Cyber Threat Research Intelligence Analyst

M&T BankWilmington, DE
1dHybrid
Match Resume

About The Position

Responsible for gathering, analyzing, and interpreting intelligence data to identify potential threats to M&T Bank's security. Uses this information to proactively to inform how Cybersecurity should strengthen defenses, mitigate threats, and enhance security posture. Manages the end-to-end indicator of compromise (IOC) lifecycle (intake, normalization, enrichment, scoring, dissemination, and retirement) to ensure high-fidelity intelligence reaches security controls quickly and safely.

Requirements

  • Bachelor's degree and a minimum of 3 years’ relevant work experience, or in lieu of a degree, a combined minimum of 7 years’ higher education and/or work experience
  • Minimum of 1 years' experience utilizing tools, techniques, and methodologies analyzing and mitigating cyber-attack stages, including reconnaissance, scanning, enumeration, access escalation, privilege escalation, exploitation, and obfuscation
  • Intermediate understanding of cyber-attack stages, including reconnaissance, scanning, enumeration, access escalation, privilege escalation, exploitation, and obfuscation
  • Working knowledge of Open-Source Intelligence (OSINT) and social monitoring tools, Threat Intelligence Platform (TIP), Darkweb and malware research tools and understands how intelligence is processed and distributed through an IOC pipeline into downstream security controls.

Nice To Haves

  • Understanding of different types of threat actors, and intermediate understanding of motivations and methodologies
  • Industry recognized cybersecurity or technology certifications
  • Technical understanding of networking and routing protocols, services, structures, architecture, and designs supporting modern communication networks
  • Experience evaluating, analyzing, and synthesizing large quantities of data which may be fragmented and contradictory and accurately determining the potential range and scope of threats.
  • Experience designing or operating IOC processing pipelines
  • Experience integrating intelligence with Security Incident and Event Management (SIEM) and Endpoint Detection and Response (EDR) workflows and validating efficacy via telemetry (hits, false positives, decay).
  • Experience establishing IOC governance and measurement.
  • Understanding of financial crimes and how threat intelligence can assist in its mitigation.

Responsibilities

  • Independently collect and analyze intelligence data from various sources identify relevant information, and report findings to senior analysts and leaders for further review.
  • Define and maintain indicator quality standards (source reliability, scoring, false-positive handling, freshness/decay) and ensure governance is applied consistently
  • Monitor the IOC lifecycle: intake, normalization, de-duplication, enrichment, confidence scoring, deconfliction, expiration/TTL, and feedback loops.
  • Operationalize IOCs by partnering with Cybersecurity Operations Center/Hunt/Detection Engineering teams to convert intelligence into detections, blocklists, and response actions.
  • Document clear and concise threat intelligence findings into standardized format to incorporate into threat intelligence briefings for broader Cybersecurity team or leadership.
  • Contribute insights from internal analysis for intelligence sharing initiatives with other organizations, information sharing groups, and industry groups.
  • Analyze historical data and patterns to anticipate future threats and recommend proactive techniques to strengthen defenses.
  • Attribute observed activities to a specific threat actor or group based on known tactics, techniques, and procedures.
  • Monitor current events and emerging technologies to recognize potential correlations with evolving threat landscape, and communicate to cybersecurity teams to adjust internal technologies, policies, and procedures.
  • Engage with vendors for routine security products or solutions support.
  • Identify opportunities for tuning and development of threat intelligence platform’s rules, alerts, and correlation logic and share with security engineering.
  • Manage day-to-day operations of threat intelligence systems, ensuring they are calibrated and functioning as needed.
  • Collaborate across Cybersecurity and Technology to ensure appropriate threat intelligence is received and shared.
  • Understand and adhere to the Company’s risk and regulatory standards, policies, and controls in accordance with the Company’s Risk Appetite.
  • Design, implement, maintain, and enhance internal controls to mitigate risk on an ongoing basis.
  • Identify risk-related issues needing escalation to management.
  • Complete other related duties as assigned

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Mid Level

Number of Employees

5,001-10,000 employees

Job Search Resources

Similar Cyber Threat Research Intelligence Analyst job opportunities

Cyber Threat Research Intelligence Analyst
M&T Bank
M&T Bank • Wilmington, DE2d • Hybrid
Cyber Threat Research Intelligence Analyst
M&T Bank
M&T Bank • Buffalo, NY2d • Hybrid
Cyber Threat Intelligence Research Analyst
ThreatLocker
ThreatLocker • Orlando, FL2d • Onsite
🔥 New JobCyber Threat Research Intelligence Analyst
M&T Bank
M&T Bank • Buffalo, NY1d • Hybrid
Cyber Threat Intelligence Analyst
AIG
AIG • Atlanta, GA10d • Onsite
Cyber Threat Intelligence Analyst, Senior
Booz Allen Hamilton
Booz Allen Hamilton • Arlington, VA1d • $99,000 - $225,000
Explore More Jobs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service