U.S. Bank Sr Cyber Threat Intelligence (CTI) Analyst - Fusion Center in Sacramento, California
At U.S. Bank, we're passionate about helping customers and the communities where we live and work. The fifth-largest bank in the United States, we’re one of the country's most respected, innovative and successful financial institutions. U.S. Bank is an equal opportunity employer committed to creating a diverse workforce. We consider all qualified applicants without regard to race, religion, color, sex, national origin, age, sexual orientation, gender identity, disability or veteran status, among other factors.
The Fusion Center is primarily used to exchange information and intelligence internal to U.S. Bank when investigating cyber and fraud events. The Fusion Center will have cross-functional team members who will participate day to day on security and fraud problems that may arise for investigation and communication and will provide timely investigation of security and fraud events across the enterprise to both leadership and external clients. The Fusion Center focuses on succinctly explaining the threat, explaining the business risk, and providing actionable recommendations to mitigate the risk in a rapid fashion.
The Sr. CTI Analyst will focus on collections aligned to established requirements, enrichment, and analysis of phishing, malware, and exploitable vulnerabilities. The candidate should have strong technical, language skills, and analytical abilities. The analyst will work on assignments that are varied and frequently require interpretation and independent determination of the appropriate courses of action.
The Sr. CTI Analyst will report to the Cyber Threat Intelligence manager in Information Security Services’ Threat Informed Defense department.
Mapping out malicious internet infrastructure and identifying additional, related assets.
Analyze activity associated with both successful and unsuccessful intrusions by advanced attackers.
Understanding what information can and cannot be gleaned from various social media services around the world.
Actively participate in the development, documentation, and implementation of new processes to expand and mature capabilities for the organization.
Thrive in culturally diverse research matters and be aware of cultural, social, and linguistic norms that may impact findings. (Fluency or proficiency in multiple languages a plus) ensures that threats and vulnerabilities to the organization's business systems and applications (both in-house and cloud-based) are minimized.
Support the Fusion Center in a shift differential covering normal business hours 7 days a week.
Essential Job Functions
Review and analyze open source datasets to find threat information and use it to provide value to U.S. Bancorp.
Create and deliver technical alerts and vulnerability notifications.
Gather and record key indicators and information about threat infrastructure and campaigns.
Collect intelligence based on established requirements and fully analyze based on operational procedures.
Prepare assessments and cyber threat profiles of current events based on collection, research and analysis of open source information.
Provide intelligence support during incident response and forensic security investigations.
Process and enrich information to ensure timely, actionable, high confidence IOCs are ingested and shared with key stakeholders.
Conduct detailed technical analysis supported by industry accepted threat intelligence analytical frameworks, tools, and standards.
Work with peers to develop and test technology integrations used for automation and enrichment.
Apply technical knowledge of security architectures, tools and controls to proactively detect, mitigate, and resolve advanced cyberattacks and/or threats.
Develop and maintain threat profiles that can be used in preparation of red team exercises.
Apply knowledge of current cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks.
Maintain or develop professional contacts in the various communities in support of operations.
BA/BS degree in IT, Computer Science, Intelligence or equivalent. Candidates without a degree are encouraged to apply and will be assessed on a case by case basis related to their work experience and accomplishments.
Work experience must include one or more of the following cyber-security functions: Cyber Threat Intelligence, Threat Hunting, System Administration, Intrusion Detection/Prevention, Monitoring, Incident Response, Digital Forensics, Vulnerability Management.
A minimum of 3 years of experience in operational or tactical cyber threat analysis in aggregate is required.
Preferred Skills / Experience
Advanced knowledge of cyber threats, threat vectors, attacker methodology to include, tools, tactics, and procedures and how they tie into Cyber Kill Chain or ATT&CK framework, Diamond Model etc.
Experience working in the Cleared Defense Contractor (CDC), Department of Defense (DoD) and Defense Industrial Base (DIB) sectors an advantage.
Experience establishing and/or actively partnering with law enforcement or other groups.
Understanding of cloud services and their attack surface.
Working knowledge of malicious code and how technical vulnerabilities are exploited.
Python, Ruby, VBScript, and PowerShell programming skills highly desirable.
Fluency or proficiency in multiple languages a plus.
Malware detection and analysis using static and dynamic malware analysis methods.
Commercial threat intelligence tooling and/or open source intelligence techniques.
Disseminating information in accordance with TLP classification and handling protocols, to the sector through the appropriate mechanisms.
Developing tools to enhance cyber-threat intelligence capabilities.
Monitoring or understanding deep dark web forums is a plus.
If there’s anything we can do to accommodate a disability during any portion of the application or hiring process, please refer to our disability accommodations for applicants (https://careers.usbank.com/global/en/disability-accommodations-for-applicants) .
Take care of yourself and your family with U.S. Bank employee benefits. We know that healthy employees are happy employees, and we believe that work/life balance should be easy to achieve. That's why we share the cost of benefits and offer a variety of programs, resources and support you need to bring your full self to work and stay present and committed to the people who matter most - your family.
Learn all about U.S. Bank employee benefits, including tuition reimbursement, retirement plans and more, by visiting careers.usbank.com .
EEO is the Law
Applicants can learn more about the company’s status as an equal opportunity employer by viewing the federal EEO is the Law (https://www.dol.gov/sites/dolgov/files/ofccp/regs/compliance/posters/pdf/eeopost.pdf) poster.
U.S. Bank participates in the U.S. Department of Homeland Security E-Verify program in all facilities located in the United States and certain U.S. territories. The E-Verify program is an Internet-based employment eligibility verification system operated by the U.S. Citizenship and Immigration Services. Learn more about the E-Verify program (https://careers.usbank.com/verification-of-eligibility-for-employment) .
Due to legal requirements, U.S. Bank requires that the successful candidate hired for some positions be fully-vaccinated for COVID-19, absent being granted an accommodation due to a medical condition, pregnancy, or sincerely held religious belief or other legally required exemption. For these positions, as part of the conditional offer of employment, the successful candidate will be asked to provide proof of vaccination or approval for an accommodation or exemption upon hire.
U.S. Bank is an equal opportunity employer committed to creating a diverse workforce. We consider all qualified applicants without regard to race, religion, color, sex, national origin, age, sexual orientation, gender identity, disability or veteran status, among other factors.