Offensive Security Intelligence Specialist
Benefits & Culture:
At Liberty Mutual, our purpose is to help people embrace today and confidently pursue tomorrow. Thats why we provide an environment focused on openness, inclusion, trust and respect. Here, youll discover our expansive range of roles, and a workplace where we aim to help turn your passion into a rewarding profession. We value your hard work, integrity and commitment to make things better, and we put people first by offering you benefits that support your life and well-being. To learn more, please visit https://www.libertymutualgroup.com/about-lm/careers/benefits
Liberty Mutual has proudly been recognized as a Great Place to Work by Great Place to Work US for the past several years. We were also selected as one of the 100 Best Places to Work in IT on IDGs Insider Pro and Computerworlds 2020 list.
We have been named by Forbes as one of Americas Best Employers for Women and one of Americas Best Employers for New Graduatesas well as one of Americas Best Employers for Diversity. To learn more about our commitment to diversity and inclusion please visit: https://jobs.libertymutualgroup.com/diversity-inclusion
Liberty Mutual is an equal opportunity employer. We will not tolerate discrimination on the basis of race, color, national origin, sex, sexual orientation, gender identity, religion, age, disability, veterans status, pregnancy, genetic information or on any basis prohibited by federal, state or local law.
Senior Cybersecurity Specialist Intelligence
We deliver our customers peace of mind every day by helping them protect what they value most. Our passion for placing the customer at the center of everything we do is driving a transformational shift at Liberty Mutual. Operating as a tech startup within a Fortune 100 company, we are leading a digital disruption that will redefine how people experience insurance.
Our Cybersecurity Specialists form a diverse team of hands-on technical security professionals who are collectively responsible for designing, implementing, managing, and monitoring the overall security posture of the organization. They partner with teams across the company to continually optimize our security posture while maintaining a hyper-focus on the reliability and stability of our business environments.
About The Job:
The Intelligence Specialist conducts intelligence-driven operations within the companys Offensive Security space. This position involves research and analysis of large amounts raw, unprocessed, data from external vendors, open sources, internal sources, and human sources. The candidate will produce finished intelligence products to support key stakeholders decision-making. Further, the candidate will be expected to participate in manual and automated collection operations that will often produce intelligence that is not publicly available, or accessible through conventional means. This team member will work with offensive and defensive personnel to create detection and mitigation strategies based on the information obtained through the aforementioned sources and methods. This team member must have an investigative mindset and the ability to communicate complex ideas to a variety of audiences, to include the highest levels of Cybersecurity management.
- Practical knowledge of, and experience with, intelligence collection principles and procedures.
- Knowledge of cyber relevant intelligence models (MITRE ATT&CK, LM-CIRTs Cyber Kill Chain, Diamond Model, etc.).
- Current Open Source Intelligence (OSINT) collection methods with a focus on internet data repositories, social media, paste-sites, etc.
- Experience using a wide range of Structured Analytic Techniques during Intelligence analysis.
- Working knowledge of counterintelligence techniques, and approaches to analysis.
- Current knowledge of network, host, and application layer security concepts, to include common vulnerability classes and attack techniques used to discover them.
- Knowledge of digital forensics to extract data in various formats.
- Knowledge of malware analysis methods and tools.
- Ability to develop or recommend analytic approaches to solving problems.
- Skill in using security event correlation tools.
- Experience working in incident response within Enterprise information system environments.
- Programming/scripting experience in one or more languages (preferably Python).
- Bachelors degree in Computer Science or related field.
- 3+ years of experience working within a CSIRT, SOC, or Intelligence position Preferred
- Experience using Splunk
- Skill in writing scripts using multiple languages
- Experience in creating Indicators of Compromise (IOCs) in various formats (YARA, OpenIOC, and STIX)