Cyber Threat Intelligence Analyst - Hickam Afb

- Conducting proactive threat hunts to detect suspicious activities prior to escalation - Utilizing critical thinking to assess threat intelligence, attacker tactics, and evolving methodologies - Reviewing and correlating logs from firewalls, hosts, EDR, IDS/IPS, and other internal systems - Responding to RFIs and conducting targeted investigations using available tools - Applying extensive knowledge of security controls across Endpoint, Cloud, SaaS, and Identity - Investigating alerts, anomalies, and malicious activity using EDR platforms - Creating custom SIEM and IDS rules/signatures to enhance detection capabilities - Executing incident handling tasks including triage, response, documentation, and lessons learned - Educating clients on threats and advising on security best practices - Analyzing ongoing cyberattacks such as phishing, DDoS, ransomware, and data breaches - Tracking and engaging with threat actors across clear, deep, and dark web - Acting as a subject-matter expert in threat intelligence and advanced detection - Building dashboards, alerts, and monitoring content within SIEM and other security platforms - Continuously refining detection content to bolster SOC operations - Crafting and managing technical documentation, detection strategies, and monitoring processes - Identifying detection gaps and suggesting improvements - Mentoring SOC analysts and guiding team members in security practices - Developing strategies for incident handling and coordinating security breach responses