ISAC Analyst


The Retail Cyber Intelligence Sharing Center (R-CISC) is the single most trusted cybersecurity community for retail, with the combined power of worldwide leading brands combatting consumer threats. The R-CISC supports traditional retailers, online commerce, wholesalers, restaurants as well as the food service industry, entertainment, lodging, professional sports leagues and organizations providing other consumer services. The R-CISC membership represents over $1 Trillion in annual revenues in sectors that contribute over $5 Trillion of the United States economy. The R-CISC supports its members by enabling information sharing, providing community-driven threat intelligence and developing industry-specific research, and ongoing, peer-driven and professional education and training opportunities available virtually or through the R-CISC’s in-person events.

The ISAC Analyst reports to the Intelligence Director and is responsible for support of the organization’s objectives to deliver member value, drive growth and build awareness of the R-CISC’s mission, values, and model as the trusted cyber security community for information security professionals in retail worldwide.


  • Collaborate and share information with R-CISC members on a daily basis
  • Identify and prioritize emerging threats and potential attack campaigns
  • Build contextual threat analysis using open and private intelligence sources
  • Produce or contribute to the development of in-depth situational intelligence briefs covering emergent threats and attack campaigns
  • Produce threat bulletins that keep customers informed
  • Define threat intelligence collection, analysis and presentation requirements to drive continuous improvement and enhanced capabilities
  • Maintain and grow subject matter expertise and trust group connections
  • Support technologies and systems that comprise the R-CISC’s sharing platform and contribute to the threat analysis resources

Key Objectives

  • Perform daily operational activities related to information sharing and analysis for threat information to enable R-CISC Member sharing
  • Identify trends and behaviors that can help R-CISC Members prioritize detection and response to critical threats
  • Contribute to the production of R-CISC Threat Intelligence products and reports


Contact Dan Holden, Intelligence Director at

Required Skills and Experience

  • An understanding of how threat actors exploit vulnerabilities in networks, protocols, operating systems, and applications, including malware, social engineering, and other hacking methods
  • Exposure to and familiarity with different malware families, botnets, threats by sector, and various attack campaigns
  • Experience collecting, analyzing, and validating Open Source Intelligence
  • Demonstrable prior experience creating and publishing complex technical information security content for external consumption, as an individual contributor and in a collaborative context
  • Excellent verbal skills including the ability to communicate effectively when working remotely
  • Ability to produce when working independently with minimum structure and supervision
  • Ability to take on additional tasks as incidents arise and demand warrants
  • Be capable of achieving a security clearance

Preferred Skills and Experience

  • Foreign language fluency a plus, preferably Chinese (Mandarin/Other) or Russian
  •  Prior experience in an operational security role, preferably incident response or experience with common host and network security tools
  • Ability to network traffic generated by malware
  • Experience working within the retail industry, or for retail industry clients
  • Existing security clearance a plus


Bachelor of Science in Computer Science preferred