Blue Cross and Blue Shield of Illinois, Montana, N Sr Cyber Threat Specialist in Chicago, Illinois
As the health care industry continues to rapidly transform, our IT team conceives, develops and delivers impactful technology solutions to support access to quality, affordable health care for our members. We are driven by our collective company purpose: To do everything in our power to stand with our members in sickness and in health®. Our IT team unleashes the power of this purpose through technology. We come to work every day to make a difference, and we deliver the highest quality and best solutions to our members.Job Purpose:This position is responsible for researching and reporting on all-source cyber threats that are potential risks to HCSC; working within an interdisciplinary team of engineers and analysts to evaluate TTPs utilized in cyber attacks as well as the TTPs used by cyber-espionage operators targeting the organization, partners, and others in healthcare or adjacent verticals; mining existing threat research and all-source external OSINT for indicators of cyber threats to create actionable intelligence reports for HCSC; performing short-term analysis of individual attacks to validate and publish indicators, as well as long-term analysis of tools, infrastructure, and tactics to create and augment profiles of intrusion sets and operators.
Required Job Qualifications:
Bachelors degree and 5 years experience in Information Technology OR Technical Certification and 5 years experience in Information Technology OR 7 years experience in Information Technology. *Knowledge of common defensive tools and technologies.Experience with researching and tracking Advanced Persistent Threat (APT) campaigns.Knowledge of the technical aspects associated with external IT threats.Experience with malware analysis or malware reverse engineering.Knowledge of healthcare/insurance business portfolios.Knowledge of business operations including products and services.Oral and written communication skills.Problem solving / analytical skills.Knowledge of cyber attack infrastructure, including computer systems and networks.Knowledge of the security concerns facing large enterprises.Experience with enterprise security incident handling. *Experience with the Cyber Kill Chain and Intelligence Driven Defense.Familiarity with the MITRE ATT&CK Framework and associated TTPs.Familiarity with MISP, Cuckoo Sandbox, DomainTools, Maltego, VirusTotal, etc.Organized and detail oriented with a strong teamwork and collaboration skill set.Analytical and problem-solving skills. *Ability to work under stress in emergencies.Customer focus and the ability to manage customer expectations.
Preferred Job Qualifications: Existing trusted intelligence relationships and established trust channels in the industry.Familiarity working/collaborating with TLAs or other government representatives.Technical automation script development experience (Python, Perl, Bash, or similar).Permanent telecommuting options available for this roleCA#LI-CR1
Location: IL - Chicago, TELECOMMUTE, TX - Richardson
Activation Date: Wednesday, November 4, 2020
Expiration Date: Tuesday, January 26, 2021