Create a Job Alert.

Enter your email below to save this search and receive job recommendations for similar positions.
Thank you. We'll send jobs matching these to
You already suscribed to this job alert.
US
0 suggestions are available, use up and down arrow to navigate them
What job do you want?

CTI Attribution Analyst job in Washington at Bank of America

Create Job Alert.

Get similar jobs sent to your email

List of Jobs

Apply to this job.
Think you're the perfect candidate?
CTI Attribution Analyst at Bank of America

CTI Attribution Analyst

Bank of America Washington, DC Full Time

Job Description:

Cyber Threat Intelligence (CTI) works with partners, both internal and external, to reduce risk to the firm and to the financial sector at large. Stakeholders include cyber-security response teams, internal lines of business, senior leadership and external organizations such as law enforcement, industry peers, key suppliers, customers and intelligence sharing partners.  The CTI Tactical team is a sub-team responsible for the identification and analysis of advanced threats against the firm, its clients and where applicable, the Financial Industry.  Team focuses on- providing technical intelligence and support to both CSD response teams and LOB’s in order to mitigate risk associated with malicious online activity.

The scope of the Cyber Threat Intelligence Attribution Analyst will primarily include processes by which evidence (i.e., associating software, computer, or networking artifacts) of a malicious cyber activity is collected, analyzed and enriched to produce assessments pertaining to: point of origin, identification of specific digital device, infrastructure or online persona and/or the individual or organization that directed the activity.  Attribution is an emergent skillset therefore a successful analyst will have to demonstrate the ability to leverage their technical acumen, apply all-source intelligence, knowledge of previous events, tools and methods in order to trace operations back to their sources. As an iterative process, the analyst will compare new information to existing knowledge, identify intelligence gaps, consider competing hypotheses/ambiguities and weigh the evidence to determine a confidence level.  Additionally, the attribution analyst will have to develop and standardize communication of data enrichment that will facilitate the timely sharing of data and analytic collaboration.

Role responsibilities:

•             Work in a tactical/technical role reviewing and cultivating intelligence sources, analyzing information and creating actionable intelligence.

•             Contribute to intelligence briefings for senior bank leadership.

•             Analyze information security events for tradecraft, infrastructure, malware and intent that may indicate a particular threat actor or threat actor group.

•             Operate as part of a team of analysts responsible for collecting, assessing, and prioritizing threats, and then communicating that assessment in a manner that accurately conveys urgency, severity, and credibility.

•             Identify, escalate and debate recommended actions that strengthen controls.

•             Continually and consistently review attribution processes to identify reforms that could add to increased speed, efficiency and accuracy in reporting.

•             Exercise independent judgment in methods, techniques and evaluation criteria for obtaining results.

•             Participate in technical bridge lines to facilitate the identification, mitigation and containment of cyber-security incidents.

Qualifications:

•             Proven experience in a cyber, counter-terrorism, or related targeting role in the intelligence community, military, government or related contracting firm.

•             Technical or information security certifications are a strong plus.

•             5 years+ in a related role or discipline.

•             2 years+ working in a 24x7 operational environment.

•             Experience working in a Security Operations, Incident Management or Fusion Center operation.

Skills:

•             Excellent leadership, organizational and analytical skills.

•             Ability to communicate (verbal and written) with stakeholders in non-technical terms.

•             Excellent written and verbal communication and presentation skills.

•             Ability to handle multiple work efforts in a fast-paced environment and to be able to quickly change direction as needed.

•             Ability to prioritize conflicting tasks.

•             Subject matter expertise in cyber threat intelligence related activities, open source and closed source Intelligence tradecraft, social media and social network analysis and related disciplines.

•             Familiarity with cyber threat landscape, geopolitical issues that could have cyber impacts, security vulnerabilities, exploits, malware, digital forensics, network security vulnerabilities, exploits and attacks.

•             Ability to work in a strong team-oriented environment with a sense of urgency and resilience while being a self-starter and able to work independently.

•             Ability to work effectively with technical and non-technical business owners.

Job Band:

H5

Shift: 

1st shift (United States of America)

Hours Per Week:

40

Weekly Schedule:

Referral Bonus Amount:

0 -->

Job Description:

Cyber Threat Intelligence (CTI) works with partners, both internal and external, to reduce risk to the firm and to the financial sector at large. Stakeholders include cyber-security response teams, internal lines of business, senior leadership and external organizations such as law enforcement, industry peers, key suppliers, customers and intelligence sharing partners.  The CTI Tactical team is a sub-team responsible for the identification and analysis of advanced threats against the firm, its clients and where applicable, the Financial Industry.  Team focuses on- providing technical intelligence and support to both CSD response teams and LOB’s in order to mitigate risk associated with malicious online activity.

The scope of the Cyber Threat Intelligence Attribution Analyst will primarily include processes by which evidence (i.e., associating software, computer, or networking artifacts) of a malicious cyber activity is collected, analyzed and enriched to produce assessments pertaining to: point of origin, identification of specific digital device, infrastructure or online persona and/or the individual or organization that directed the activity.  Attribution is an emergent skillset therefore a successful analyst will have to demonstrate the ability to leverage their technical acumen, apply all-source intelligence, knowledge of previous events, tools and methods in order to trace operations back to their sources. As an iterative process, the analyst will compare new information to existing knowledge, identify intelligence gaps, consider competing hypotheses/ambiguities and weigh the evidence to determine a confidence level.  Additionally, the attribution analyst will have to develop and standardize communication of data enrichment that will facilitate the timely sharing of data and analytic collaboration.

Role responsibilities:

•             Work in a tactical/technical role reviewing and cultivating intelligence sources, analyzing information and creating actionable intelligence.

•             Contribute to intelligence briefings for senior bank leadership.

•             Analyze information security events for tradecraft, infrastructure, malware and intent that may indicate a particular threat actor or threat actor group.

•             Operate as part of a team of analysts responsible for collecting, assessing, and prioritizing threats, and then communicating that assessment in a manner that accurately conveys urgency, severity, and credibility.

•             Identify, escalate and debate recommended actions that strengthen controls.

•             Continually and consistently review attribution processes to identify reforms that could add to increased speed, efficiency and accuracy in reporting.

•             Exercise independent judgment in methods, techniques and evaluation criteria for obtaining results.

•             Participate in technical bridge lines to facilitate the identification, mitigation and containment of cyber-security incidents.

Qualifications:

•             Proven experience in a cyber, counter-terrorism, or related targeting role in the intelligence community, military, government or related contracting firm.

•             Technical or information security certifications are a strong plus.

•             5 years+ in a related role or discipline.

•             2 years+ working in a 24x7 operational environment.

•             Experience working in a Security Operations, Incident Management or Fusion Center operation.

Skills:

•             Excellent leadership, organizational and analytical skills.

•             Ability to communicate (verbal and written) with stakeholders in non-technical terms.

•             Excellent written and verbal communication and presentation skills.

•             Ability to handle multiple work efforts in a fast-paced environment and to be able to quickly change direction as needed.

•             Ability to prioritize conflicting tasks.

•             Subject matter expertise in cyber threat intelligence related activities, open source and closed source Intelligence tradecraft, social media and social network analysis and related disciplines.

•             Familiarity with cyber threat landscape, geopolitical issues that could have cyber impacts, security vulnerabilities, exploits, malware, digital forensics, network security vulnerabilities, exploits and attacks.

•             Ability to work in a strong team-oriented environment with a sense of urgency and resilience while being a self-starter and able to work independently.

•             Ability to work effectively with technical and non-technical business owners.

Job Band:

H5

Shift: 

1st shift (United States of America)

Hours Per Week:

40

Weekly Schedule:

Referral Bonus Amount:

0

Job Description: Cyber Threat Intelligence (CTI) works with partners, both internal and external, to reduce risk to the firm and to the financial sector at large. Stakeholders include cyber-security response teams, internal lines of business, senior leadership and external organizations such as law enforcement, industry peers, key suppliers, customers and intelligence sharing partners.  The CTI Tactical team is a sub-team responsible for the identification and analysis of advanced threats against the firm, its clients and where applicable, the Financial Industry.  Team focuses on- providing technical intelligence and support to both CSD response teams and LOB’s in order to mitigate risk associated with malicious online activity.

The scope of the Cyber Threat Intelligence Attribution Analyst will primarily include processes by which evidence (i.e., associating software, computer, or networking artifacts) of a malicious cyber activity is collected, analyzed and enriched to produce assessments pertaining to: point of origin, identification of specific digital device, infrastructure or online persona and/or the individual or organization that directed the activity.  Attribution is an emergent skillset therefore a successful analyst will have to demonstrate the ability to leverage their technical acumen, apply all-source intelligence, knowledge of previous events, tools and methods in order to trace operations back to their sources. As an iterative process, the analyst will compare new information to existing knowledge, identify intelligence gaps, consider competing hypotheses/ambiguities and weigh the evidence to determine a confidence level.  Additionally, the attribution analyst will have to develop and standardize communication of data enrichment that will facilitate the timely sharing of data and analytic collaboration.

Role responsibilities:

•             Work in a tactical/technical role reviewing and cultivating intelligence sources, analyzing information and creating actionable intelligence.

•             Contribute to intelligence briefings for senior bank leadership.

•             Analyze information security events for tradecraft, infrastructure, malware and intent that may indicate a particular threat actor or threat actor group.

•             Operate as part of a team of analysts responsible for collecting, assessing, and prioritizing threats, and then communicating that assessment in a manner that accurately conveys urgency, severity, and credibility.

•             Identify, escalate and debate recommended actions that strengthen controls.

•             Continually and consistently review attribution processes to identify reforms that could add to increased speed, efficiency and accuracy in reporting.

•             Exercise independent judgment in methods, techniques and evaluation criteria for obtaining results.

•             Participate in technical bridge lines to facilitate the identification, mitigation and containment of cyber-security incidents.

Qualifications:

•             Proven experience in a cyber, counter-terrorism, or related targeting role in the intelligence community, military, government or related contracting firm.

•             Technical or information security certifications are a strong plus.

•             5 years+ in a related role or discipline.

•             2 years+ working in a 24x7 operational environment.

•             Experience working in a Security Operations, Incident Management or Fusion Center operation.

Skills:

•             Excellent leadership, organizational and analytical skills.

•             Ability to communicate (verbal and written) with stakeholders in non-technical terms.

•             Excellent written and verbal communication and presentation skills.

•             Ability to handle multiple work efforts in a fast-paced environment and to be able to quickly change direction as needed.

•             Ability to prioritize conflicting tasks.

•             Subject matter expertise in cyber threat intelligence related activities, open source and closed source Intelligence tradecraft, social media and social network analysis and related disciplines.

•             Familiarity with cyber threat landscape, geopolitical issues that could have cyber impacts, security vulnerabilities, exploits, malware, digital forensics, network security vulnerabilities, exploits and attacks.

•             Ability to work in a strong team-oriented environment with a sense of urgency and resilience while being a self-starter and able to work independently.

•             Ability to work effectively with technical and non-technical business owners. Shift:

1st shift (United States of America)

Hours Per Week: 

40
 

Recommended Skills

  • Information Security
  • Technical Acumen
  • Cyber Security
  • Network Security
  • Self Motivation
  • Digital Forensics
Apply to this job.
Think you're the perfect candidate?

Help us improve CareerBuilder by providing feedback about this job:

Job ID: 21034310

CareerBuilder TIP

For your privacy and protection, when applying to a job online, never give your social security number to a prospective employer, provide credit card or bank account information, or perform any sort of monetary transaction. Learn more.

By applying to a job using CareerBuilder you are agreeing to comply with and be subject to the CareerBuilder Terms and Conditions for use of our website. To use our website, you must agree with the Terms and Conditions and both meet and comply with their provisions.