Threat Intelligence Data & Engineering Analyst - Digital Threat Monitoring (DTM)

About The Position

Requirements

• Curious self-starters who pay close attention to detail
• Strong communication and presentation skills, both orally and written
• Ability to work well with others and under pressure
• Genuine passion for finding, understanding, and mitigating cyber threats
• Knowledge of threat intelligence cycles and analytic tradecraft
• Basic knowledge of current cyber threats and vulnerabilities
• Working knowledge of the MITRE ATT&CK Framework
• Knowledge of IT architecture and operations concepts (computing, network, storage & cloud)
• Ability to work in an environment with a geographically dispersed team
• Obvious experience (2+ years) in cyber threat intelligence, particularly specializing in external threats (leaked credentials, typosquat domains, deep and dark web investigations, etc.)
• Demonstrated expertise in sourcing and analyzing intelligence from the cybercriminal ecosystem and deep and dark web, as well as open-source intelligence (OSINT) techniques.
• Minimum of 2+ years of experience in successful DNS record analysis and mastery of associated pivoting techniques.
• Minimum of 2+ years of experience monitoring botnet and other cybercriminal data, with a proven ability to use that data to inform timely security operations.
• Strong understanding of the modern cybercriminal ecosystem, including threat actor TTPs, forums, and marketplaces.
• Proven track record of successfully monitoring for potentially leaked data and credentials and taking decisive action to mitigate associated risks.

Nice To Haves

• Related cybersecurity certifications a plus, but not required
• Prior employment at a financial institution or commercial company serving as a leader in a digital threat monitoring or cyber intelligence function strongly perferred.
• Familiarity with brand intelligence activities and challenges across the financial sector is a plus.

Responsibilities

• Follow prescribed processes used for collecting, triaging, and actioning intelligence related to digital threats.
• Conduct frequent (multiple days per week) triage, analyses, and mitigations of alerts related to digital threats impacting State Street.
• Perform monitoring of the digital ecosystem for alleged leaked credentials and compromised data, brand impersonation, and other threats targeting the organization.
• Serve as a subject matter expert (SME) for the Digital Threat Monitoring program, operationalizing processes, tools, and vendor relationships.
• Develop and present executive-level briefings on the digital threat landscape, key findings, and mitigation outcomes to senior leadership.
• Possessing and enhancing technical skills to perform changes to alert and platform configurations, as needed for alert tuning and supporting new use cases.

Benefits

• Employees are eligible to participate in State Street’s comprehensive benefits program, which includes: our retirement savings plan (401K) with company match; insurance coverage including basic life, medical, dental, vision, long-term disability, and other optional additional coverages; paid-time off including vacation, sick leave, short term disability, and family care responsibilities; access to our Employee Assistance Program; incentive compensation including eligibility for annual performance-based awards (excluding certain sales roles subject to sales incentive plans); and, eligibility for certain tax advantaged savings plans.
• For a full overview, visit https://hrportal.ehr.com/statestreet/Home