Threat Analyst

Chicago, IL - USA

Monthly Salary: $ 86900 - 111850

Posted on: 28 days ago

Vacancies: 1 Vacancy

Job Summary

Dentons US LLP is currently recruiting for a Threat Analyst. The Information Security Threat Analyst is responsible for proactively hunting for threats within client environments developing and tuning SIEM use cases and conducting in-depth investigations of security events. The role involves monitoring and operationalizing threat intelligence engineering automation and SOAR playbooks to streamline detection and response and maintain comprehensive documentation of threat hunting activities. The analyst collaborates with internal teams to enhance security operations participates in incident response and continuously adapts to the evolving cyber threat landscape.

Responsibilities

Analyze activity trends using a mix of tools and analytical methodologies to hunt for threats not otherwise detected by configured security alerts.
Conduct threat scenario analysis to develop new use cases with relevant attack vectors; develop attack scenarios to formulate hunting strategies to identify threats undetected by existing controls.
Perform in-depth investigation of events of interest identified during hunts or from security alerts as defined investigation and response procedures.
Monitor triage and operationalize threat intelligence from commercial open-source ISAC/ISAO and government sources.
Correlate threat intelligence with internal telemetry to identify potential compromise and guide hunts and incident response.
Create and deliver regular threat hunting and threat intelligence reports including hypotheses datasets findings false positives and detection/response improvements.
Contribute to the tuning and development of SIEM use cases and other security control configurations to enhance threat detection capabilities.
Define and track Security Operations metrics.
Design develop and maintain automation and SOAR playbooks to streamline alert triage enrichment containment and notification workflows.
Automate routine operational tasks (e.g. IOC curation asset/context lookups quarantine user suspension) to reduce MTTD/MTTR.
Facilitate vulnerability management by correlating vuln data with exploits-in-the-wild; prioritize remediation based on risk and exposure.
Participate in IR exercises to validate processes and IR capabilities.
Other duties as assigned to fully meet the requirements of the position.

Required Qualifications

Bachelors degree/diploma in Computer Science Information Security or related field.
Minimum 2 years of experience in Cyber Intelligence or as a Threat Hunter ideally within a CIRT/SOC; hands-on experience with SIEM content and automation development.
Direct prior experience with core security technologies such as SIEM vulnerability scanners anti-virus solutions and EDRs.
Strong knowledge of threat intelligence and threat hunting including MITRE ATT&CK kill chain hypothesis-driven methods and IOC lifecycle management.
Demonstrated experience with SIEM platforms (e.g. Splunk Microsoft Sentinel Elastic): data onboarding parsing correlation rules dashboards and tuning.
Experience with SOAR platforms (e.g. Splunk SOAR Microsoft Sentinel automation Swimlane) and building playbooks for enrichment and response.
Strong analytical and investigative skills; knowledge of technical security controls and mitigations.
Experience with advanced endpoint analytics and EDR tooling (e.g. CrowdStrike Defender for Endpoint Sophos).
Good working knowledge of common security threats industry best practices and security technologies.
24x7 on-call availability for high severity incidents.
Knowledge of digital forensics malware analysis penetration testing and ethical hacking.
Proficiency in scripting languages (Python PowerShell shell) is a plus.
Industry certifications are a strong asset (e.g. GIAC Microsoft SC-200 Splunk Enterprise Security AWS/Azure security certs).

Salary

Chicago Only DOE: $83850 - $107950

Washington DC Only DOE: $86900 - $111850

Dentons US LLP offers a competitive salary and benefits package including medical dental vision 401k profit sharing short-term/long-term disability life insurance tuition reimbursement paid time off paid holidays and discretionary bonuses.

Dentons US LLP is an Equal Opportunity Employer - Disability/Vet. Pursuant to local ordinances we will consider for employment qualified applicants with arrest and conviction records.

If you need any assistance seeking a job opportunity at Dentons US LLP or if you need reasonable accommodation with the application process please call our Talent Acquisition Specialist at 1 or contact us at

About Dentons

Redefining possibilities. Together everywhere. For more information visit

Required Experience: