As a Cyber Defense Analyst, you will provide cyber defense services through triage, incident response, threat hunting, and security content development to help protect the Abbott enterprise which includes internal and external computing assets, data, customers and brand reputation. This is a Shift 2 position which indicates a 4x10 (4 day work week / 10 hour days) scheduled for Sunday - Wednesday.

MAJOR RESPONSIBILITIES

•  Triage and respond to cyber-based threats to Abbott and deploy countermeasures as needed.
•  Leverage security technologies and tools, such as SIEM, IDS/IPS, Endpoint Detection and Response (EDR), Security Orchestration, Automation, and Response (SOAR), Network Security Monitoring (NSM), and Cyber Threat Intelligence (CTI) tools to protect the enterprise.
•  Participate in threat hunting missions and remediate gaps that are identified.
•  Contribute to the development of detections using MITRE ATT&CK and defense actions through MITRE SHIELD.
•  Participate in cross-team coordination to achieve defined security goals as well as meet technical requirements in support of detailed implementation plans for security projects.
•  Perform assessment of cybersecurity incidents to identify the root cause, respond, and recover the environment.
•  Compose and deliver Situation Reports for key stakeholders.
•  Contribute to the development and refinement of metrics packages.
• • Support the advancement of Abbott’s cyber threat intelligence to ensure consistent detection, analysis, response, and monitoring of cybersecurity threats including actors, campaigns and vulnerabilities.

•  Be a team player committed to the mission and continuous development of the Cyber Threat Action Center, peers, and Abbott customers.
• 1+ years of experience directly related to the area of incident response, digital forensics, malware analysis, threat hunting, or cyber threat intelligence; OR 2+ years of experience related to information technology
•  Bachelor’s degree preferred but will consider applicable work experience as it translates to an equivalent degree.
•  Experience with programming and scripting languages, preferably Python and PowerShell.
•  Strong written and verbal communication skills; must be able to effectively communicate to all levels of staff up to executive-level management, customers (internal and external), and vendors.
•  Be available for on-call duty to handle high-impact cybersecurity incidents.
•  Be driven for personal development through security conferences, Capture the Flags (CTF), lab time and research.