy. The ideal candidate should have a solid understanding of various threat vectors and the ability to quickly adapt to and counter new cyber threats.
This role is perfect for someone who is always on alert, possesses strong investigative skills, and can design and execute innovative threat detection and mitigation strategies. We are seeking a proactive leader, someone eager to stay ahead of emerging threats and capable of guiding our organization in protecting our digital assets from sophisticated cyber-attacks.

POSITION RESPONSIBILITIES
Conduct thorough investigations into potential cyber threats. Utilize available tools and resources to uncover and address hidden or emerging threats within our network.
Conduct detailed reviews of logs, alerts, and processes within security tools such as SIEM, Firewalls, and EDR solutions. Identify gaps in current security coverage and recommend improvements.
Develop and manage threat hunting campaigns that leverage Active Directory components and authentication mechanisms, understanding the critical role of these elements in the organization's security posture.
Collaborate with different teams within the organization to understand unique security challenges and integrate this knowledge into threat hunting activities.
Continuously monitor for and investigate suspicious activities and anomalies, using advanced analytical techniques and knowledge of the latest cyber threats.
Document findings and develop comprehensive reports detailing the results of threat hunting activities, including recommendations for enhancing the organization's security posture.
Stay updated with the latest cybersecurity trends, attack vectors, and defensive tactics. Regularly incorporate this knowledge into ongoing threat hunting campaigns.
Participate in incident response activities as needed, providing expertise in analyzing threat actors' behaviors and methodologies.

ORGANIZATIONAL RELATIONSHIPS
• Information Security
• Identity & Access Management
• Infrastructure and Applications
• End Users

RESOURCES MANAGED  
Financial Accountability
Indicate the Average Budget or Revenue accountability, as applicable.

Supervision
Indicate the typical number of Colleagues managed.  Include direct & indirect reports, matrix responsibility and or additional resources (i.e. contingent workers), as applicable.

EDUCATION AND EXPERIENCE
Education:
Required – bachelor’s degree in cyber security / computer science / information systems / or science related field
• Preferred Certifications –
o Splunk Core Certified User or Power User
o GIAC Certified Incident Handler (GCIH)
o CrowdStrike Falcon Administrator or Falcon Hunter
o Microsoft Certified: Identity and Access Administrator Associate
o Certified Information Systems Security Professional (CISSP)
• Desired – master’s degree in cyber security / computer science / information systems / or science related field, SANS or similar certifications/projects.
Experience:
• 2+ years of direct hands-on experience in cybersecurity, specifically in threat hunting and incident analysis.
• 2+ years of experience in using and mastering cybersecurity tools such as Splunk, Palo Alto Firewalls, EDR solutions (e.g., CrowdStrike), and Active Directory.
• Solid understanding and practical application of advanced threat vectors, exploits, and countermeasures.
• In-depth knowledge of attack vectors, exploits, and countermeasures, with experience in frameworks like MITRE ATT&CK, NIST, and CIS.
• Extensive experience in analyzing and interpreting complex datasets and logs to identify patterns of malicious activity, potential breaches, or security weaknesses.
• Ability to keep abreast of the latest cybersecurity trends and attack methodologies, and to continuously integrate this knowledge into ongoing security practices and threat hunting campaigns.
• Experience with large-scale IT projects, understanding the interplay of various roles/teams for project success.

TECHNICAL SKILLS REQUIREMENTS
• Highly developed communication and interpersonal skills with the ability to influence through personal credibility, integrity, and professionalism.
• Advanced Analytics & machine learning.
• Strong proficiency in project management.
• Excellent written and oral communication skills.
• Relentless dedication to customer satisfaction/excellence.
• Strategic thinking and analytical skills.
• Ability to multitask and work in fast paced environment.
• Ability to foster collaborative decision making.
• Capable of working both independently and as a team member.
• Fluency in English (written and spoken) is a must.

Any unsolicited resumes sent to Zoetis from a third party, such as an Agency recruiter, including unsolicited resumes sent to a Zoetis mailing address, fax machine or email address, directly to Zoetis employees, or to Zoetis resume database will be considered Zoetis property. Zoetis will NOT pay a fee for any placement resulting from the receipt of an unsolicited resume.

Zoetis will consider any candidate for whom an Agency has submitted an unsolicited resume to have been referred by the Agency free of any charges or fees. This includes any Agency that is an approved/engaged vendor but does not have the appropriate approvals to be engaged on a search.