The Threat Intelligence Analyst II is an experienced individual contributor role within our Threat Intelligence and Research team, with responsibility to provide proactive and reactive services to SunTrust stakeholders to help protect the SunTrust enterprise from cyber threats.
· Proactively monitoring all-source threat information from multiple external and internal sources for relevant cyber security events, risks, and threats.
· Performing tactical intelligence collection to support requests for information and generation of intelligence information for specific named areas of interest.
· Performing intelligence analysis and research to distil actionable intelligence information from raw intelligence data across multiple security domains.
· Performing proactive research to identify impactful classes of threat while working across stakeholder teams to develop mitigation strategies.
· Producing threat intelligence communications and reports for delivery to and action by multiple stakeholders.
· Defining, executing, and completing projects to continuously improve threat intelligence sources, tools, processes, and deliverables.
· Providing security and threat intelligence thought leadership to stakeholder organizations.
· Providing security and threat intelligence mentoring to other teammates.
One or more years’ working experience in a technology environment with exposure to information security principles. Working knowledge of common IT and security concepts with emphasis on TCP/IP network security, operating system security, modern attack and exploitation techniques, cyber incident response, malware analysis, computer forensics and the tools that support these processes. Ability to analyze solutions using deductive reasoning and critical thinking to solve problems in straightforward situations. Demonstrated teamwork and collaboration skills. Strong time management skills and ability to manage competing priorities effectively. Effective verbal and written communication skills for the purpose of providing detailed information about event timelines, technical designs, system concepts and business impact. Ability to obtain requisite technical certification(s) within six months of hire.
· Inherent passion for cyber security research, threat analytics, and problem solving.
· Strong understanding of host and network security concepts & a variety of security controls; such as system hardening, log mgmt, intrusion detection & prevention systems, firewalls, end point controls, etc.
· Strong understanding of common threat scenarios and attack techniques to include vulnerability exploitation, malicious code, email-based attacks, web browser attacks, denial-of-service, etc.
· Expertise working with a broad range of technical network and host threat indicator sets.
· Expert level experience with SIEM technologies such as Splunk and Threat Intelligence Platforms such as MISP.
· Proficiency with at least one programming or scripting language, such as Python, Perl, .NET, etc.
· Proficiency in dynamic malware analysis using sandboxing technologies.
· Ability to demonstrate effective decision making, results delivery, and the ability to stay current with relevant technologies and information security concepts.
· Ability to manage multiple tasks, projects, priorities and deadlines.
· Demonstrated initiative and team work competencies.
· Adaptability, flexibility and ability to work as part of a team across functional boundaries, as well as in an individual capacity.
· Ability to handle and maintain the integrity and confidentiality of highly sensitive material and information.
· Ability to understand and translate complex issues and solutions into operational processes and activities.
· Excellent written and verbal communication skills.
· Bachelor's degree in Information Security, Information Technology, Computer Science or similar field with at least one year in a cyber security-specific role; OR three or more years’ working experience in a cyber security-specific role.
· GCTI certification or ability to obtain within six months of hire.
Equal Opportunity Employer: SunTrust supports a diverse workforce and is a Drug Testing and Equal Opportunity Employer. SunTrust does not discriminate against individuals on the basis of race, creed, color, gender, religion, national originTo review the EEO Poster, copy and paste the following link into your browser: http://www1.eeoc.gov/employers/upload/eeoc_self_print_poster.pdf http://www.dol.gov/ofccp/regs/compliance/posters/pdf/OFCCP_EEO_Supplement_Final_JRF_QA_508c.pdf