Sr. Cyber Threat Intelligence Analyst- Technical

About the position

TIAA has an opportunity for a Sr. Cyber Threat Intelligence Analyst. The analyst who is hired into this role will manage the cyber threats specific to financial services such as banking, capital markets, and insurance and would need to have considerable experience in at least one of these industries. We are seeking a candidate who will utilize their knowledge, skills, and abilities to identify, analyze and mitigate cyber threats that impact TIAA. This role will require you to create Threat Intelligence reports to share with relevant stakeholders and senior leadership. This role will conduct research, analyze, and report on cyber defense, technology, cyber threat actors and groups, and related political and economic conditions. In addition, this role will collaborate with both industry specialists and peer analysts, develop, and maintain both short- and long-term research projects, create completed intelligence for tactical and executive audiences, and present the findings through briefings and external engagements.

Responsibilities

• Discover, identify, and report regularly on significant cyber threats and risks to businesses, governments, and other organizations presented by cyber threat actors and groups originating in global regions.
• Knowledge of zero-day vulnerabilities and writing a report for vulnerabilities along with mitigations/remediations.
• Develop and produce intelligence reports focused on intricate fraud events, threats and trends.
• Research and analyze cyber-threat actors, groups, and events to report on threatening tactics, techniques, and procedures (TTPs), behaviors, motivations, sponsorship, and influencing factors.
• Develop and produce strategic intelligence reports focused on industry-level analysis of developing cybersecurity threats, complex geopolitical events, conditions, impacts and trends.
• Participate in the drafting and dissemination of finished tactical and operational threat intelligence products (reports, briefings, etc.).
• Analyzing the likelihood that an emerging threat will impact the organization and identify gaps of weaknesses.
• Provide requirements to influence threat mitigation strategies.
• Develop documentation in support of response processes and/or procedures.
• Manage intelligence/data from vendor, consortium, and law enforcement partners to be consumed for intelligence development.
• Analyze internal risk and security controls to identify existing weaknesses.
• Consolidate cyber threat intelligence feeds and sources.
• Provide threat intelligence support to cybersecurity teams during security incidents.
• Maintain, develop, and continuously evaluate cyber threat intelligence sources to increase effectiveness and timeliness of creating actionable threat assessments.
• Respond to client requests for information (RFIs) and participate in the drafting and production of company threat assessments.
• Engage and develop relationships with peers among TIAA to determine client and industry intelligence requirements, reporting use cases, and feedback on intel products.
• Interact with (verbal and written) with executives and stakeholders in non-technical terms while accurately encompassing risk, impact, likelihood, containment remediation activities, and threat actor techniques, tactics, and procedures.
• Monitor and analyze the ever-changing cyber threat landscape.

Requirements

• 3+ years cyber threat intelligence experience
• Basic knowledge of SIEM (Security Information and Event Management) tools.
• Ability to run IOCs (Indicators of Compromise) within SIEM platforms for threat detection and investigation.
• Familiarity with APIs for data integration and automation.
• Experience working with Python, Docker containers, and cron jobs.
• Strong knowledge of the cyber threat landscape and OSINT techniques.
• Proficiency in using MITRE ATT&CK, Diamond Model, and Cyber Kill Chain.

Nice-to-haves

• 5+ years’ experience in cyber related field preferred.
• Bachelor's degree or equivalent work experience.
• Notable background within banking, capital markets, and insurance industries.
• Experience with SIEM and TIP platforms preferred.
• Knowledge of Advanced Persistent Threats (APTs), state-sponsored cyber adversaries, and/or the intelligence cycle preferred.

Benefits

• Comprehensive Total Rewards package designed to make a positive difference in the lives of our associates and their loved ones.
• Superior retirement program.
• Highly competitive health, wellness and work life offerings.