Sr Info Security Analyst - Threat Intelligence

Responsibilities:H-E-B is a leading innovator in technology, and our Digital Technology Team collaborates to design, construct, implement, and support solutions across the enterprise.As a Senior Threat Intelligence Analyst, youll improve and operate our cyber threat intelligence team to provide insights from threat activity that help H-E-B defend against cyber threats.Once you're eligible, you'll become an Owner in the company, so we're looking for commitment, hard work, and focus on quality and Customer service. 'Partner-owned' means our most important resources--People--drive the innovation, growth, and success that make H-E-B The Greatest Omnichannel Retailing Company.Do you have a:HEART FOR PEOPLE... skills to present complex technical and security-related info so it's easily understood by many?HEAD FOR BUSINESS... ability to maintain / gain new technical knowledge?PASSION FOR RESULTS... drive to advise on development / acquisition projects to ensure the best security-related outcomes?The role of every Digital Security team member is to support the overarching values and business goals of H-E-B as they relate to meeting legal, ethical and regulatory obligations; protecting members and employees privacy; and maintaining a security technology environment for our operations. The Threat Intelligence Analyst provides threat information to help identify threat actors and methods; to enable IT solutions to build effective controls against these threats; provide situation awareness to incident response; run threat assessments for high risk events (zero-days); support proactive incident hunting in H-E-B systems; advises on matters related to policies, standards and procedures; and mentors team members with lesser subject matter expertise. The Threat Engineer develops, leads and monitors the Threat Intelligence Program.ROLE• Identifies and assesses internal and external cybersecurity risks that threaten the security of H-E-Bs business operations.• Develops and formalizes effective threat identification and assessment processes, including maintaining playbooks for obtaining, monitoring, assessing, classifying severity, and responding to evolving threats and vulnerabilities.• Develops, maintains, and updates a repository of cybersecurity threat information that may be used in conducting risk assessments and reports on cyber risk trends.Conducts research and evaluates intelligence data, with specific emphasis on tactics, techniques, and procedures.• Turns threat information into actionable intelligence by integrating related Indicators of Compromise (IOC) into SIEM operations and incident response strategies.• Correlates threat data from various sources and analyzes network events to establish the identity and modus operandi of malicious users active in or posing potential threats to H-E-B.• Develops and documents Threat Intelligence procedures into Playbooks.• Ensures that Threat Intelligence documentation is comprehensive and accurate.• Works closely with various external Information Technology teams, state agencies and 3rd party vendors to develop a fuller understanding of the intent, objectives, and activity of cyber threat actors.Identifies, develops, and implements mechanisms to detect security incidents and report on key metrics.• Identifies and improves security incident detection and monitoring capabilities.• Provides management and the IR team with a contextual snapshot of the Incident Response team challenges for multiple uses by the team and management.• Participates in the assessment, analysis and design of solutions for the Threat Intelligence Program.• Provides leadership to develop the Threat Intelligence Program as the subject matter expertise.• Provides mentoring and training on tools and processes to the Threat Intelligence Team and partners.REQUIRED• Minimum of 5 years of cyber security experience• High degree of ethics/confidentiality required and may be required to pass security screening.• Ability to provide accurate analysis that minimizes bias and error.• Ability to develop processes and tools to effectively share actionable intelligence information.• Ability to work effectively, independent of assistance or supervision.• Ability to work under pressure in a highly team focused environment is required.• Innovative, creative, and extremely responsive with a strong sense of urgency.• Willing to share knowledge and assist others in understanding technical and business topics.PREFERRED• One or more professional security certifications such as CISSP (or equivalent).• Rule correlation evaluation and development experience highly recommended but not required.• Experience with scripting languages such as Python• Experience building and operating threat intelligence programs• Strong foundational understanding of cloud, software development, and security controls• Familiarity with link analysis and data mining tools.• xperience working in large organizations.This role is open to candidates in Austin, TX, San Antonio, TX, or Dallas, TX