Qualifications
Senior Threat Intelligence analyst
Are you passionate about helping to drive global Cybersecurity innovation and change Do you thrive in environments that encourage critical thinking, creativity, and challenging the status quo
Detection and Response team is looking for a senior analyst for a hybrid role with involvement in Threat Hunting and Detection Engineering. In this role, you will guide identification and analysis of advanced security threats through proactive threat hunting and monitoring of network activity. You will leverage your expertise in detection engineering, particularly within Splunk ES, to design and implement effective detection rules, that will help identify and defend the company infrastructure against cyber threat actors.
This position allows deep insight into various aspects of cyber security and will require attention to detail, a sense of urgency, and strong communication skills.
Duties And Responsibilities
- Lead the identification and analysis of sophisticated security threats using advanced tools and methods, including Splunk ES.
- Conduct proactive threat hunting activities, developing and executing hypotheses to uncover potential security breaches.
- Design, implement, and optimize detection rules and alerts within Splunk ES and other security platforms to enhance threat visibility.
- Perform comprehensive emerging vulnerability assessments and recommend effective mitigation strategies to strengthen the organization's security posture.
- Mentor junior analysts, providing guidance and training on threat hunting methodologies, detection engineering, and the use of security tools.
- Collaborate with various global teams, including incident response, security operations, and engineering, to integrate threat intelligence into security processes.
- Stay up to date with the latest trends in cybersecurity and threat intelligence, continuously refining strategies and processes to adapt to emerging threats.
- Constantly optimize work procedures and automate recurring tasks. Develop and update technical documentation and formulate work instructions to address repeating issues.
Key Requirements
- Bachelor's degree in Cybersecurity, Computer Science, or equivalent experience.
- 4+ years of experience in Information Security.
- 3+ years of experience in a Threat Hunting or Threat intelligence role.
- Experience with incident response and digital forensics.
- Experience with creating and maintaining detections and alerts.
- Experience with Splunk ES and Microsoft XDR.
- Good technical knowledge of Windows/Linux operating systems, various types of applications, and networking technologies.
- Analytical skills in threat, vulnerability, and intrusion detection analysis.
- Keen understanding of threat vectors as well as exfiltration techniques.
- Attention to detail.
- Ability to develop and follow complex work instructions and documentation.
- Willingness to learn.
We value
- Knowledge of OT cybersecurity landscape.
- Experience with SOAR Solutions like XSOAR/Demisto.
- Knowledge in cloud security (Azure, AWS, MS Office 365).
- Knowledge of Linux operating system.
- One or more widely recognized certifications from renowned institutions such as GIAC/SANS, ISC/CISSP or Microsoft.
- Detailed knowledge of Endpoint Detection and Response tools (e.g., Carbon Black or MS Defender ATP).
- Knowledge of scripting in Python or PowerShell.
- Understanding of ITIL process, such as Incidents, Change & Problem management.
- Experience in working in a global, process-driven organization.
About Us
Honeywell helps organizations solve the world's most complex challenges in automation, the future of aviation and energy transition. As a trusted partner, we provide actionable solutions and innovation through our Aerospace Technologies, Building Automation, Energy and Sustainability Solutions, and Industrial Automation business segments – powered by our Honeywell Forge software – that help make the world smarter, safer and more sustainable.
