Chevron is one of the world's leading energy companies, with approximately 60,000 employees working in over 100 countries around the world. We explore, produce and transport crude oil and natural gas; refine, market and distribute fuels and other energy products; manufacture and sell petrochemical products; generate power; and develop future energy resources, including biofuels and geothermal energy.
Chevron is seeking a dynamic team leader for the Technical Intelligence and Analytics group within the Cyber Threat Analysis and Monitoring organization. The Team lead will provide oversight and leadership for technical disciplines supporting day-to-day advanced network forensics, malware analysis, and “hunting” activity and associated deliverables. The areas of responsibility include the guiding and training of analysts in data-mining techniques, creating and testing unique detection signatures based on relevant threat information, and experience with vulnerability identification. The Lead is expected to meet the competencies of the highest level analyst and is responsible for using techniques and methods to identify and mitigate cyber threats to Chevron’s vast computer network infrastructure.
The lead will possess current technical skills and have experience leading or supporting a technical intelligence team. The lead oversees all production matters and builds advanced technical analysis and data analytics strategies in conjunction with other teams and stakeholders. The lead is responsible for all accuracy, timeliness, and validity of all technical intelligence reporting and works closely with threat intelligence for the blending of technical findings with threat information. They will possess excellent managerial skills, consistent with requirements of senior-level managers, and interacts with others from executive level down throughout the company in structured and unstructured situations. The lead will set priorities, goals, and deadlines, and makes determinations on how to plan and accomplish the teams work.
Chevron is one of the world's leading energy companies, with approximately 60,000 employees working in countries around the world. We explore, produce and transport crude oil and natural gas; refine, market and distribute fuels and other energy products; manufacture and sell petrochemical products; generate power; and develop future energy resources, including biofuels and geothermal energy.
Chevron is accepting online applications for the position of Lead, Technical Intelligence and Analytics located in Houston, Texas through June 22, 2013 at 11:59 p.m. (Eastern Standard Time).
Responsibilities for this position may include but are not limited to:
Supervises and leads the overall Technical Intelligence and Analytics efforts for Chevron including the development of strategies, programs, and processes to deliver a world-class advanced technical analysis capability
Leads efforts in advanced intrusion detection, malware analysis, packet-level analysis, network forensics, and innovative methods to conduct data-analytics to identify advanced persistent threats and malware that are not detected through routine network monitoring.
Supervises, mentors, and trains analysts and team members and performs performance reviews for all subordinates
Design and operates a malware analysis capability including reverse engineering of malicious code.
Builds and manages “Hunt” capability to find previously undetected malicious cyber activity at both the network and host level using new and innovative methods and techniques.
Establishes a suite of tools, toolkits, systems to conduct advanced cyber threat analysis and data analytics.
Works with key stakeholders and develop strategy to conduct data analytics on existing data sets to identify low and slow, highly sophisticated, and trends in malicious activity.
Oversight over all written technical intelligence products including detailed reporting on network traffic, malware, and vulnerability analysis and ensures timely and accurate product delivery.
Assists in determining appropriate response action required to mitigate risk and assist in providing threat assessment for cyber threats which may impact Chevron networks.
Recognizes potential, successful, and unsuccessful intrusion attempts and compromises through the review and analysis of detailed event and summary information.
Responsible for writing specialized and unique signatures for Intrusion Prevention Systems to include Snort. Trains other analysts in this discipline.
Stays abreast of world-wide events that are indicators of developing trends for situational awareness.
Develops unique strategies and methods for identifying and mitigating malicious activity to include honey pots, traffic sniffers, black-holing, and redirecting of network traffic.
Conduct data tracking and analysis tasks in order to identify computer probes/exploits/attacks as they occur, as well as being responsible for all technical aspects of intrusion detection, triaging of events, and providing substantial input to future security threat countermeasures.
Assists in optimizing SIEM effectiveness by working with Risk Monitoring and Operations to ensure signature quality and fine tuning in collaboration with analysts and developers.
Coordinate activities across the integrated team ensuring that products merge threat and technical intelligence findings
Develops collaborative information and knowledge sharing networks and builds alliances with colleagues and counterparts within and/or across the organization and within the private and public sectors.
Creates and maintains appropriate documentation as needed including SOPs to be used by team members.
Ensures requests for information are answered in a thorough and expedient manner.
Bachelors Degree in Cyber Security, Computer Science, Engineering, Information Security or related studies. An additional 4 years of direct work experience in technical intelligence, malware analysis, forensics, or incident response can be substituted for degree.
Minimum of 8-10 years related Cyber Security and/or Technical Intelligence experience in a global organization. At least 4 years of direct experience in technical intelligence and conducting malicious code analysis.
Extensive hands-on experience with security technologies specifically related to malware analysis, network forensics, and advanced detection methodologies.
Understanding and experience in evaluating and countering the tactics, techniques, and procedures of nation-state, hacktivists, and cybercriminal actors
Advanced knowledge of networking technologies and protocols, including Ethernet, TCP and IP and IP routing, security architecture, and mobile technology.
Demonstrates problem solving and critical thinking capabilities in complex environments.
Experience with Intrusion Prevention/Detection System advanced signature development.
Experience with network monitoring tools (e.g., TCPDump, Wireshark) and experience in traffic analysis and packet inspection.
Ability to document and explain technical details clearly and concisely.
Must possess outstanding written and oral communication skills.
Ability to write analytical information products and clearly articulate findings.
Comfortable communicating with senior management ranging from C-level executives to technical engineers and analysts.
Must be comfortable in a high-tempo operational environment.
Previous experience participating in working groups within the private and public sector.
Ability to successfully lead and manage multiple tasks concurrently on a regular basis.
Ability to work varying work hours and operate in an "on call" status if required.
Minimum of 10 years related Cyber Security and/or technical intelligence experience in a large global organization.
Master’s Degree in Cyber Security, Computer Science, Engineering, Information Security or related studies.
Previous experience building a malware analysis and technical intelligence team.
Previous lead for a technical intelligence and data analytics organization.
Possession of one or more industry standard certification such as CISSP, CISM, GCIH, CEH, and GREM.
Relocation may be considered within Chevron parameters.*LI-DD1
Expatriate assignments will not be considered.
Chevron regrets that it is unable to sponsor employment Visas or consider individuals on time-limited Visa status for this position.
Chevron is one of the world's leading energy companies, with approximately 60,000 employees working in countries around the world. We...