Cyber Threat Intelligence Analyst II
Ro
IT
Remote · New York, NY, USA
Posted on Tuesday, May 23, 2023
Who We Are
Ro is a direct-to-patient healthcare company with a mission of helping as many patients as possible achieve their health goals. Ro is the only company to offer telehealth care, at-home diagnostic testing, labs, and pharmacy services nationwide. This is enabled by Ro's vertically integrated platform that helps patients achieve their goals through a convenient end-to-end healthcare experience spanning from diagnosis, to delivery of medication, to ongoing care. Since 2017, Ro has helped millions of patients in nearly every single county in the United States, including 98% of primary care deserts.
Ro was recognized as a CNBC Disruptor 50 in 2022, listed by Inc. Magazine as a Best Place to Work in 2022 for our third consecutive year, and named one of FORTUNE's 2022 Best Medium Workplaces.
We are looking for a talented Cyber Threat Intelligence Analyst with a threat-focused mindset to join our team. An ideal candidate will know how to synthesize threat data from various sources and correlate it against our organization to produce targeted threat intelligence. They will be comfortable hunting for threat actors in a multi-cloud/multi-OS environment and prototyping detection logic based on the output of those hunts. A preferred candidate will also understand how to emulate adversary behavior in order to assess the efficacy of our security controls. If this sounds like you, we encourage you to apply!
What You’ll Do:
- Provide current, actionable threat intelligence in order to drive comprehensive detection coverage against global/opportunistic and healthcare-specific threat vectors
- Perform threat hunting across a multi-OS/multi-cloud environment
- Perform in detection engineering prototyping and prioritization efforts
- Assist with red team/adversary emulation activities to assess efficacy of existing security controls
- When required, provide intelligence support for security engineering, risk analysis, and incident-response efforts
What You’ll Bring:
- Bachelor’s degree in a technical field, or equivalent work experience.
- 3+ years of experience in a technical cyber threat intelligence role with threat hunting or threat emulation exposure.
- Strong oral and written organizational and interpersonal skills.
- Desired, industry leading certification in DFIR, CTI, or Offensive Security (GCDA, GCFA, GNFA, GCTI, GPEN, or similar certification).
- Excellent analytical process, hypothesis generation, and reporting skills.
- Proficient in SIEM based investigation & notable generation.
- Proficient in network/host based intrusion analysis and cloud native responseIn-depth understanding of MITRE ATT&CK tactics, techniques and procedures and detection engineering prototyping/validation.
- Solid understanding of network protocols and architecture.
- Basic scripting/programming (Python, PowerShell, Bash, etc.) skills.
- Nice to have malware reverse engineering skill sets.
- Nice to have previous Red Team/Adversary Emulation experience
Benefits + Perks:
- Full medical, dental, and vision insurance + OneMedical membership
- Healthcare and Dependent Care FSA
- 401(k) with company match
- Flexible PTO
- Wellbeing + Learning & Growth reimbursements
- Paid parental leave + Fertility benefits
- Pet insurance
- Student loan refinancing
- Virtual resources for mindfulness, counseling, fitness, and physical therapy
Ro recognizes the power of in-person collaboration, while supporting the flexibility to work anywhere in the United States. For our Ro’ers in the tri-state (NY) area, you will join us at HQ on Tuesdays and Thursdays. For those outside of the tri-state area, you will be able to join in-person collaborations throughout the year (i.e., during team on-sites).
At Ro, we believe that our diverse perspectives are our biggest strengths — and that embracing them will create real change in healthcare. As an equal opportunity employer, we are committed to building an inclusive environment where you can be you.
See our California Privacy Policy here.
See more open positions at Ro
Something looks off?