Threat Researcher
- Employer
- Allstate Insurance Company
- Location
- Tempe, Arizona
- Salary
- Not Specified
- Closing date
- Aug 26, 2019
View more
- Category
- IT
- Job Type
- Not Specified
- Career Level
- Not Specified
Job Details
Where good people build rewarding careers.
Think that working in the insurance field cant be exciting, rewarding and challenging? Think again. Youll help us reinvent protection and retirement to improve customers lives. Well help you make an impact with our training and mentoring offerings. Here, youll have the opportunity to expand and apply your skills in ways you never thought possible. And youll have fun doing it. Join a company of individuals with hopes, plans and passions, all using and developing our talents for good, at work and in life.
Job Description
The individual will be responsible for supporting the monitoring, collection, analysis, and reporting for threat related data from open source and closed source intelligence. Leveraging threat severity and risk, the individual will help drive timely reporting and mitigation by partnering with the Global Security Fusion Center and other Allstate Information Security (AIS) organizations. This role will be accountable for researching and compiling reports and data on the state of the threat landscape and presenting that data to multiple levels of leadership.
Primary Responsibilities
-
Execute Threat Research process activities, including:
- Maintain awareness of Allstate & affiliate designs in order to maintain relevancy of research topics.
- Consumers and producers of actionable threat intelligence (technical and strategic) in order to update the Allstate Threat Intelligence Platform (TIP) with adversary profile information and to use this library to target research topics.
- Monitoring dark web and clearnet sources, such as forums, dump sites, markets, and IRC channels.
- Construction and maintenance of Alias/Persona builds.
- Maintain awareness of Allstate environment and current threats.
- Maintain of a list of darkweb sources.
- Review publicly available data dumps pertaining to Allstate & affiliates.
- Research existing Priority Intelligence Requirements (PIRs) and recommend updates to PIR list.
- Provide malware and tools to Reverse Engineering team as applicable.
- Act as a threat intelligence SME with advanced knowledge in at least one of the following areas: Microsoft platform system administration (Server, client, applications), Open Systems platforms system administration (Linux, UNIX, VM Ware ESX), JAVA, Adobe, middleware (web, databases, etc.), networking system administration
Primary Responsibilities (Cont'd)
- Support the Threat Services program developing guidance on improvements that can be made to the identification, assessment, and mitigation of threats to the environment.
- Collect, analyze, and assess technical and non-technical threat and security incident-related information made available from OSINT, platform vendors, third parties, and internal sources to help determine course of action for the Allstate environment.
- Partner with other security professionals to determine and implement new detection content, such as SIEM correlation rules, IDS/IPS rules, etc.
- Generate ad-hoc and scheduled reports on threats and associated actionable activities necessary to protect the environment.
- Review and trend patterns in criminal markets and OSINT, as well as internal information security incidents, for identifying relevancy to the companys secure operations.
- Support requests for real-time threat intelligence from other Global Security Fusion Center analysts, such as incident handlers and vulnerability researchers.
Job Qualifications
- Bachelors degree in Information Systems or related field.
- 5+ years experience in either threat management or security assurance.
- Knowledge of industry standard security best practices and threat management processes & frameworks.
- Experience with threat research, threat indicator sharing (such as STIX/TAXII), vulnerability scanning tools, and other tools in the security space.
- Advanced knowledge of operating systems security (Windows, *nix).
- Strong understanding of networking concepts and devices (Firewalls, Routers, Switches, Load Balancers, etc.).
- Ability to effectively work independently and in a team environment.
- Individual must interact with all levels of management, business and IT.
- Self-motivator possessing a high sense of urgency and a high level of integrity.
- Excellent analytical and problem solving skills.
- Strong communication (oral, written, presentation), interpersonal and consultative skills.
- Good organization and documentation skills.
- Certifications: Obtained certifications in one or more of the following: GIAC, GCIH, CEH, CISSP, CISA
The candidate(s) offered this position will be required to submit to a background investigation, which includes a drug screen.
Good Work. Good Life. Good Hands.
As a Fortune 100 company and industry leader, we provide a competitive salary but thats just the beginning. Our Total Rewards package also offers benefits like tuition assistance, medical and dental insurance, as well as a robust pension and 401(k). Plus, youll have access to a wide variety of programs to help you balance your work and personal life -- including a generous paid time off policy.
Learn more about life at Allstate. Connect with us on Twitter, Facebook, Instagram and LinkedIn or watch a video.
Allstate generally does not sponsor individuals for employment-based visas for this position.
Effective July 1, 2014, under Indiana House Enrolled Act (HEA) 1242, it is against public policy of the State of Indiana and a discriminatory practice for an employer to discriminate against a prospective employee on the basis of status as a veteran by refusing to employ an applicant on the basis that they are a veteran of the armed forces of the United States, a member of the Indiana National Guard or a member of a reserve component.
For jobs in San Francisco, please click "here" for information regarding the San Francisco Fair Chance Ordinance.
For jobs in Los Angeles, please click "here" for information regarding the Los Angeles Fair Chance Initiative for Hiring Ordinance.
It is the Companys policy to employ the best qualified individuals available for all jobs. Therefore, any discriminatory action taken on account of an employees ancestry, age, color, disability, genetic information, gender, gender identity, gender expression, sexual and reproductive health decision, marital status, medical condition, military or veteran status, national origin, race, religion (including religious dress), sex, or sexual orientation that adversely affects an employee's terms or conditions of employment is prohibited. This policy applies to all aspects of the employment relationship, including, but not limited to, hiring, training, salary administration, promotion, job assignment, benefits, discipline, and separation of employment.
Company
- Website
- https://www.allstate.com/
Get job alerts
Create a job alert and receive personalized job recommendations straight to your inbox.
Create alert