U.S. Bank Senior Cyber Threat Intelligence Analyst - Telecommute in Austin, Texas
At U.S. Bank, we're passionate about helping customers and the communities where we live and work. The fifth-largest bank in the United States, we’re one of the country's most respected, innovative and successful financial institutions. U.S. Bank is an equal opportunity employer committed to creating a diverse workforce. We consider all qualified applicants without regard to race, religion, color, sex, national origin, age, sexual orientation, gender identity, disability or veteran status, among other factors.
Job DescriptionRole SummaryThe Sr. Cyber Intelligence Threat (CTI) Analyst has deep experience with and understands various methods of using publicly available data to recognize relationships between individuals, businesses, and other entities. A CTI Analyst possess a solid sense of ethics, a working knowledge of legalities and a familiarity of industry standards surrounding open-source intelligence gathering.
The Sr. CTI Analyst will focus on collections aligned to established requirements, enrichment, and analysis of phishing, malware, and exploitable vulnerabilities. The candidate should have strong computer, language skills, and analytical abilities. The analyst will work on assignments that are varied and frequently require interpretation and independent determination of the appropriate courses of action.
The Sr. CTI Analyst will work within the Cyber Threat Intelligence team in Information Security Services’ Threat Informed Defense department. The position includes understanding department, segment, and organizational strategy and operating objectives, including their linkages to related areas.
ResponsibilitiesMapping out malicious internet infrastructure and identifying additional, related assets.
Analyze activity associated with both successful and unsuccessful intrusions by advanced attackers.
Researches Internet sources and threat intelligence databases to try and find evidence in customer logs.
Understanding what information can and cannot be gleaned from various social media services around the world.
Actively participate in the development, documentation, and implementation of new processes to expand and mature capabilities for the organization.
Thrive in culturally diverse research matters and be aware of cultural, social, and linguistic norms that may impact findings. (Fluency or proficiency in multiple languages a plus) ensures that threats and vulnerabilities to the organization's business systems and applications (both in-house and cloud-based) are minimized.
Essential Job FunctionsReview and analyze open source datasets to find threat information and use it to provide value to U.S. Bancorp.
Create and deliver technical alerts and vulnerability notifications.
Gather and record key indicators and information about threat infrastructure and campaigns.
Collect intelligence based on established requirements and fully analyze based on operational procedures.
Prepare assessments and cyber threat profiles of current events based on collection, research and analysis of open source information.
Provide intelligence support during incident response and forensic security investigations.
Process and enrich information to ensure timely, actionable, high confidence IOC's are ingested and shared with key stakeholders.
Conduct detailed technical analysis supported by industry accepted threat intelligence analytical frameworks, tools, and standards.
Work with peers to develop and test technology integrations used for automation and enrichment.
Apply technical knowledge of security architectures, tools and controls to proactively detect, mitigate, and resolve advanced cyberattacks and/or threats.
Develop and maintain threat profiles that can be used in preparation of red team exercises.
Apply knowledge of current cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks.
Maintain or develop professional contacts in the various communities in support of operations.
Required QualificationsSubject matter expertise (SME) in the analysis of sophisticated threat actors, their TTPs and associated malware.
Required: BA/BS degree in IT, Computer Science, Intelligence or equivalent. Candidates without a degree are encouraged to apply and will be assessed on a case by case basis related to their work experience and accomplishments.
A minimum of BA/BS and nine (9) years or more cybersecurity experience; Masters and seven (7) years or more cybersecurity experience ; PhD and four (4) years or more cybersecurity experience. This experience can include one or more of the following cyber-security functions: Cyber Threat Intelligence, Threat Hunting, System Administration, Intrusion Detection/Prevention, Monitoring, Incident Response, Digital Forensics, Vulnerability Management. A minimum of 3 years of experience in operational or tactical cyber threat analysis in aggregate is required.
Holds certifications such as GCTI, GREM, OSCP or similar training and certification. Other certifications considered on a case by case basis.
Prior experience as a technical subject matter expert that has worked across organizational boundaries to analyze threats to their organization’s infrastructure and services.
Preferred QualificationsWorking knowledge of: Advanced cyber threats, threat vectors, attacker methodology to include, tools, tactics, and procedures and how they tie into Cyber Kill Chain or ATT&CK framework, Diamond Model etc.
Cloud services and their attack surface.
Malicious code and how technical vulnerabilities are exploited.
Python, Ruby, VBScript, and PowerShell programming skills highly desirable.
Experience with: Malware detection and analysis using static and dynamic malware analysis methods.
Commercial threat intelligence tooling and/or open source intelligence techniques.
Disseminating information in accordance with TLP classification and handling protocols, to the sector through the appropriate mechanisms.
Developing tools to enhance cyber-threat intelligence capabilities.
Monitoring or understanding deep dark web forums is a plus.
Benefits: Take care of yourself and your family with U.S. Bank employee benefits. We know that healthy employees are happy employees, and we believe that work/life balance should be easy to achieve. That's why we share the cost of benefits and offer a variety of programs, resources and support you need to bring your full self to work and stay present and committed to the people who matter most - your family.
Learn all about U.S. Bank employee benefits, including tuition reimbursement, retirement plans and more, by visiting usbank.com/careers.
EEO is the Law Applicants can learn more about the company’s status as an equal opportunity employer by viewing the federal EEO is the Law poster.
E-Verify U.S. Bank participates in the U.S. Department of Homeland Security E-Verify program in all facilities located in the United States and certain U.S. territories. The E-Verify program is an Internet-based employment eligibility verification system operated by the U.S. Citizenship and Immigration Services. Learn more about the E-Verify program.
U.S. Bank is an equal opportunity employer committed to creating a diverse workforce. We consider all qualified applicants without regard to race, religion, color, sex, national origin, age, sexual orientation, gender identity, disability or veteran status, among other factors.