Secureworks (NASDAQ: SCWX) is a global cybersecurity leader that secures human progress with Secureworks® Taegis™, a SaaS-based, open XDR platform built on 20+ years of real-world threat intelligence and research, improving customers’ ability to detect advanced threats, streamline and collaborate on investigations, and automate the right actions.
We enjoy competitive compensation and benefits packages, and reward and recognize our employees for exceptional results. A constant focus on continued learning and growth keeps our team members engaged and excited about “what’s next.” We offer flexible work options when available, and emphasize the importance of work-life balance. We know that when our people are rewarded, recognized, and rejuvenated, we win as a team.
Responsibilities
Leverage internal, commercial, and open-source tools and data sources to analyze, enrich and synthesize indicators of compromise and/or other intelligence artifacts to provide meaningful and actionable intelligence
Analyze raw data sets and extract relevant insight to form high quality TI responses Perform proactive all-source research to identify and characterize new threats to the customer base and draft related TI products, where appropriate Maintain a broad understanding and knowledge of the latest offensive and defensive Tactics, Techniques and Procedures (TTPs) as well as overall Threat Landscape trends Collaborate internally and externally, and develop, enhance and produce Secureworks TI products Own and execute ongoing projects such as customer threat landscape presentations Identify intelligence collection gaps and communicate findings and collection requirements Initiate, propose, and update processes and standard TI operating procedures for efficient and effective response to TI and IR RFIs Take ownership of, triage, and update tracking systems for TI requests Gather contextual information from multiple sources to establish a TI request course of action or respond to a standard request for information related to the TI-Support service line Meet service level agreements regarding initial response time and customer notification as necessary Provide internal stakeholders the necessary information for decision support and situational awareness on service request intake activities Route RFIs to the proper service delivery team with the appropriate level of urgency and communication channel in a professional and courteous manner with an emphasis on customer satisfaction; assess and escalate to the next level as needed
Knowledge, Skills and Abilities
- Understanding and experience with the intelligence analysis lifecycle, including but not limited to:
Conducting all-source intelligence research Mining internal and external databases/repositories Pivoting research focus on TI indicators of interest Developing assessments with evidential basis Translating findings into client responses and/or threat intelligence reports
- Fundamental knowledge in most of the following areas:
Familiarity with advanced search engine functionality and search query customization. Unix, Linux, Windows, and OSX operating systems Exploits, vulnerabilities, intrusion vectors, and malware Host forensics, network forensics, and malware analysis techniques Network traffic analysis, endpoint activity analysis, and log analysis techniques Understanding of enterprise cyber incident management and response processes Understanding of enterprise cybersecurity controls and failure modes
- Excellent technical communication skills (oral and written) including experience briefing executive management
- Excellent organization and resource management skills
- Excellent capability to prioritize multiple and concurrent urgent tasks
- Excellent customer service skills and ability to quickly establish technical credibility and rapport with customers
- Team player with the ability to work autonomously in a fast-paced, dynamic environment
- Passionate about information security and service excellence
Desired Experience/Training:
Professional degree relevant to cybersecurity or intelligence analysis or equivalent work experience within a technical information security-related role such as Security Operations, Incident Response, or Threat Intelligence analysis Relevant governmental, military, commercial training and experience in cybersecurity and other industry standard certifications are a plus Professional certifications such as GCTI, GCIA, GCIH, GREM, CISSP, CISM, or similar cybersecurity technical certifications are a plus DevOps methods and ITIL framework knowledge are a plus
Secureworks is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Secureworks are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Secureworks will not tolerate discrimination or harassment based on any of these characteristics.