Reporting to the Manager of Intelligence Operations, the Cyber Threat Intelligence Analyst I is responsible for identifying, collecting, analyzing, and documenting the indicators and observables from phishing campaigns and malware binaries to produce actionable, timely intelligence to our broad range of customers.

　　Essential Duties/Responsibilities

　　Write analysis reports on emerging phishing campaigns that leverage simple and publicly available malware.Perform rapid analysis of malicious software applications collected from phishing email campaigns as they emerge.Perform analysis of basic malware with little supervision.Leverage malware analysis platforms and technologies to identify malware infrastructure and tactics as needed.Contribute high volume analysis reports on simple script malware.Contribute to analysis reporting on more sophisticated malware, with guidance.Contribute insight to in-depth strategic reporting on attacker trends.Author threat assessments that assist customers in understanding threat's relevance and potential impact.Analyze phishing campaigns and related threats to identify patterns, anomalies, and potential attribution.Write rules, signatures and descriptors for sandbox technology.Other duties as assigned.

　　Knowledge, Skills and Abilities Required

　　Strong verbal and written communication and organizational skills.Strong critical thinking and operational judgement skills.Ability to work in fast-paced, team-oriented environment.Basic understanding of email protocols, headers, and formats.Proficiency with TCP/IP packet capture and investigation software, e.g. Wireshark, HTTP debuggers, DNS query interception utilities.Knowledge of Microsoft Assembly language preferred.Basic understanding of various common programming and/or scripting languages, e.g. Python, .Net, Visual Basic.Proficiency with Linux and Unix operating systems.Ability to use and modify command line script applications and utilities.Basic understanding of nature of malicious software and applications.Ability to learn new techniques to conduct malware analysis.Ability to learn and quickly implement tradecraft standards.Knowledge of sandbox technology.

　　Education and/or Experience:

　　Bachelor's or Master's degree in a related field such as Computer Science, Computer Forensics, or Justice Science preferred, but not required.At least 1-2 years of experience in malware analysis and intelligence analysis, strongly preferred.Experience with SQL database technology preferred.Experience with cyber security, malware analysis and/or reverse engineering preferred.

　　- Disclaimer-

　　The above statements are neither intended to be an all-inclusive list of the duties and responsibilities of the job described, nor are they intended to be a listing of all of the skills and abilities required to do the job. Rather, they are intended only to describe the general nature of the job. This job description is not a contract of employment, either express or implied. Employment with Cofense will be voluntarily entered into and your employment is considered at will. Cofense reserves the right to alter the job description at any time without notice.

　　Cofense is committed to equal employment opportunity. We will not discriminate against employees or applicants for employment on any legally recognized basis [protected class] including, but not limited to: veteran status, uniform service member status, race, color, religion, sex (including pregnancy), gender identity, sexual orientation, national origin, age, physical or mental disability, marital status, genetic information or any other status or characteristic protected by applicable national, federal, state or local laws and ordinances. We adhere to these commitments in all aspects of employment, including recruitment, hiring, training, compensation, promotion, benefits, and discipline.