Sr Cyber Intelligence Analyst-Remote

Before you apply to a job, select your language preference from the options available at the top right of this page.

Explore your next opportunity at a Fortune Global 500 organization. Envision innovative possibilities, experience our rewarding culture, and work with talented teams that help you become better every day. We know what it takes to lead UPS into tomorrow—people with a unique combination of skill + passion. If you have the qualities and drive to lead yourself or teams, there are roles ready to cultivate your skills and take you to the next level.

Job Description:

Job Summary
This position engages in the identification, tracking, monitoring, containment and mitigation of information security threats. He/She performs quality assurance functions to validate that existing methods of research are successful in identifying and documenting security incidents. This position defines procedures for analysis and makes adjustments as technologies and methodologies advance.

Responsibilities:

• Assesses, prioritizes and takes action on requests that improve existing Security Operation Center (SOC) tools and procedures.
• Partners with management to coordinate security incident response efforts to communicate information, drive resource actions and decisions, provide recommendations, and ensure resolution.
• Evaluates and analyzes complex malicious code through the use of tools including disassemblers, debuggers, hex editors, un-packers, virtual machines and network sniffers.
• Conducts reverse-engineering for known and suspected malware files.
• Investigates instances of malicious code to determine attack vector and payload, and to determine the extent of damage and data exfiltration.
• Performs research in the area of malicious software, vulnerabilities, and exploitation tactics, and recommend preventative or defensive actions.
• Produces reports detailing attributes and functionality of malware, and indicators that can be used for malware identification/detection, to include behavior, identified infrastructure used for command and control, and mitigation techniques.
• Analyses the relationship between a given sample of malware and other known samples/families of malware, and notable features that indicate the origin or sophistication of the malware and its authors.

Qualifications:

• 2-3 years' experience as Security Operations Center (SOC) Analyst including Incident Response and Handling roles
• Experience in Malware Reverse Engineering and Sandboxing
• Experience with IBM QRadar
• Significant experience with Linux, TCP/IP, UNIX, MS-Windows, IP Routing, Firewalls and IPS
• Understanding of behavioral based threat models, including ATT&CK, Cyber Kill Chain, Diamond Model, etc.
• Deep understanding of advanced cyber threats targeting enterprises, along with the tools, tactics, and procedures used by those threats
• Demonstrated experience using Open Source (OllyDbg, Radare, GDB, etc.) malware analysis tools
• Ability to analyze shellcode, and packed and obfuscated code, and their associated algorithms
• Ability to develop network and host based signatures to identify specific malware. Recommend heuristic or anomaly based detection methods
• Subject matter expertise in the detection, analysis and mitigation of malware
• Experience with Information Security Research, Malware Reverse Engineering, Cyber Threat Analysis, Windows Operating System and Data Analysis
• Knowledge of Research skills, Technical Writing, Information Security Research, Security Incident Response, Security Risk Assessment/Analysis
• Bachelor’s Degree or International equivalent - Preferred

INTERNALS

Pay Grade: 20H

Employee Type:
 

UPS is committed to providing a workplace free of discrimination, harassment, and retaliation.