Comprised of industry leading experts in intelligence analysis, intelligence gathering, cyber security and monitoring, investigations and engineering. The team is responsible for external engagement with peer groups in information security circles over cyber threats and on the development of global cyber policy. The Threat Intelligence teams' collection efforts focus on events ranging from intrusions, malware, DDoS, unauthorized access, insider attacks, and loss of proprietary information. This includes developing deep understanding of global threat actors and the geopolitical drivers of cyberspace. The Threat Intelligence team plays an integral role in the alerting, response, and mitigation of computer security incidents at Discover Financial Services. The Threat Intelligence Team works closely with the incident response team, and various lines of business to mitigate risk to the company.
The Cybersecurity Threat Intelligence Analyst possesses an intelligence analysis background with excellent oral and written communications skills. The successful candidate will be conducting research both independently or with the larger team to identify cybersecurity threats; produce analytical products; and demonstrate excellent customer service characteristics. The analyst will use all sources of technical data collection and analysis in order to produce a common operating picture of intrusion or threat related activity. This includes developing and maintaining new technical and non-technical sources of information, threat research, threat profile development, analysis, briefings, and warnings. Formal training and/or experience in both fundamental and advanced Information Technology is desirable.
Primary responsibilities of the Cybersecurity Threat Intelligence Analyst include:
* Establish a threat modeling methodology to identify, classify, prioritize and report on cyber threats using a structured approach
* Identify and develop a portfolio of threat profiles, threat activity, trends and common attack vectors from all available sources (open source, Agency feeds, and commercial feeds)
* Provide actionable information by producing; editing; and distributing a variety of concise and actionable threat analysis and warning products in written and presentation form to an audience that spans a range of customers from senior company executives to security analysts
* Collect information on threats to the organization through communication with other partner institutions, mailing lists, open source news, and industry partnerships
* Provide awareness to internal teams and leadership on changes to the cyber threat landscape through various products
* Use threat intel to inform and develop threat detection strategies and to build out and update the alert catalogue
* Compile and analyze cyber threat information and make recommendations based on suspected or known context in order to draw insights and conclusions regarding its relative threat to DFS.
* Conduct studies and make recommendations to produce a library of cyber threats; threat vectors; threat actors; and threat trends
* Maintaining threat indicators in a threat intelligence platform
* Interface with Information Security Program office, and Cybersecurity teams (SoC, IR)
1. Bachelors degree in Computer Science, Engineering or related fields, or related experience, plus 3+ years working in security roles or 6+ years working in information security roles.
2. Knowledge of common adversary tactics, techniques, and procedures (TTPs)
3. Excellent communication skills, written and verbal. Experience in copy-editing, proofreading, and technical writing for long documents.
4. Experience with threat intelligence tools & management platforms
5. Experience with collecting, analyzing, and interpreting data from multiple sources, documenting the results and providing meaningful analysis products
6. Knowledge of the principal methods, procedures, and techniques of gathering information and producing, reporting, and sharing intelligence
1. Formal training and/or experience as a cybersecurity or intelligence analyst
2. Experience with current and historical Threat Actor Group(s) TTPs
3. Ability to work independently and as part of a team
4. Knowledge of security best practices, and federal and private sector security standards
5. Excellent teamwork skills and ability to collaborate with a diverse team of skilled cybersecurity professionals
6. Certification in information security is desirable: GCIA; GCIH; CEH; CISSP; SSCP; etc
#LI-KE We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state or local protected class.
A little about us:
Discover is one of the most recognized brands in U.S. financial services. We’re a direct banking and payment services company built on a legacy of innovation and customer service.