State Street is seeking a senior intelligence analyst to conduct all source cyber intelligence analysis and reporting operations within the Cyber Threat Intelligence (CTI) Team. The ideal candidate will exhibit an innovative mindset and proven capacity for identifying, analyzing, and reporting cyber threats related to the financial sector and to State Street. Duties will include maintenance of the threat model, conducting threat hunting across the network utilizing the ATT&CK Framework, conduct research, perform analysis, build and present briefings and reports. In this role, the candidate will use their understanding of attack vectors to seek out threats looking to exploit the network. We are looking for creative thinkers and a self-starter who possess the skills and experience to lead teams and build new capabilities.
Who are we looking for:
A Senior Cyber Threat Intelligence Analyst analyze and respond to cyber threats confronting State Street. CTI staff analyzes cyber threats related to the financial sector and applies this analysis to SOC operations, threat modeling, threat hunting, and business needs while ensuring that senior leaders are advised of current and ongoing threats.
What will you be responsible for:
Performing analysis, creating and presenting briefings, developing intelligence reports and threat assessments.
Leading investigations and providing support to the incident response team.
Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack.
Provide critical input and decision support to shape our threat detection program (e.g. new detection methods & tuning).
Influence enhancements to preventative and detective controls.
Design, maintain, and implement cyber threat hunt initiatives using ATT&CK framework.
Participate in incident response preparedness exercises (e.g. table tops & cyber ranges).
Participate within cyber and financial services industry groups (FS-ISAC, ARC, ACSC, etc.)
Act as a backup incident response resource.
What we value:
Ability to lead and conduct investigations and report findings to leadership.
Ability to analyze cyber threats and vulnerabilities.
Knowledge of adversarial tactics, techniques, and procedures.
Knowledge of incident response and handling methodologies.
Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
Knowledge of threat modeling and hunting techniques, tools and operational procedures.
Familiarization of the MITRE ATT&CK Framework.
Knowledge of IT architecture and operations (computing, network, storage & cloud)
Knowledge of computer networking concepts and protocols, and network security methodologies
Ability to work well with others and under pressure.
Knowledge of responding to audit and regulatory requirements.
Exercise development to include writing scenarios and injects as well as coordinating tests.
Education & Preferred Qualifications
5+ years in a SOC or incident response, threat hunting, forensics or similar role
BS in Cyber Security, Information Systems, Information Technology, or Computer Science preferred
Security certifications a plus: GCIH, CISSP, CEH, OSCP
IT certifications a plus: Cisco, Microsoft, etc.
Software development and/or scripting experience a plus: Python, Powershell, etc.
Financial services experience preferred
On call rotation