About the position
The ideal candidate will understand advanced cyber security tools, techniques and procedures, and an acute ability to develop informed and threat-driven analysis of events that are related to the Bank and its interests. The role will require the candidate to interact with multiple teams, to include global 24/7 security and technology teams as well business-facing groups. Other role-specific activities may include researching new threats/cyber related topics, performing discovery, detection, and disruption activities, and developing reports and presenting cyber-related information to various levels of management across the bank. Additionally, the position will require periodic/ongoing analysis of the global threat landscape and would subsequently require recommendations for long-term improvements to strengthen the overall security posture of the Bank, protecting the Bank from threat actors ranging from hacktivists to cyber criminals, to advanced nation-state entities.
Responsibilities
- Develop working relationships and liaise with business partners and subject matter experts across the Bank
- Review and evaluate incoming Cyber Threat information for relevance to the Bank's operational posture, based on established business and intelligence requirements
- Gather, contextualize, and convert threat information into actionable intelligence that can be easily consumed by appropriate group(s) within the Bank
- Leverage the Bank's Security Incident and Event Management (SIEM) capabilities to assess Information Technology (IT) and security-based computer and network logs for the purpose of identifying specific patterns of activity or generating statistical summaries
- Use established workflows to process threat information (i.e., identify, highlight, document, and mitigate Information security (IS) issues and risks)
- Deliver results within given time frames, ensuring work is consistent, well documented, and in-line with team standards
Requirements
- Experience in at least one or more of the following Information Security functions: Identity and Access Management, Information Security Incident and Problem Management, Information Security Governance for business and technology, or Vulnerability Management
- Experience in evaluating, assessing, and contextualizing device and network vulnerabilities
- Experience working with external Threat Intelligence (TI) vendors
- Experience with Splunk or other databases query languages (i.e. Structured Query Language (SQL))
- Experience with basic data and network analysis tools (i.e. Wireshark)
- Bachelor's degree in relevant field
- CompTIA Advanced Security Practitioner certification or Certified Authorization Professional
Nice-to-haves
- Experience working with a multi-cultural and global staff
- Investigative and analytical problem-solving skills
- Self-motivated with ability to work with minimal supervision
- Critical thinking and contextual analysis abilities
Benefits
- A diverse and inclusive environment that embraces change, innovation, and collaboration
- A hybrid working model, allowing for in-office / work from home flexibility, generous vacation, personal and volunteer days
- Employee Resource Groups support an inclusive workplace for everyone and promote community engagement
- Competitive compensation packages including health and wellbeing benefits, retirement savings plans, parental leave, and family building benefits
- Educational resources, matching gift and volunteer programs
