Cybersecurity Threat Intelligence Analyst - Principal

Description

The Cyber Threat Intelligence Analyst - Principal will have the responsibility to be the technical expert driving and leading in review of complex and technical threat data, and enrich it with contextual information, resulting in finished intelligence products.

This role will also be expected to lead in interacting with external parties including but not limited to FBI, FS-ISAC, and Threat Intelligence communities of interest.

Responsibilities

• Lead an effort to create and run a Threat Hunting program, including scenario-based hunting engagements, develop and leverage custom scripting, coordinate with Red team on adversarial emulation engagements
• Leads and drives actively monitoring external sources for Threat Intel in line with operational procedures. Which includes tracking emerging and ongoing cyber and physical threats using OSINT and deep web research as well as compile and validate data from internal, commercial, and open sources to recognize threat trends and patterns.
• Leads in Identifying and processing indicators of compromise and threat actor TTPs for correlation, detection and alerting in appropriate security tools.

Share timely intelligence and insights with internal and external partners to enhance situational awareness of the global threat landscape.

• Collaborates closely with the cyber incident teams, fraud teams, and various lines of business to mitigate risk. Closely collaborates with external partners to enhance situational awareness of the global threat landscape.
• Leads in Identifying and driving process improvement within Threat Intel program, including Identifying new sources for driving threat intel into the bank.
• Leads in Authoring periodic and adhoc intelligence products for various internal customers.
• Leads Huntington’s Threat Intel services to ensure they are designed to be compliant with security and privacy standards, industry standards and the bank Threat Intel program.
• Execute and Support the Threat Intel domain operational procedures (communication and tracking). Participate in creating / maintaining policies and standards.

Generate and publish Threat Intel metrics.

Basic Qualifications

• Bachelor's degree
• 7 years of experience in Cyber Security
• 3 years of experience in Cyber Security Threat Intelligence or Incident Response

Preferred Qualifications

• Expert understanding of threats and attack vectors
• Ability to communicate effectively clearly and concisely verbally and through technical writing
• Expert understanding of security architecture and tools which can be leveraged for threat mitigation
• Experience with STIX, TAXI, OpenIOC, and other threat intelligence schema
• Expert understanding of Threat Actors and their tactics, techniques, and procedures
• Advanced experience with Security Assessment Toolsets
• Advanced experience in automation and scripting of applications and systems
• Expert knowledge of relational databases and structured query language
• Expert knowledge of client / server relationships and multi-tier environments
• Actively support security collaboration with internal and external parties
• Experience with engaging Threat Intelligence sharing communities
• Ability to create and evaluate Sigma rules
• Experience with Threat Hunting, Incident Response, Sandboxing, Honeypot, and Malware reverse engineering
• Security+; Network+; CISSP; GCTI; CEH; GSEC; GCIH; GNFA; GCFA; GCIA; GREM

LI-Hybrid

LI-SG1

Exempt Status : (Yes not eligible for overtime pay) ( No eligible for overtime pay)

Workplace Type :

Huntington is an equal opportunity and affirmative action employer and is committed to providing equal employment opportunities for all regardless of race, color, religion, sex, national origin, age, disability, sexual orientation, veteran status, gender identity and expression, genetic information, or any other basis protected by local, state, or federal law.

Tobacco-Free Hiring Practice : Visit Huntington's Career Web Site for more details.

Agency Statement : Huntington does not accept solicitation from Third Party Recruiters for any position