Job Description

The Global Security Operations organization is seeking a Mid to Senior/expert level Cyber Threat Intelligence Analyst to join the Threat Intelligence (TI) team. The TI team directly supports the Chief Information Security Officers (CISO s) organization by providing Cyber Threat Intelligence (CTI) to security operation teams as well as leading cyber risk reduction efforts by identifying emerging Cyber Threats facing Northern Trust and Northern Trust technologies. Key Responsibilities: Act as Technical Liaison between CTI and Global Threat Management (GTM) to lead cyber exposure/risk assessment activities from emerging threats. Enable Threat Hunting operations by identifying technical indicators (such as IOC s) and Techniques, Tactics, and Procedures (TTP s) from emerging threat activity. Identifies high and critical Vulnerabilities being exploited by Cyber Criminals and Nation State groups to support the Vulnerability Management (VM) team s prioritization efforts. Leads Intelligence-Driven Risk Identification and Risk Reduction Efforts across the organization. Maintain knowledge of changing technologies, attack methods, and emerging threat landscape. Produce and deliver operational written and oral threat intelligence briefings tailored to the business interests of non-technical and technical stakeholders across the organization. Track intelligence gaps and support Requests for Information (RFIs) efforts across the organization to fill identified intelligence gaps. Skills/Qualifications/ Required Experience: BA/BS in Computer Science or equivalent practical experience. Experience in cybersecurity consulting and/or cybersecurity operations to include Vulnerability Management, Incident Response, Threat Hunting and Cyber Threat Intelligence. Extensive knowledge of the MITRE ATT&CK framework and ability to apply the framework to support threat detection and threat reduction efforts. Detailed knowledge of global cyber threats, threat actors, and the tactics, techniques and procedures used by cyber adversaries, specifically those targeting the financial services sector. Ability to leverage threat intelligence reporting to support threat detection efforts. Experience in large scale information technology implementations and operations preferred. Industry certifications such as GIAC Cyber Threat Intelligence (GCTI) certification. ( Not Mandatory ) Demonstrated ability to produce concise, refined, written threat intelligence assessments and briefings. Experience tailoring oral threat intelligence briefings to non-technical and technical leaders across the organization. Proactive communicator and team-player with a proven ability to independently identify, analyze, and share the relationships and technical, geopolitical, business, and financial implications between persisting and emerging cyber threats and threat vectors.