Analyze threat campaigns, author customer-specific threat reports, and publish research results around specific verticals or geographies. Collaborate with technical and threat intelligence analysts to provide indications and warnings, and contributes to predictive analysis of malicious activity.
Perform threat campaign analysis, analyze data and Intel and make that information meaningful for stakeholders. As part of the Cyber Threat Intelligence team you will be focused on proactive controls, understanding and communicating risk.
Develop analytical hypotheses based on your background; prove (or disprove) those hypotheses through research; communicate that information to stakeholders both verbally and in writing.
Create and continuously improve standard operating procedures used by the threat intelligence team.
Create, manage, and dispatch Intelligence reports, monitor external event sources for security intelligence and actionable incidents. Document investigation results, ensuring relevant details are passed to senior analysts and stakeholders.
Report and disseminate information to our important to our stakeholders on threats that may affect our environment, such as emerging malware, security developments and insightful summaries of current events.
Sift through internal and open source data to find threat information and use it to provide value to Humana. Maintain a list of current events, threats, and other information that stakeholders should be aware of.
Provide accurate and priority driven analysis on cyber activity/threats, and present complex technical topics to senior managers and stakeholders.
Recommend implementation of counter-measures or mitigating controls
Collaborate with technical and threat intelligence analysts to provide indications and warnings, and contributes to predictive analysis of malicious activity.
Establish and maintain excellent working relationships/partnerships with the cyber security and infrastructure support teams throughout the Information Technology organization, as well as business units
Work within the corporate’s environment to help develop and refine threat intelligence and incident response processes and operations, including defining roles and responsibilities.
Delivery of appropriate threat intelligence products and services.
Collection and coordination of information along with articulating the threat and what actions to take to various audiences.
Ensuring that pertinent information is disseminated in accordance with TLP classification and handling protocols, to the sector through the appropriate dissemination mechanisms.
Work with relevant stakeholders to help develop and oversee the creation of a security operations center (SOC) and SOC team.
Establish and maintain a collaborative and active relationship with the corporate’s Threat Intelligence Committee (TIC) and meeting the collective needs of the membership and industry.
Providing regular key performance indicators (KPIs) to leadership to reflect the effectiveness of corporate’s operations, products and services.
Ability to create trend and correlation analysis and scenario forecasting at both the tactical and strategic level along with providing input and recommendations based on findings to leadership
Coordinate with other departments on exercises, programs, and workshops, as needed.
Experience integrating Cyber Security technologies with existing technologies
Understanding of cyber threat issues such as computer intrusions, malicious code, cyber terrorism, threat finance, money laundering / fraud / eCrime, and other criminal activity.
Experience assessing technical intelligence collection and analytic products, including behavioral analysis and reverse engineering outputs from Incident Response or automated sandbox testing.
Experience working in threat intelligence sharing or related discipline in an international setting and/or understanding of geopolitical environment and impacts on the cyber threat landscape.
Understanding of risk management, risk assessment, and risk communication functions.
Ability to demonstrate comprehensive, practical knowledge of research and analytical methods.
Working knowledge of the healthcare community.
Familiarity with cyber security programs and supporting organizations, including law enforcement agencies, and associations and ISACs/critical infrastructure
(remote virtual home office eligible)
Scheduled Weekly Hours