Lead Cyber Threat Intelligence

Company:  J&J Family of Companies
Location: Nashville-Davidson
Closing Date: 02/11/2024
Salary: £100 - £125 Per Annum
Hours: Full Time
Type: Permanent
Job Requirements / Description

J&J Family of Companies Lead Cyber Threat Intelligence Nashville, Tennessee Apply Now

Description

Johnson & Johnson is recruiting a Lead Cyber Threat Intelligence to conduct technical intelligence analysis within the Cyber Threat Intelligence and Threat Hunt (CIH) team. This role will support the Cyber Security Operations Center (CSOC) located in Raritan, NJ or can work remotely in the USA.

At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity.

If you have the talent and desire to touch the world, Johnson & Johnson has the career opportunities to help make it happen!

Position Summary

Are you driven by a sense of purpose? We are focused, driven, and dedicated to providing premier intelligence capabilities. On the Cyber Threat Intelligence and Threat Hunt team, we continually improve our intelligence capabilities by investing in our people.

Prior Responsibilities:

  1. Identifies gaps in visibility required to detect and respond to a specific TTP.
  2. Identifies gaps in detections (signatures, detection rules/algorithms).
  3. Discovery of new threats and TTPs that feed back to threat intelligence.
  4. Uncovering of vulnerabilities or misconfigurations.
  5. Recommendations on new preventive measures.
  6. Produces reports on findings from completed hunts for dissemination.

Responsibilities include but are not limited to:

  1. Operationalize tasks related to cyber programs and oversee processes in support of cyber threat intelligence analysis, under some orientation.
  2. Identify and prioritize cyber threats using open and closed source research into suspicious activity to collect and analyze information on adversary behavior.
  3. Create and deliver a range of written and verbal products that arm cyber defense teams with actionable intelligence and provide organizational leaders with curated information that influences risk-based decision-making.
  4. Maintain awareness of trends and risks that can affect the organization as it relates to the intersection between geopolitics, third-party risk, and the cyber threat landscape.
  5. Collaborate and share intelligence with industry groups such as H-ISAC, federal agencies, and international partners.

Qualifications

Required:

  1. A minimum of a bachelor’s degree or 8 years of equivalent work experience is required.
  2. A minimum of 4 years of professional experience is required.
  3. A minimum of 3 years of cyber threat intelligence experience is required.
  4. U.S. Citizenship is required to acquire any necessary security clearance.
  5. A solid grasp of the current threat landscape including the latest tactics, tools, and procedures, and common malware variants is required.
  6. Significant experience researching, acquiring, and implementing threat intelligence on nation state and criminal cyber threat actors is required.
  7. Strong knowledge of the intelligence lifecycle, intelligence analysis, and related methodologies (e.g., OODA, F3EAD) is required.
  8. Experience with structured analysis techniques (e.g., Diamond Model, Cyber Kill Chain) as well as a proven understanding of the MITRE ATT&CK framework is required.
  9. Experience with the utilization of Open-Source Intelligence (OSINT) as well as closed intelligence sources (e.g., Mandiant, Flashpoint, Recorded Future) is required.
  10. Excellent intelligence writing and briefing skills are required.

Preferred:

  1. Experience analyzing raw data points from technical security controls, to include web proxy, firewalls, IPS, IDS, enterprise antivirus solutions, etc. is preferred.
  2. Experience with security detection and response technology (SOAR & SIEM) and Threat Intelligence Platform (TIP) products is preferred.
  3. Experience with link analysis tools (e.g., Maltego, Analyst Notebook) is preferred.
  4. Knowledge of geopolitics and its intersection with the cyber threat landscape is preferred.
  5. Security certifications such as CISSP, SANS GSEC, GCTI, and GCFA or similar industry-recognized credentials are preferred.
  6. Experience working with virtual, global teams - including diverse groups of people with multifaceted backgrounds and cultural experience is preferred.

This role may require up to 10% travel.

#JNJTech

The anticipated base pay range for this position is $90,000 to $144,900.

The Company maintains highly competitive, performance-based compensation programs. Under current guidelines, this position is eligible for an annual performance bonus in accordance with the terms of the applicable plan.

Employees and/or eligible dependents may be eligible to participate in the following Company sponsored employee benefit programs: medical, dental, vision, life insurance, short- and long-term disability, business accident insurance, and group legal insurance.

Employees may be eligible to participate in the Company’s consolidated retirement plan (pension) and savings plan (401(k)).

Employees are eligible for the following time off benefits:

  1. Vacation – up to 120 hours per calendar year.
  2. Sick time - up to 40 hours per calendar year; for employees who reside in the State of Washington – up to 56 hours per calendar year.
  3. Holiday pay, including Floating Holidays – up to 13 days per calendar year of Work, Personal and Family Time - up to 40 hours per calendar year.

Additional information can be found through the link below.

Primary Location NA-US-New Jersey-Raritan

Other Locations NA-United States

Organization Johnson & Johnson Services Inc. (6090)

#J-18808-Ljbffr
Apply Now
An error has occurred. This application may no longer respond until reloaded. Reload 🗙