Cyber Threat Intelligence Analyst

Job Description

Attention NJ Applicants: In April 2020, our Company announced plans to consolidate our New Jersey campuses into a single New Jersey headquarters location in Rahway, NJ by 2023. Therefore, the NJ work location for this role will be temporarily based and the exact timing of the departmental move to Rahway, NJ will be communicated at a future date.

Our IT team operates as a business partner proposing ideas and innovative solutions that enable new organizational capabilities. We collaborate internationally to deliver the services and solutions that help everyone to be more productive and enable innovation.

Our Cyber Fusion Center teams and hubs operate as collaborative cybersecurity partners. We liaise with business partners in order to propose ideas and innovative solutions that reduce risk and enable new organizational capabilities. We operate internationally to deliver the transformative, cutting-edge services and solutions that enable productivity and innovation.

Summary:

This position will reside within our companies Cyber Fusion Center (CFC). The Cyber Threat Intelligence (CTI) team leverages technical and analytic tradecraft to assess cyber risks for relevance to our company. The CTI analyst will work as part of a globally distributed team to identify and analyze cyber threats, reporting on actionable intelligence and working closely with other teams both within the CFC and without.

Key Responsibilities:

• Monitor a range of data sources to collect, analyze, and disseminate actionable threat intelligence to internal audiences including senior management, business stakeholders, and other operational teams such as Threat Defense Operations (TDO), Incident Response, and Vulnerability Management.
• Develop, review/edit, and produce written tactical and strategic intelligence reports that illuminate trends and provide an actionable assessment of the cyber threat landscape.
• Track and profile threat actors assessed to present risk to our company and the pharmaceutical industry, documenting the Tactics, Techniques, and Procedures (TTPs) and tooling they employ throughout the entire attack lifecycle, and mapping this data to the MITRE ATT&CK framework to assist the organization in detecting and blocking adversarial behavior.
• Collect, analyze, and process technical threat intelligence in the form of Indicators of Compromise (IOCs), working closely with the threat hunting team (TDO) to provide contextual enrichment.
• Work with industry peers as well as partners within federal government and law enforcement to facilitate information sharing.
• Review and refine alerts and monitor the Deep and Dark Web including underground forums and marketplaces, as well as open platforms including social media and other sources for intelligence.

Education:

• BA or BS degree in International Relations, Security Studies, Intelligence Studies, Political Science, Cyber Security, or a related field.

Requirements:

• Experience with collecting, analyzing, and interpreting qualitative and quantitative data from different sources to independently produce and articulate coherent assessments.
• Experience with or ability to work as part of a globally dispersed team adhering to a Follow-the-sun model of coverage.
• Ability to multi-task and work independently to meet tight deadlines in a fast-paced environment.
• Basic familiarity with IT, networking, and/or cyber security concepts and the current threat landscape (e.g. APTs, nation state actors, cyber crime and actors, hacktivists, common attack vectors, DDoS).

Desired Experience and Skills:

• Experience with all-source research and analysis related to intelligence, international relations, or cyber policy and/or cyber regulations relevant to the private sector.
• Experience producing finished written products and delivering briefings to large audiences including senior leadership.
• Knowledge of Advanced Persistent Threats (APTs) and state-sponsored cyber adversaries.
• Knowledge of ransomware actors and cyber criminal motivations, TTPs, and the broader cyber crime landscape.
• Familiarity with analytic tradecraft and methodologies, including the intelligence lifecycle, structured analytic techniques and Analysis of Competing Hypotheses (ACH).
• Familiarity with or working knowledge of cybersecurity frameworks and methodologies including the Diamond Model of Intrusion Analysis, MITRE ATT&CK, and the Cyber Kill Chain.
• Previous experience working with SIEM technologies, such as Splunk, and/or Maltego is desirable.
• Familiarity with or understanding of Industrial Control System (ICS) / Operational Technology (OT) environments is a plus.

RAHWAYCYBER

Our Support Functions deliver services and make recommendations about ways to enhance our workplace and the culture of our organization. Our Support Functions include HR, Finance, Information Technology, Legal, Procurement, Administration, Facilities and Security.

Who we are …

We are known as Merck & Co., Inc., Rahway, New Jersey, USA in the United States and Canada and MSD everywhere else. For more than a century, we have been inventing for life, bringing forward medicines and vaccines for many of the world's most challenging diseases. Today, our company continues to be at the forefront of research to deliver innovative health solutions and advance the prevention and treatment of diseases that threaten people and animals around the world.

What we look for …

Imagine getting up in the morning for a job as important as helping to save and improve lives around the world. Here, you have that opportunity. You can put your empathy, creativity, digital mastery, or scientific genius to work in collaboration with a diverse group of colleagues who pursue and bring hope to countless people who are battling some of the most challenging diseases of our time. Our team is constantly evolving, so if you are among the intellectually curious, join us—and start making your impact today.

NOTICE FOR INTERNAL APPLICANTS

In accordance with Managers' Policy - Job Posting and Employee Placement, all employees subject to this policy are required to have a minimum of twelve (12) months of service in current position prior to applying for open positions.

If you have been offered a separation benefits package, but have not yet reached your separation date and are offered a position within the salary and geographical parameters as set forth in the Summary Plan Description (SPD) of your separation package, then you are no longer eligible for your separation benefits package. To discuss in more detail, please contact your HRBP or Talent Acquisition Advisor.

New hires in office-based roles in the US & Puerto Rico will be required, subject to applicable law, to demonstrate that they have been fully vaccinated for COVID-19 or qualify for a medical or religious exemption to this vaccination requirement that can be accommodated without an undue burden to the operation. However, subject to applicable law, employees working in roles that the Company determines require routine collaboration with external stakeholders, such as employees in health services, customer facing commercial, or research based roles, will be required to be fully vaccinated as a condition of employment.

Current Employees apply HERE

Current Contingent Workers apply HERE

US and Puerto Rico Residents Only:

Our company is committed to inclusion, ensuring that candidates can engage in a hiring process that exhibits their true capabilities. Please click here if you need an accommodation during the application or hiring process.

For more information about personal rights under Equal Employment Opportunity, visit:

EEOC Poster

EEOC GINA Supplement​

OFCCP EEO Supplement

Pay Transparency Nondiscrimination

We are proud to be a company that embraces the value of bringing diverse, talented, and committed people together. The fastest way to breakthrough innovation is when diverse ideas come together in an inclusive environment. We encourage our colleagues to respectfully challenge one another’s thinking and approach problems collectively. We are an equal opportunity employer, committed to fostering an inclusive and diverse workplace.

Residents of Colorado:

Click here to request this role’s pay range.

Search Firm Representatives Please Read Carefully 
Merck & Co., Inc., Rahway, NJ, USA, also known as Merck Sharp & Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company.  No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails. 

Employee Status:

Relocation:

VISA Sponsorship:

Travel Requirements:

Flexible Work Arrangements:

Shift:

Valid Driving License:

Hazardous Material(s):

Number of Openings:

Requisition ID:R190854