Senior Cyber Threat & Vulnerability Analyst

locationsLos Angeles, CA, USOakland, CA, UStime typeFull timeposted onPosted 30+ Days Agojob requisition idR-11464At Gensler, we design for people. We leverage our global perspective and local presence to innovate at every scale. We’re not just designers. We’re tinkerers, craftspeople, visionaries, innovators, and thought leaders. Fueled by passion and entrepreneurial spirit, our people bring new ideas to solve the world’s most challenging problems, like designing a more resilient, inclusive, and equitable future for our communities and cities.Our people-centered, “People First” culture and “One Firm-Firm” motto promotes integrated teams that unite to shape the future of cities. Gensler’s vision is to “Create a Better World through the Power of Design,” and we do that by our deep commitment to our clients and by fostering a collaborative, diverse, and inclusive environment that enables our people to create impactful solutions together.Your RoleGensler leverages the power of design to make a better world: as a Senior Cyber Threat & Vulnerability Analyst, you will develop a holistic and actionable cyber threat and vulnerability intelligence program for all of Gensler's information technology services. You will be the main point of contact for all threat and vulnerability scanning on all internal and external business operation services, along with any client-hosted services. You must stay current and utilize various machine-learning Intrusion detection and prevention systems. You will also be a trusted cybersecurity adviser to all of Gensler's business operations areas.***This position is on-site and can be located in either our Los Angeles or Oakland, CA office***What You Will DoDevelop new and support existing security analytic systems such as automated log review and IDS/IPS deployments.Identify and resolve cybersecurity threats to the global firm and strive to protect the firm from anticipated threats.Create and apply machine learning algorithms to ensure a low signal/noise ratio, maximizing the impact of a small team.Work with the rest of Gensler’s systems administrative staff to shape Windows domain policy and workstation application policy and ensure Windows and Linux servers align with enterprise goals.Maintain tools and best practices in advanced persistent threats, Tools, Techniques, and Procedures (TTPs) of attackers, and forensics and incident response.Experienced with the Diamond Model, Mitre Attack Framework, and the Cyber Kill Chain.Process, analyze, and research cyber threats to provide actionable threat intelligence, including adversary indicators of compromise, techniques, tactics and procedures, behaviors, exploited vulnerabilities, and trends to help defend Gensler.Identify and hunt for related TTPs across all internal/external repositories.Correlate collected intelligence to build upon a more extensive tracked threat activity knowledge base.Penetration Testing when required on Gensler services.Additional tasks as required.Your QualificationsAn employee-owned company, Gensler is social, collaborative, and entrepreneurial - authority comes from the team, not a given individual. Our top candidate will have strong social and communication skills, a collaborative attitude, and demonstrate strong technical acumen.Due to government contracts and facility work, US Citizenship is required.US Government security clearanceAs this person will be managing sensitive information, successful completion of a background check is required.Demonstrably strong written & verbal communication skills in the English languageFive years of experience in IT Security experience in an enterprise-distributed environment (three of the five years detecting and remediating vulnerabilities)Knowledge of Patch Management and Vulnerability Management and the difference in processes needed to remediate vulnerabilities.A deep understanding of IOCs, threat hunting, APTs, cyber-crime, and associated tools, tactics, and proceduresThree years of experience in the consumption, processing, and analysis of tactical Cyber Threat Intelligence (CTI) within an operational environment, supporting monitoring, detection, and response capabilitiesExperienced with vulnerability scanning applications (Nexpose, Nessus, Qualys)Experience utilizing various threat intelligence platforms such as Mandiant or Record FutureOne or more industry certifications (such as GIAC CTI, Web Application Penetration Tester certification such as GIAC GWAPT, CompTIAA+, CompTIA CySA+, CompTIA Security+)Demonstrable ability to read a security assessment report, prioritize vulnerabilities and provide countermeasure recommendations in real-time.Demonstrate an advanced understanding of information security concepts.Comfortable performing systems administration in a social environment24/7/365 availability to collaborate with your team to remediate a security incident.Three years of experience in network and web application penetration testing tools and techniques.Three years of experience with Incident Response, Enterprise security controls, and Intrusion AnalysisThree years of experience evaluating host and network forensic reports of electronic media, packet capture, log data analysis, malware triage, and network devices in support of intrusion analysis or enterprise-level information security operationsAble to do light work, including lifting 10 lbs, with most of the day being sat, standing, or walking.**The base is estimated between $105k-$120k and will also include bonuses and benefits and is contingent upon relevant experience.  Life at GenslerGensler is committed to Diversity, Equity and Inclusion. Through our Five Strategies to Fight Racism, we continue to create a just and equitable future for our colleagues and our communities with our clients. We are a solid voice for social change as we impact people’s lives and fight racism. At Gensler, we celebrate diversity and are committed to creating an inclusive workplace environment.At Gensler, we are as committed to enjoying life as we are to delivering best-in-class design. From curated art exhibits to internal design competitions to “Well-being Week,” our offices reflect our people’s diverse interests. We encourage every person at Gensler to lead a healthy and balanced life. Our comprehensive benefits include medical, dental, vision, disability, wellness programs, flex spending, paid holidays, and paid time off. We also offer a 401k, profit sharing, employee stock ownership, and twice annual bonus opportunities. Our annual base salary range has been established based on local markets. As part of the firm’s commitment to licensure and professional development, Gensler offers reimbursement for certain professional licenses and associated renewals and exam fees. In addition, we reimburse tuition for certain eligible programs or classes. We view our professional development programs as strategic investments in our future.#LI-MR1