Chevron is one of the world's leading energy companies, with approximately 60,000 employees working in over 100 countries around the world. We explore, produce and transport crude oil and natural gas; refine, market and distribute fuels and other energy products; manufacture and sell petrochemical products; generate power; and develop future energy resources, including biofuels and geothermal energy.
Chevron is seeking a dynamic team individual for the Technical Intelligence and Analytics team within the Cyber Threat Analysis and Monitoring organization. The technical intelligence analyst will conduct analysis and operations involving network forensics, malware analysis, advanced detection methods, and hunting activity for indications of compromise. The analyst will use information collected from a variety of private and public sources to identify, analyze, and report events that occur or might occur within Chevron's global network infrastructure in order to protect information, information systems, and networks from cyber threats.
Chevron is accepting online applications for the position of Senior Information Security Analyst located in Houston, TX through June 26, 2014 at 11:59 p.m. (Eastern Standard Time).
Responsibilities for this position may include but are not limited to:
Conduct analysis of malicious code and documents through behavioral analysis or reverse engineering.
Conduct cursory and in-depth computer forensic investigations on remote devices in an effort to identify unknown intrusions through indicators of compromise, and identify and track internal lateral movement.
Perform enterprise wide network traffic analysis, correlate data (log events) and perform network forensics on to identify security incidents.
Create IPS signatures to detect malicious network traffic.
Perform open source intrusion profiling and campaign tracking for malware code base, extracted code artifacts, and domain/IP address infrastructures.
Research and track new exploits and cyber threats.
Interact with security community to obtain technical threat intelligence.
Implement and maintain internal team tools such as malware sandboxes, malware repositories, indicator databases, honeynets, and various internal custom toolsets.
Create ad-hoc scripting tools, YARA signatures, various modules and plugins for security related products, which assist in malware/network/host analysis, tracking Internet based activities and expediting various security related tasks.
Form and articulate expert opinions based on analysis through report writing, and internal and external briefing for various levels of management.
Work closely with CIRT and the Technical Intelligence team to ensure events are processed and triaged correctly and efficiently.
Contribute and help build advanced technical analysis and data analytics strategies in conjunction with other teams and stakeholders
Draft accurate and timely technical intelligence reporting and will work closely with threat intelligence for the blending of technical findings with threat information
Provide creative and innovative solutions and serve as a thought leader.
Maintain relationships with key executives, companies, and a network of professional organizations or affiliations within the malware, security and forensic technology industry.
3-10 years experience performing in-depth computer forensics, malware analysis, and investigating a wide variety of incidents such as targeted campaign intrusions, network intrusions, web defacements, malicious emails, root and user level compromises, worms, botnet infections and other anomalous activity.
In-depth knowledge of TCP/IP and networking concepts, and hands-on experience with network monitoring tools (e.g., tcpdump, Wireshark).
Hands on experience working with cyber-attacks, persistence threats, different types of malware families, and DDoS activity.
Experience in researching and investigating exploits and system vulnerabilities.
Ability to work with diverse, integrated, deliverable-driven teams to accomplish the larger mission.
Be a humble expert.
Able to create and publish in-depth technical reports and executive briefs on computer/network intrusions, intrusion attempts and brief senior leadership.
Proven understanding and in-depth knowledge of Microsoft platforms and administration.
Knowledge and hands on experience with regular expressions and other scripting languages (e.g., Perl, Python, Unix/Linux shell, Windows Scripting Host.
Experience with Intrusion Detection Systems (e.g., Snort/Sourcefire) and writing specialized and unique detection signatures.
Ability to articulate technical concepts to non-technical consumers clearly and concisely.
Good writing and communication skills.
Able to work occasional nights and weekends (when necessary).
Demonstrated capability to work with little management oversight must have strong personal initiative.
Have a strong desire to grow technically and professionally.
Work in high pressure situations and within a team environment.
Familiarity with offensive attack sequences and defensible security.
Experience with writing and editing technical documentation and operational procedures.
Experience with Lean IT/Lean Six-Sigma.
Working with visualization software such as Maltego, and i2.
Working knowledge of desktop word processing and communications software (Microsoft Office, Visio, Project, PowerPoint, Excel, etc.)
Possession of one or more industry standard certification such as CISSP, CISM, GCIH, CEH, GCFA, and GREM.
Relocation may be considered within Chevron parameters.
Expatriate assignments will not be considered.
Chevron regrets that it is unable to sponsor employment Visas or consider individuals on time-limited Visa status for this position.
Chevron - 30+ days ago
copy to clipboard -
Chevron is one of the world's leading energy companies, with approximately 60,000 employees working in countries around the world. We...