Associate 2 - Rc Sprc Cyber Intel

We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM.

**Cyber Threat Intelligence Analyst**

To address the most critical needs of our clients, RSM US LLP operates our CYBER practice, comprised of more than 250 professionals dedicated exclusively to serving the cybersecurity needs of our clients. This group includes experienced consultants located throughout the United States and Canada, as well as our nearshore and offshore delivery centers, dedicated to helping clients prevent, detect, respond to and recover from security threats that may affect their critical systems and data. We serve a diverse client base within a variety of industries, and we are relied upon to provide expertise across the full suite of security and privacy capabilities, including managing the daily activities associated with our clients’ security operations and threat intelligence capabilities.

At RSM, threat intelligence analysts work with clients in a variety of industries. They develop strong working relationships with their peers on the threat intelligence team as well as within the broader security operations center (SOC), threat hunting team, and vulnerability intelligence team while learning about our clients’ businesses and challenges facing their organizations. Working in a mutually respectful team environment helps our analysts perform at their best and integrate their career with their personal life. You will have the opportunity to:

- Disseminate threat intelligence briefs and reports to key stakeholders (both client teams as well as internal RSM teams), and incorporate feedback from key stakeholders as necessary
- Provide technical guidance to SOC and client teams about specific risks and potential controls measures to address and reduce the impact of new and emerging threats
- Communicate technical findings to both technical and non-technical teams
- Develop threat intelligence briefs and reports based on results of investigations
- Perform analytical investigations about specific security events and incidents impacting client infrastructure and data
- Monitor and report on real-time security incidents and campaigns across various industries
- Analyze threat data and information from a variety of open and closed sources
- Perform analytical investigations about indicators of compromise (IOCs), threat actors, and campaigns as identified by the SOC

Qualifications for this Associate-level position include:

- Minimum B.A. or B.S. degree or equivalent from an accredited university by the time employment commences or prior relevant military / law enforcement experience
- Computer science, information technology, information systems management, or other similar degrees preferably with a focus on information security
- Conversational-level English
- Strong written and verbal communication skills
- Strong analytical and investigation skills
- 2+ years previous threat intelligence experience
- 2+ years’ experience with the incident response process
- Must have a naturally curious mindset and approach
- Experience investigating security threats using a variety of tools and techniques
- Knowledge of operating systems including Linux/Unix and Windows
- Basic experience with security incident and event management (SIEM) tools such as Splunk, LogRhythm, Elastic, etc.
- Working knowledge of threat intelligence consumption and management
- Working knowledge of threat intelligence lifecycle
- Working knowledge of a variety of threat actor groups, TTPs and campaigns
- Ability to convert intelligence into actionable mitigation and technical control recommendations
- Knowledge of typical behaviors of both malware and threat actors
- Outstanding time management and multitasking skills with a high level of attention to detail