Principal Analyst, Information Security

---

Job description

Solutions driven success.XPO is a top ten global provider of transportation services, with a highly integrated network of people, technology and physical assets. At XPO Logistics, we look for employees who like a challenge and can communicate effectively in all situations. We want to leverage your skills and years of experience to drive positive results while ensuring a bright future for yourself and XPO. If you're looking for a growth opportunity, join us at XPO.As the Principal Analyst, Information Security (Threat Hunter), you'll serve as the lead of the cyber threat hunting functions for the information security team. You'll be responsible for reviewing threat intelligence to plan and conduct proactive threat hunts throughout the enterprise. This role is critical in positioning XPO for long-term success.Pay, benefits and more.We are eager to attract the best, so we offer competitive compensation and a generous benefits package, including full health insurance (medical, dental and vision), 401(k), life insurance, disability and the opportunity to participate in a company incentive plan. What you'll do on a typical day:Gather and utilize threat intelligence to lead relevant hunt missions across the enterprise, working directory with the Cybersecurity Operations Center (CSOC) and Digital Forensics & Incident Response (DFIR) teamsAnalyze threat actor profiles and track threat groups and their associated indicators of compromise and tactics, techniques, and procedures to drive hunting, detection, and prevention effortsDevelop and produce reports on threat hunt findings as well as team metrics and key performance indicatorsReview breaking cyberthreat news and disseminate to appropriate teams to maintain appropriate levels of situational awarenessServe as part of the CIRT (Cyber Incident Response Team), working with other members of the core incident response team and stakeholders throughout the incident response lifecycleWhat you need to succeed at XPO:At a minimum, you'll need:Bachelor's degree or equivalent related work or military experienceMinimum 5 years of related incident response or cyber threat hunting/intelligence experienceKnowledge of the corporate cybersecurity threat landscape, cyber threats and vulnerabilities, system and application security threats and vulnerabilities, and tactics and targets of Nation State actors and APTsExperience working with EDR and SIEM technologies, to include custom content creationFamiliarity with intrusion detection methodologies and techniques for detecting host and network-based intrusions; incident response and handling methodologiesDemonstrated experience with data analysis, documentation and reportingIt'd be great if you also have:Bachelor's degree in Computer Science, Cybersecurity, or a related field, or equivalent work experienceGCIH, GCFA, GNFA, GREM, GHTI or other industry-relevant certification(s)Familiarity with Cloud structure and security monitoring capabilities for GCP, AWS, Azure and O365Advanced incident response skills to include host-based forensics, memory forensics, network forensics, packet capture analysis, and static / dynamic malware analysis. Be part of something bigBe part of something big.We are proud to be an Equal Opportunity/Affirmative Action employer. Qualified applicants will receive consideration for employment without regard to race, sex, disability, veteran or other protected status.All applicants who receive a conditional offer of employment may be required to take and pass a pre-employment drug test.The above statements are not an exhaustive list of all required responsibilities, duties and skills for this job classification.Review XPO's candidate privacy statementhere.