Threat Intelligence Analyst
- Evaluate, analyze, and derive actionable threat intelligence from a variety of open-source, commercial, and private sources to deliver quality deliverables to both technical and executive audiences.
- Assess, curate, and manage multiple threat intelligence feeds to enable the correlation of security events.
- Participation in the research and development of next-generation analytics to identify attack patterns that evade traditional countermeasures.
- Advocacy of intelligence-sharing principals to develop the capability, reputation, and footprint of Relativity.
- Provide subject-matter expertise during high-profile and targeted attacks under investigation by the Cyber organization.
- Familiarity with scripting or programming languages (Python, Powershell, Perl, etc), as they apply to information security.
- Interest to learn additional skills as required, including cross-functional tools and foreign languages.
- Exposure to intel-driven threat hunting principals to identify novel attack presentations and concepts.
- Knowledge of adversarial tools, techniques, and procedures within the context of the ATT&CK framework or equivalent.
- Strong familiarity with TCP/IP, cryptography, attacker methodologies, malicious code, exploit development, and mitigating controls.
- Proficiency with intelligence and analysis tools, including Splunk, Maltego, VirusTotal Intelligence, Threat Intelligence Platforms, and OSINT aggregators.
- One or more of the following certifications: GCTI, OSCP, GCIA, GREM, GNFA, CISSP or similar.
- Ability to leverage insight from internal telemetry and an emerging threat landscape describe and anticipate actions by cybercriminal, hacktivist, and cyberespionage actors.
- Comprehensive understanding of adversary technologies, capabilities, targeting profiles, and motivations to assess and attribute observed malicious activity.
- Familiarity with the application of the cyber kill chain and diamond model to conceptualize advanced cyber attacks.
- Capacity to provide both high-level and technical briefings on emerging threats and vulnerabilities, collaborating with extended Cyber teams to assess risk.
- Proficiency in the identification and validation of data exposure events sourced from industry-standard tools and the intelligence community.
- Ability to work collaboratively and independently to deliver projects based on high-level requirements and success criteria.
Relativity has over 160,000 users in 40+ countries from organizations including the U.S. Department of Justice, more than 70 Fortune 100 companies, and all of the Am Law 200. Relativity's cloud solution, RelativityOne, offers all the functionality of Relativity in a secure and comprehensive SaaS product. Our company has also been named one of Chicago's Top Workplaces by the Chicago Tribune for seven consecutive years. If you’re ready to grow with us, we’d love to hear from you. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.