Sr. Cyber Threat Intelligence Analyst

About The Position

Requirements

• 3+ Years Required; 5+ Years Preferred work experience.
• Basic knowledge of SIEM (Security Information and Event Management) tools.
• Ability to run IOCs (Indicators of Compromise) within SIEM platforms for threat detection and investigation.
• Familiarity with APIs for data integration and automation.
• Experience working with Python, Docker containers, and cron jobs.
• Strong knowledge of the cyber threat landscape and OSINT techniques.
• Proficiency in using MITRE ATT&CK, Diamond Model, and Cyber Kill Chain.

Nice To Haves

• Knowledge of zero-day vulnerabilities and writing a report for vulnerabilities along with mitigations/remediations.

Responsibilities

• Determine potential threats, anomalous or malicious activities to network resources by examining and analyzing network traffic.
• Review and conduct cost/benefit evaluation of cloud solutions compared to virtual private networks, dedicated hosting, and in-house solutions.
• Determine the technical feasibility of adopting external cloud based IT platform and infrastructure services within the organization.
• Lead the identification of portions of the organization's IT platform/infrastructure with the highest potential return for cloud deployment.
• Implement the organization's global strategies and initiatives to enhance Information Technology plans, operations and procedures.
• Verify Intrusion Detection System (IDS) alerts as they occur.
• Research and analyze various source data sets and identified malicious activities to analyze the root cause and network weaknesses.
• Discover current weaknesses and exploitation methods, along with the residual effects on IT systems and information through root-cause analysis.
• Review reports and documents regarding security incidents details and outcomes.
• Participate in troubleshooting problems and recommending vulnerability conditions.
• Partner with security architecture, network engineering and desktop delivery on implementing and improving security controls.
• Monitor internal and external threat environments on a continual basis to best protect the organization's assets.
• Discover, identify, and report regularly on significant cyber threats and risks to businesses, governments, and other organizations presented by cyber threat actors and groups originating in global regions.
• Develop and produce intelligence reports focused on intricate fraud events, threats and trends.
• Research and analyze cyber-threat actors, groups, and events to report on threatening tactics, techniques, and procedures (TTPs), behaviors, motivations, sponsorship, and influencing factors.
• Participate in the drafting and dissemination of finished tactical and operational threat intelligence products (reports, briefings, etc.).
• Analyze the likelihood that an emerging threat will impact the organization and identify gaps of weaknesses.
• Provide requirements to influence threat mitigation strategies.
• Manage intelligence/data from vendor, consortium, and law enforcement partners to be consumed for intelligence development.
• Analyze internal risk and security controls to identify existing weaknesses.
• Consolidate cyber threat intelligence feeds and sources.
• Provide threat intelligence support to cybersecurity teams during security incidents.
• Maintain, develop, and continuously evaluate cyber threat intelligence sources to increase effectiveness and timeliness of creating actionable threat assessments.
• Respond to client requests for information (RFIs) and participate in the drafting and production of company threat assessments.
• Engage and develop relationships with peers among TIAA to determine client and industry intelligence requirements, reporting use cases, and feedback on intel products.
• Interact with executives and stakeholders in non-technical terms while accurately encompassing risk, impact, likelihood, containment remediation activities, and threat actor techniques, tactics, and procedures.
• Monitor and analyze the ever-changing cyber threat landscape.

Benefits

• Equal Opportunity Employer.
• Accessibility Support for those needing assistance with the online application process.