Honeywell Global Security (HGS) believes in integrating security into all aspects of our business to protect the people, processes, and assets by which Honeywell achieves its greater mission. Advancements in technology, contractual and regulatory requirements, emerging threats, and Honeywell's growth worldwide continue to challenge all of us to ensure everything we do in business is done securely.
The Threat Operations Group is searching for a threat intelligence analyst with experience in threat research, risk assessment, and threat hunting. The preferred candidate should also be able to formulate and follow through on threat hypothesis, prioritize threats, and create legible research reports that describe the threat, vulnerability, and risk to Honeywell. The position has a focus on Monitoring and Alerting. Candidate must be able to work with a team and coordinate work actions with that team.
Candidates should possess the following skills:
• Experience performing forensic analysis of Windows and Unix systems to identify compromise artifacts (3+ years)
• Malware analysis and reverse engineering (3+ years)
• Experience in building sandbox/test lab environments to evaluate malicious code
• Ability to identify actionable indicators of compromise based upon analysis of malware of forensic data
• Scripting and programming experience (e.g., Python, Perl, C, C++, Java, Assembly Language, Shell Scripting
• Strong research background and an analytical approach, especially with respect to event classification, event correlation, and root cause analysis preferred
BS Degree or equivalent work experience plus:
• Minimum of four years experience performing incident response with an emphasis on system compromise analysis
• Experience performing security reviews/vulnerability risk assessments of network environments using both manual procedures and automated analysis tools.
• Possesses a solid understanding of the TCP/IP protocol suite, security architecture, and remote access security techniques/products.
• Experience with enterprise anti-virus solutions, virus outbreak management, and the ability to differentiate virus activity from directed attack patterns.
• Creation of tools to automate analysis of malicious binaries.
• Ability to perform network-based forensics and log analysis
• Strong understanding of incident response methodologies and technologies
• Ensure the confidentiality, availability, and integrity of SOC data sources
• Candidate should be able to react quickly, decisively, and deliberately in high-stress situations
• Strong verbal/written communication and interpersonal skills are required to document and communicate findings, escalate threats, and interact with customers
• Highly motivated individual with the ability to self-start, prioritize, and multi-task
• Experience with log management and/or SIEM technologies such as Splunk, ArcSight, and LogLogic
• Experience with threat intelligence and/or IOC platforms
• Technical certifications considered an asset are: CISSP, GCIH, GCIA, GCFA, GPEN, GCFE, CCNA, CCNP
- JOB ID: HRD139397
- Category: Engineering
- Location: Devarabisanahalli Village, KR Varturhobli,,East Taluk - Phase I,Bangalore,KARNATAKA,560103,India