Cyber Threat Intelligence Professional

• Ability to communicate intelligence and analysis of cyber threats in various forms (written production; briefings) for a senior-level audience GCTI, or equivalent experience with: common frameworks used for threat intelligence (eg Kill Chain, Diamond Model, MITRE Telecommunication & CK) adversarial TTPs within the context of the Cyber Kill Chain, Diamond Model Intrusion Analysis, MITRE Telecommunication&CK methodologies, or equivalent
• Ability to develop specific expertise, discern patterns of complex threat actor behavior, and communicate an understanding of current and developing cyber threats
• Expert understanding of cyber threat intelligence concepts and processes

• Expert ability to analyze cyber threat activity and develop relevant recommendations
• Experience with collecting, analyzing, and interpreting qualitative and quantitative data from multiple sources
• Strong knowledge of networking concepts
• Threat Client Platform (TIP) experience Anomali, Recorded Futures, Threat Connect or other TIP experience Strong knowledge with enterprise logging/SIEM solutions (eg Splunk), intelligence and analysis tools (eg Maltego), Threat Intelligence Platforms/TIP (eg Anomali), security orchestration tools (XSAOR) and OSINT aggregators
• Strong knowledge of the Mitre Telecommunication & ck Framework
• Familiarity with Recorded Future, RiskIQ, IDS/IPS, and load balancing technologies
• Familiarity with cloud solutions (eg Azure, AWS, etc)
• Familiarity with malware analysis and network-based forensics tools Preferred: Hold SANS GCTI Certification
• Strong knowledge of STIX/TAXII Familiarity with cyber threats targeting the US financial sector (Nation States, Cybercrime, Hacktivists, etc) and their associated TTPs

Job Description/Duties:

• Identify and track targeted intrusion cyber threats, trends, and new developments by cyber threat actors through analysis of internal and external data
• Identify intelligence gaps and submit requests for information to fill gaps Identify emerging threats effecting the financial services industry and develop analytical threat models
• Conduct briefings as needed for a variety of levels of internal customers as requested
• Work closely with functional senior leaders to ensure threat intelligence analysis and products are mapped to prioritized corporate assets and risks
• Work in coordination with external entities such as ISACs, law enforcement, the intelligence community, and other government agencies
• Prioritize, categorize, and respond to requests for information from internal customers
• Perform threat hunting based on emerging threats
• Perform retro hunting based on known threat actor IOCs
• Conduct threat analysis to determine gaps in the companys security posture based on current and merging threats
• Provide finished intelligence analysis to internal customers through written reporting
• Work with business units to develop security priorities/needs
• Work with various teams to develop alerting rule