IBM Cyber Threat Intelligence Analyst in Washington , District Of Columbia Introduction At IBM, work is more than a job - it's a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to do something better, but to attempt things you've never thought possible. Are you ready to lead in this new era of technology and solve some of the world's most challenging problems? If so, lets talk. Your Role and Responsibilities Partial remote work permitted with close proximity to an IBM hub office for occasional face to face meetings. While in the office, we maintain a responsible consideration of health and safety practices and ongoing support for a hybrid, in-office/remote office balance. Preference will be given to candidates located within a commutable distance to a CIO strategic location: Washington DC and Northern Virginia and Maryland Southbury, CT NYC, NY Austin, TX North Castle (Armonk), NY RTP, NC There are no relocation funds for this role so you would need to relocate at your own expense. * IBM will not be providing visa sponsorship for this position now or in the future. Therefore, in order to be considered for this position, you must have the ability to work without a need for current or future visa sponsorship. The Cyber Threat Intelligence (CTI) Analyst has a passion for researching, finding, and identifying the latest cyber threats to IBM. Using a multitude of CTI sources (both internal and external), the analyst will work to develop proactive, anticipatory, and reactionary actions against malicious actors and threats. The goal of the CTI Analyst is to protect the IBM computing environment by reducing the probability of, and to minimize of effects of, damage caused by malware and malicious activities. In this role, you will monitor CTI feeds and open-source intelligence for new threats to IBM CIO, assess risk based on CIO context, and communicate across CIO with recommendations to protect, detect, and respond. You will also perform some basic threat hunting based on known indicators of compromise (IOC) to determine existence and scope within the IBM CIO environment. Analyst Roles and Responsibilities: Develop and refine CTI collection and analysis processes based on MITRE ATT&CK framework Develop tools and automation to enhance CTI capabilities Monitor CTI feeds and open-source intelligence reporting to identify potential threats to IBM Respond to requests for ad-hoc reporting and research topics from management as required Produce detailed intelligence analysis reports on cyber-threats, convey potential impact, along with recommended relevant remediation and countermeasures Draft threat hunting packages with threat, IOCs, MITRE ATT&CK TTPs, boundary and scope, with results when complete Present relevant findings to both technical and non-technical audiences Advise and communicate on critical threats and vulnerabilities with recommended changes to protect, detect, and respond Support Detection and Incident Response teams with context and analysis support Required Technical and Professional Expertise 3+ years' experience as a Cyber Threat Intelligence Analyst Ability to generate recommendations that can be actioned by customers to enhance their security Experience with intelligence analysis tools, methods and the intelligence life-cycle Ability to generate defensible analytical products with coherent visualized data Extensive knowledge of standards of intelligence collection and analysis research methods Outstanding written and oral communication skills, and the ability to prioritize work Bachelor's degree in information assurance, computer science, engineering or related technical field and/or individual technical Cyber Security Certification through one of the recognized bodies preferred: ISACA, (ICS)2, GIAC, etc. Preferred Technical and Professional Expertise Strong understanding security risk mitigation methods and compensating controls Familiarity with cyber-threats, mitigations, motivations, and techniques Familiarity with the applicability and use of the MITRE ATT&CK Framework Working knowledge of how malicious code operates and how technical vulnerabilities are exploited Maintained or developed professional contacts in the various communities in support of operations Knowledge of databases, query design, and how to analyze data thus obtained Tracking and reporting on cyber-espionage, cyber-crime, and other malicious threat actors Ability to convey system risks/assessments/vulnerabilities at a technical level Experience performing security assessments on system and detecting forensic artifacts Experience with EDR platforms and how they operate Strong understanding of Windows, Unix/Linux, Active Directory, firewalls, proxies, etc. Familiarity with automation concepts and proficiency in scripting languages About Business UnitThe Office of the Chief Information Officer (CIO) owns IBM's IT strategy and provides the tools, workstations, devices, and infrastructure that IBMers use to do their jobs every day. Put simply, our mission is to create a productive environment for IBM's 365,000 worldwide employees. Join us as we lead with design to drive simplicity and ease of use, engineering the systems that run the business, and innovating to transform the business. This job requires you to be fully COVID-19 vaccinated prior to your start date, where legally permissible. Proof of vaccination status will be required. If you are unable to be vaccinated due to medical, pregnancy or religious reasons, we offer accommodations in accordance with applicable law. Your Life @ IBMAre you craving to learn more? Prepared to solve some of the world's most unique challenges? And ready to shape the future for millions of people? If so, then it's time to join us, express your individuality, unleash your curiosity and discover new possibilities. Every IBMer, and potential ones like yourself, has a voice, carves their own path, and uses their expertise to help co-create and add to our story. Together, we have the power to make meaningful change - to alter the fabric of our clients, of society and IBM itself, to create a truly positive impact and make the world work better for everyone. It's time to define your career. About IBMIBM's greatest invention is the IBMer. We believe that through the application of intelligence, reason and science, we can improve business, society and the human condition, bringing the power of an open hybrid cloud and AI strategy to life for our clients and partners around the world.Restlessly reinventing since 1911, we are not only one of the largest corporate organizations in the world, we're also one of the biggest technology and consulting employers, with many of the Fortune 50 companies relying on the IBM Cloud to run their business. At IBM, we pride ourselves on being an early adopter of artificial intelligence, quantum computing and blockchain. Now it's time for you to join us on our journey to being a responsible technology innovator and a force for good in the world. Location StatementIBM offers a wide range of resources for eligible IBMers to thrive both inside and outside of work. In addition to a competitive benefits program consisting of medical and life insurance, retirement plans, and time off, eligible employees may also have access to: *12 weeks of paid parental bonding leave. Family care options are also available to support eligible employees during COVID-19. *World-class training and educational resources on our personalized, AI-driven learning platform. IBM's learning culture supports your restless attitude to grow your skills and build the depth and scale of knowledge needed to achieve your career goals. *Well-being programs to support mental and physical health. *Financial programs that empower you to plan, save, and manage your money (including expert financial counseling, 401(k), IBM stock discount, etc.). *Select educational reimbursement opportunities. *Diverse and inclusive employee resource groups where you can network and connect with IBMers across the globe. *Giving and volunteer programs to benefit charitable organizations and local communities. *Discounts on retail products, services, and experiences. We consider qualified applicants with criminal histories, consistent with applicable law. IBM will not be providing visa sponsorship for this position now or in the future. Therefore, in order to be considered for this position, you must have the ability to work without a need for current or future visa sponsorship. Being You @ IBMIBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, pregnancy, disability, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.