Cybersecurity Operational Intelligence Consultant
Job Description : Job Description
Operational intelligence is knowledge gained from examining details from known attacks, and threat actor tools and infrastructure. Properly applied, a Cybersecurity Operational Intelligence Consultant can provide greater insight into cyber threats, allowing for a faster, more targeted response as well as resource development and allocation. Operational threat intelligence is intended for an almost exclusively technical audience (e.g., security operations personnel and managers), so it inevitably includes technical context.
- They can assist decision makers in determining acceptable business risks, developing controls and budgets, making equipment and staffing decisions, and providing insights that guide and support incident response and post-incident activities.
- T hey provide defenders with an opportunity to put controls in place preemptively and block attacks before they occur. Even partial intelligence can provide key insights into upcoming attacks.
The Cyber Security Operations Intelligence Consultant will work closely with other intelligence and operations teams, providing technical analysis to Cyber Security Operations Team & ESR. Duties and Responsibilities
- Guide and support the response to specific incidents; such intelligence is often related to campaigns, malware, and/or tools, and may come in the form of forensic reports.
- Enrich security events and alerts for known-bad microscopic IOCs, equipping security personnel with the context they need to make better security decisions.
- Enhance incident response plans and mitigation techniques for specific types of attacks and incidents.
- Implement and bolster a proactive hunting program to identify suspicious files and activity that has bypassed traditional security technologies.
- Extract useful red teaming techniques based on attacker methods in the wild.
- Perform actor-based and malware family-based technical analysis for high risk threats to SunTrust and the financial industry. This analysis includes threat-related tools and TTPs.
- Identify emerging TTPs (new persistence methods, exploits, phishing schemes) that may pose a threat to SunTrust.
- Develop detection methodologies that are not dependent on IOCs, ensuring broader coverage of threats in a timelier fashion.
- Expose potential risks.
- Perform faster and more thorough investigations into malicious activity.
- Bachelor's degree or equivalent and 2 years of related experience or an equivalent combination of education and experience.
- Solid understanding of principles, practices, theories, and/or methodologies associated with the computer and network security, incident response, digital forensics, intelligence and/or counterintelligence discipline.
- Ability to manage competing priorities.
- Ability to solve problems in straightforward situations by analyzing possible solutions using experience, judgment and precedents.
- Awareness of industry competitive landscape and the factors that differentiate our bank from other banks in the market.
- Ability to communicate complex information in straightforward situations.
- Master's degree or MBA and 3 years of related experience.
- Previous experience in the banking industry.
- Understanding of integration/automation of cybersecurity systems.
Equal Opportunity Employer: SunTrust supports a diverse workforce and is a Drug Testing and Equal Opportunity Employer. SunTrust does not discriminate against individuals on the basis of race, creed, color, gender, religion, national origin, age, disability, veteran status, pregnancy, marital status, citizenship status, sexual orientation, gender identity, genetic information, or any other classification protected by applicable laws.
To review the EEO Poster, copy and paste the following link into your browser: http://www1.eeoc.gov/employers/upload/eeoc_self_print_poster.pdf http://www.dol.gov/ofccp/regs/compliance/posters/pdf/OFCCP_EEO_Supplement_Final_JRF_QA_508c.pdf