Lead Strategic Threat Intelligence Analyst
Company Overview
At Motorola Solutions, we create technologies our customers refer to as their lifeline. Our technology platforms in communications, software, video and services help our customers work safely and more efficiently. Whether it’s helping firefighters see through smoke, enabling police officers to see around street corners, or reliably keeping the lights on in homes and businesses around the world, our work supports those who put their lives on the line to keep us safe. Bring your passion, potential and talents to Motorola Solutions, and help us usher in a new era in public safety and security.
Department Overview
Motorola Solutions Inc. (MSI) is the leading provider of Mission Critical Communications Solutions for Public Safety and Government Users as well as key enabler for Commercial Communication products, making sure our Customers have the information they need at hand in the Moments that Matter. Be a part of the Dynamic Team that manages and oversees the Cyber Security program for Product Development throughout Motorola Solutions.The Products & Services Organizations within Motorola Solutions is responsible for development of the company’s mission critical communications and mission critical intelligence portfolio, including cloud-based command center applications, Land Mobile Radio (LMR) and LTE solutions, as well as managed and support services around the world. The organization also drives CyberSecurity for MSI’s procurement and supply chain operations.The Products & Services (P&S) Threat Management Group is responsible for strategic threat intelligence, internal penetration tests, and Federal hardening compliance management, all focused on protecting our Customers in the moments that matter.The ultimate goal of the Threat Intelligence team is to define the CyberSecurity threat space that impacts our Customers, their Data and Operations and transform that information into consumable Threat Intelligence to inform internal and external stakeholders enabling the implementation of security controls before attackers can take advantage of potential product vulnerabilities.
Job Description
Primarily, the Threat Intelligence team is responsible for understanding and reporting on: threats against Customers and their operations that MSI supports with our products and services and provide initial recommendations on how to respond and recover from such threats; threats against MSI products and services themselves; and enriching media and open source intelligence for late breaking vulnerabilities that impact MSI Customers, products, and services overseeing the process to determine impacts and drive resolutions working within MSI development.
The Threat Intelligence team is also responsible for external engagement with peer groups in information security circles over cyber threats and for informing the development of global cyber policy. The Threat Intelligence teams’ collection efforts focus on events ranging from intrusions, malware, DDoS, unauthorized access, product and service fraud, insider attacks, and loss of Customer data or MSI proprietary information. This includes developing a deep understanding of global threat actors and geopolitical drivers of cyberspace. The Threat Intelligence team plays an integral role in alerting, responding, and advising on the mitigation of computer security incidents within a Product and Services CyberSecurity context. The team will work closely with other groups within the P&S CyberSecurity organization, as well as other teams within MSI.
The successful candidate possess a demonstrated intelligence analysis background and is able to communicate in natural language with senior management as well as technical detail levels to enable mitigation activities with threats and incident impacts to MSI products and services. You will independently, or in concert with other work partners, identify cybersecurity threats, produce analytical deliverables, and provide support to ensure internal recipients are successful with threat information you'll produce. You'll use all-source technical data collection and analysis to produce a commonly understandable model of relevant threat related activity. The role includes developing and maintaining a Threat Intelligence Platform to collect new technical and non-technical sources of information, threat research, threat profile development, analyses, briefings, warnings, and operational data to create tailored intelligence impacting MSI product and services offerings. Military or government service in cyber or intelligence operations a plus and may be used to waive degree requirements
Essential Requirements:
- Undergraduate four year degree in a STEM related fields plus 3+ years working in security roles, or 6+ years working in information security roles
- Military or government service in cyber or intelligence operations a plus and may be used to waive degree requirements
- Three or more years working in a Security Operations Center (SOC) or Intelligence function
Responsibilities:
- Establish a threat intelligence gathering methodology to identify, classify, prioritize and report on cyber threats using a structured approach to derive Customer marketspace relevant intel
- Identify and develop a portfolio of threat and actor profiles, threat activity, trends, and common attack vectors from all available sources
- Provide actionable information by producing, editing, and distributing a variety of concise and actionable threat analysis and warning products in written and presentation form to an audience that spans a range of end users from Customers and senior company executives to security analysts and developers
- Conduct pivoting analysis on Threat Intelligence to identify current impact or proactively process mitigations for defense through security technologies and proactive mitigations including zero-day patching identification, anomalous behavior, and recommendations of remediation action
- Supports the coordinated response to cyber related incidents to prevent additional loss and to assist in impact analyses and mitigation
- Identify gaps in intel gather strategy and lead changes in covering identified gaps
- Coordinates with IT, the SOC, and IR teams to inform and enhance the threat intelligence platform
- Compile and analyze cyber threat information and make recommendations based on suspected or known context in order to draw insights and conclusions regarding its relative threat to MSI product and services cybersecurity
- Conduct studies and make recommendations to produce a library of cyber threats, threat vectors, threat actors, and threat trends for security analysts and development team consumption during threat modeling activities
- Attracts, retains, and leads a team of employees by educating, developing and managing them to deliver strong results
- Drive the technical oversight and guidance required to support junior team members during Intelligence analysis efforts
- Lead change within the Threat Intelligence team through leadership, guidance, and creation of new processes and procedures to enhance the intel capabilities
- Develop, create, and drive current and new reporting methods of Intelligence analysis to peers and leadership teams for purposes of situational awareness and making Intelligence actionable
- Write intelligence and technical articles for knowledge sharing
General Skills:
- Advanced written and verbal communications skills
- Able to translate technical risk details into easy-to-understand natural language
- Ability to work and influence in a very matrixed organization
- Ability to formulate and present risk information to senior management
- Team focus, dedication, self-motivated, attention to detail and flexibility
- Ability to leverage available technical resources and tools (online and otherwise)
- A desire for continued learning, research, and expansion of skill sets essential to the role
- The Candidate must be a self-motivated person with high energy level, ability to learn quickly and demonstrate good, tactful communication skills.
- The Candidate must be capable of managing a multidisciplinary team as well as a number of diverse tasks.
- Good organizational & analytical skills and technical aptitude, with the ability to think creatively and objectively.
- Able to effectively interface with a wide range of people and groups including Customers, upper management, third-party vendors, sales, engineering, production, & service personnel.
Technical skills:
- Knowledge of common adversary tactics, techniques, and procedures (TTPs)
- Demonstrated knowledge of information technology and security principles
- Experience with threat intelligence tools & management platforms
- Experience with collecting, analyzing, and interpreting data from multiple sources, documenting the results and providing meaningful, shareable analysis products
- Experience with Security Operations
- A working understanding of cloud security, both from cloud consumer and cloud provider points of view
- A working understanding of mobile security
- One or more of OSCP, CEH, CISSP, CSSLP, CCSP, CCSK and/or other certifications are helpful
- Maltego experience preferred
Basic Requirements
- Undergraduate four year degree in Computer Science, Engineering or related fields, or related experience
- 3+ years working in security roles, or 6+ years working in information security roles.
- Military or government service in cyber or intelligence operations a plus and may be used to waive degree requirements.
Travel Requirements
Under 10%
Relocation Provided
Domestic
Position Type
Experienced
Referral Payment Plan
No
EEO Statement
Motorola Solutions is an Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran's status, or, any other protected characteristic.