Sr. Cyber Threat Intelligence Analyst- Strategic

Sr. Cyber Threat Intelligence Analyst

TIAA has an opportunity for a Sr. Cyber Threat Intelligence Analyst. The analyst who is hired into this role will manage the cyber threats specific to financial services such as banking, capital markets, and insurance and would need to have considerable experience in at least one of these industries.

We are seeking a candidate who will utilize their knowledge, skills, and abilities to gather and analyze threat data, and then create reports to share with relevant stakeholders. This roles will require you to provide intelligence to, Senior Directors, C-level executives, and board of directors to assist in making serious decisions about risk assessments, resource allocation, and organizational strategy. This role will conduct research, analyze, and report on cyber defense, technology, cyber threat actors and groups, and related political and economic conditions. In addition, this role will collaborate with both industry specialists and peer analysts, develop, and maintain both short- and long-term research projects, create completed intelligence for tactical and executive audiences, and present the findings through briefings and external engagements.

Key Responsibilities and Duties

• Discover, identify, and report regularly on significant cyber threats and risks to businesses, governments, and other organizations presented by cyber threat actors and groups originating in global regions.
• Knowledge of zero-day vulnerabilities and writing a report for vulnerabilities along with mitigations/ remediations.
• Develop and produce intelligence reports focused on intricate fraud events, threats and trends.
• Research and analyze cyber-threat actors, groups, and events to report on threatening tactics, techniques, and procedures (TTPs), behaviors, motivations, sponsorship, and influencing factors.
• Develop and produce strategic intelligence reports focused on industry-level analysis of developing cybersecurity threats, complex geopolitical events, conditions, impacts and trends.
• Participate in the drafting and dissemination of finished tactical and operational threat intelligence products (reports, briefings, etc.).
• Analyzing the likelihood that an emerging threat will impact the organization and identify gaps of weaknesses.
• Provide requirements to influence threat mitigation strategies.
• Develop documentation in support of response processes and/or procedures.
• Manage intelligence/data from vendor, consortium, and law enforcement partners to be consumed for intelligence development.
• Analyze internal risk and security controls to identify existing weaknesses.
• Consolidate cyber threat intelligence feeds and sources.
• Provide threat intelligence support to cybersecurity teams during security incidents.
• Maintain, develop, and continuously evaluate cyber threat intelligence sources to increase effectiveness and timeliness of creating actionable threat assessments.
• Respond to client requests for information (RFIs) and participate in the drafting and production of company threat assessments.
• Engage and develop relationships with peers among TIAA to determine client and industry intelligence requirements, reporting use cases, and feedback on intel products.
• Interact with (verbal and written) with executives and stakeholders in non-technical terms while accurately encompassing risk, impact, likelihood, containment remediation activities, and threat actor techniques, tactics, and procedures.
• Write and review detailed threat landscape reports around emerging threats involving third-parties, clients, fraud, vulnerabilities, or other relevant cybersecurity events.
• Write and review bi-weekly, quarterly, or ad-hoc Senior Leadership briefings highlighting a summary about relevant cyber events.
• Proactively monitor for cyber events using Commercial Feeds, OSINT, alerts or logs to determine if an article needs a report.
• Peer-review reports and bi-weekly presentations written by the team.
• Stay updated with the latest trends, techniques and technologies in the threat landscape.
• Coordinate team calendars and intelligence reporting cadences.
• Write, review, and update Standard Operating Procedures (SOPs).
• Write, review, and update team playbooks.
• Work closely with other cybersecurity teams, Fraud teams, internal teams, and stakeholders to share intelligence and coordinate responses to threats.
• Work closely with external partners to share intelligence and coordinate responses to threats
• Train and mentor new members of the team, technical associates, or interns
• Work closely with team members to further enhance and mature the CTI program.
• This position will require weekend shift once quarterly.

Educational Requirements

• University (Degree) Preferred

Work Experience

• 3+ Years Required; 5+ Years Preferred

Physical Requirements

• Physical Requirements: Sedentary Work

Career Level
7IC