CSAA Insurance Group

Threat Intelligence Analyst

Security Analyst in Phoenix, AZ

Posted 2019-11-07

Why join us?

Impact. Join us in reinventing CSAA Insurance Group, a AAA Insurer and deliver solutions across 23 states and the District of Columbia. Work and learn alongside your Team Members at start-up speed and agility to create real and meaningful change

Recognition. We offer a competitive compensation package including base salary, both annual and long-term lucrative performance bonuses, benefits, and 401(k) Company match with additional discretionary contribution potential.

Lifestyle. We do honorable work, and we practice our values: respect, integrity, teamwork, and service

What you'll do:

The CSAA Cyber Defense Services Threat Intel Group is responsible for developing actionable intelligence on advanced cyber threats to our services and our customers. We collect indicators and intelligence from a variety of internal and external sources and use that information to develop an understanding of high grade actors and their tools, techniques, and procedures. We then bring to bear that understanding to purposefully identify and mitigate malicious activity.

Perform deep dive analysis of malicious artifacts.
Analyze large and unstructured data sets to identify trends and anomalies indicative of malicious activities.
Translate Cybersecurity data points to an output report
Create security techniques and automation for internal use that enable the team to operate at high speed and broad scale.
Provide situational awareness on the current threat landscape and the techniques, tactics and procedures associated with specific threats.
Pursue actionable intelligence on current threats as they relate to CSAA IG.
Periodic on-call responsibilities.
What you've done:

The successful candidate will be required to analyze indicators to generate actionable intelligence and insight into current threats. He or she will help enhance our capabilities by formulating new analytic techniques and working across teams to drive the supporting capabilities. A deep understanding of current APT actors and TTPs as well as experience performing question driven analysis is required. Candidates should have a solid grasp of network and host based indicators and how to best use them. He or she should be able to script and help automate recurring tasks to improve the overall effectiveness of the team. An understanding of operating systems internals will be an asset.

Knowledge, Skills and Abilities


Experience with finished intelligence reporting
Strong knowledge of common vulnerabilities and exploitation techniques.
Understanding of basic network, platform and authentication technologies such as LDAP and TCPIP.
Proficiency with at least one scripting language (e.g.: Perl, Python, PowerShell)
Ability to weigh business needs against security concerns and articulate issues to management.
Experience with vulnerability assessment and policy compliance tools
Experience Network, operating system, and application security tools sets.
Able to work with a changing schedule that includes standard or non-standard business hours of work.
Solid understanding and technical expertise in security architecture
Education, Certifications and nice to haves:

BS degree in Computer Science, MIS, Computer Engineering, or 5+ years equivalent technology experience.
2 years experience with tracking APT groups and other high grade threats.
2 years experience in system, network, and/or application security.
2 years experience building automated tools in C, C++, Java, Python, Perl, PowerShell, or Ruby.
1 year experience with SQL or other query languages.

GCIH Certification
CSAA Insurance Group offers many benefits, including:

Comprehensive health care plans, including medical, dental, vision, and tax-deferred spending accounts.
Employee assistance, healthy pregnancy and wellness programs.
Paid time off, plus nine paid holidays and 24 hours of volunteer time off.
401(k) plus company matching up to 6% and a cash balance pension program.
Paid training, tuition reimbursement, self-service training and career development opportunities.
Be part of a community that works:

At CSAA Insurance Group, we take pride in our values-based culture. Helping our employees have enriched lives and satisfying careers is how we work. Our employees appreciate the integrity and inclusion that is evident throughout our everyday interactions. We respect the diverse range of perspectives, backgrounds and cultures of our teams, and join together when it comes to helping our members, community or one another.

Headquartered in Walnut Creek, California, our community also works in Arizona, Colorado, Nevada, New Jersey and Oklahoma. Learn more about us at CSAA-Insurance.aaa.com/careers

Please submit your application to be considered. We communicate via email, so check your inbox to ensure you don’t miss important updates from us.

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

Must be authorized to work in the United States

Ready to be seen?

Apply now to have the opportunity to be considered for similar jobs at leading companies in the Seen network for FREE.

Be seen in a new Security Analyst job

Skip the search

Zero stress and one profile that can connect you directly to 1000s of companies.

Best-fit jobs—for you

We’ll take it from there. After you tell us what you’re looking for, we’ll show you off to matches.

Free Career Coaching

Boost your interview skills, map your tech career and seal the deal with 1:1 career coaching.

You get tech. We get you.

Join now and be seen.