Senior Cyber Security Threat Analyst
You’ll be part of the Threat Intelligence team within Enterprise Cyber Security. The Enterprise Cyber Security (ECS) group provides enterprise-wide security services for their business units.
- Analyze threat information from a variety of internal and external sources to provide actionable intelligence to maintain and enhance the defences that protect information systems and resources.
- Support other teams in Enterprise CyberSecurity and IT operations to respond to cyber incidents by providing insightful research and analysis.
- Identify and assess the capabilities and activities of cyber criminals.
- Develop and manage cybercriminal profiles – supporting predictive analysis efforts.
- Assist analysts and incident response staff during response activities and cyber investigations.
- Produce findings to help prepare or support investigations.
- Ensure indications of compromise are promptly identified and stakeholders are informed with actionable and complete information.
Qualifications, Education and Experience
- 5+ years’ experience in the IT Industry.
- 3+ years of information security experience.
- Security Operations Centre (SOC), Cyber incident response team, or Network Operations Centre (NOC) experience.
- Strong written and oral communication skills and the ability to prioritize work.
- Industry certifications in cyber security incident management, such as GIAC Certified Incident Handler (GCIH), Certified Information Systems Security Professional (CISSP).
Skills and Knowledge
- Working knowledge of operating systems and networking technologies.
- Knowledge of packet capture and analysis.
- Knowledge of how malicious code operates and how vulnerabilities are exploited.
- Knowledge of log formats (syslog, http logs, and database logs) and how to gather forensics for traceability back to an event.
- Working knowledge of databases, query design, and how to analyze queried data.
- Ability to make information security risk determinations based on threat intelligence analysis.
- Proven ability to work with and understand technical indicators of threat activity and provide recommendations.
- Understanding of cybersecurity frameworks such as NIST or ISO 27001.
Desired Skills and Knowledge
- Ability to write clear and concise analytical information products.
- Ability to maintain or develop professional contacts in the cyber security.
- Understanding of information security program(s) in the financial sector.