Fifth Third Bank
Lead Cyber Threat Intelligence Analyst
Fifth Third Bank, Detroit, Michigan, United States, 48226
Make banking a Fifth Third better
We connect great people to great opportunities. Are you ready to take the next step? Discover a career in banking at Fifth Third Bank.
GENERAL FUNCTION: As a Lead Cyber Threat Intelligence Analyst, you will spend time searching through various telemetry, looking for threats, analyzing them, and making that information meaningful to our stakeholders. Leveraging internal telemetry, common threat intelligence data providers, information from trust groups, and other sources, you will be responsible for tracking adversaries across the threat landscape. You'll communicate your findings to various stakeholders including colleagues, our Detection and Response Team, as well as the Bank's executive management.
You'll be a part of a team of dynamic and creative analysts focused on the threat landscape, finding threats to Fifth Third, contextualizing them, and using that knowledge to improve our defensive posture and protect our customers. This position requires various technical expertise and knowledge of security practices, procedures, and capabilities in order to perform non-repetitive, analytical work.
Your day-to-day Monitor and analyze threat intelligence sources to stay abreast of new threats and tactics.
Collect, process, and disseminate intelligence to stakeholders in a timely and actionable manner; piece together malicious campaigns, threat actors, and unattributed activity.
Develop and maintain relationships with external organizations to improve information sharing and collaboration.
Identify gaps in both detection and collection; recommend and participate in the implementation of solutions to fill those gaps.
Produce intelligence reports and technical briefings on current and emerging threats for audiences with a various levels of technical knowledge and seniority.
Use excellent analytical skills to work in a diverse team environment, exchanging ideas and data with incident responders, threat emulation engineers, and developers.
Occasionally conduct dynamic and static malware analysis on samples obtained from threat hunting activity to assist in signature development
Present complex technical topics to senior management, internal stakeholders, and peers
Provide subject matter expertise, technical deliverables oversight of strategic Cyber projects and initiatives to enhance and improve Cyber Intelligence capabilities and maturity.
Develops security solutions for medium to highly complex information security issues.
Collaborates with appropriate response partners, assist with determining the root cause of incidents and work with stakeholders and responsible parties to remediate any identified control gaps or failures
Escalate issues to management in a timely manner with appropriate information regarding severity, exposure, and action items; this role requires critical thinking and investigative mindset coupled effective written, and verbal communication skills.
Act as a mentor to more junior analysts
Serves as an Information Security Subject Matter Expert (SME) by maintaining knowledge of industry recognized security technologies and concepts; actively engages and assists lines of business to understand their needs and develop secure business solutions.
While operating within the Bank's risk appetite, achieve results by consistently identifying, assessing, managing, monitoring, and reporting risks of all types.
Responsible and accountable for risk by openly exchanging ideas and opinions, elevating concerns, and personally following policies and procedures as defined.
Accountable for always doing the right thing for customers and colleagues, and ensures that actions and behaviors drive a positive customer experience.
Performs other duties as assigned.
What you bring to the team Bachelor's Degree in Computer Science, Information Systems, or other related field, or other relevant experience.
4 to 8 years of experience with the analysis/investigation of cyber security threats and associated incidents.
A empathetic approach to collaboration and a flexible attitude, ready to work with a team passionate about disrupting adversaries and protecting the Bank and our customers
A well-rounded understanding of the current threat landscape
Strong knowledge of Cyber Threat Intelligence principles to include indicators of compromise (IOC) types, indicator pivoting and indicator attribution strength.
Skills to profile and track cyber actors efficiently, including YARA, infrastructure tracking, reverse engineering capabilities, and indicator pivoting techniques
The ability to make a hypothesis based on your research, prove or disprove it using data, and communicate that information
Excellent interpersonal, organizational, writing, communications, and briefing skills
Motivation to dig through internal and open-source data to find threat information and use it to protect Fifth Third interests
Preferred Qualifications Experience working remotely with a geographically distributed team
Familiarity with interpreting malware sandboxing reports
Experience with Network and Host malware detection engineering
Direct experience tracking apex cyber actors, familiarity with their TTPs and key features that can be used for attribution.
Enough experience with a scripting language to automate various aspects of your work
Information security community experience; a blog, website, published papers, conference presentations, or other experience on the public side of the security field
Position is not available for immigration sponsorship.
#LI-MB1
Lead Cyber Threat Intelligence Analyst
Total Base Pay Range 80,500.00 - 169,100.00 USD Annual
At Fifth Third, we understand the importance of recognizing our employees for the role they play in improving the lives of our customers, communities and each other. Our Total Rewards include comprehensive benefits and differentiated compensation offerings to give each employee the opportunity to be their best every day.
The base salary for this position is reflective of the range of salary levels for all roles within this pay grade across the U.S. Individual salaries within this range will vary based on factors such as role, relevant skillset, relevant experience, education and geographic location. In addition to the base salary, this role is eligible to participate in an incentive compensation plan, with any such payment based upon company, line of business and/or individual performance.
Our extensive benefits programs are designed to support the individual needs of our employees and their families, encompassing physical, financial, emotional and social well-being.You can learn more about those programs on our 53.com Careers page at: or by consulting with your talent acquisition partner.
LOCATION -- Virtual, Ohio
00000 Attention search firms and staffing agencies: do not submit unsolicited resumes for this posting. Fifth Third does not accept resumes from any agency that does not have an active agreement with Fifth Third. Any unsolicited resumes - no matter how they are submitted - will be considered the property of Fifth Third and Fifth Third will not be responsible for any associated fee.
Fifth Third Bank, National Association is proud to have an engaged and inclusive culture and to promote and ensure equal employment opportunity in all employment decisions regardless of race, color, gender, national origin, religion, age, disability, sexual orientation, gender identity, military status, veteran status or any other legally protected status.
GENERAL FUNCTION: As a Lead Cyber Threat Intelligence Analyst, you will spend time searching through various telemetry, looking for threats, analyzing them, and making that information meaningful to our stakeholders. Leveraging internal telemetry, common threat intelligence data providers, information from trust groups, and other sources, you will be responsible for tracking adversaries across the threat landscape. You'll communicate your findings to various stakeholders including colleagues, our Detection and Response Team, as well as the Bank's executive management.
You'll be a part of a team of dynamic and creative analysts focused on the threat landscape, finding threats to Fifth Third, contextualizing them, and using that knowledge to improve our defensive posture and protect our customers. This position requires various technical expertise and knowledge of security practices, procedures, and capabilities in order to perform non-repetitive, analytical work.
Your day-to-day Monitor and analyze threat intelligence sources to stay abreast of new threats and tactics.
Collect, process, and disseminate intelligence to stakeholders in a timely and actionable manner; piece together malicious campaigns, threat actors, and unattributed activity.
Develop and maintain relationships with external organizations to improve information sharing and collaboration.
Identify gaps in both detection and collection; recommend and participate in the implementation of solutions to fill those gaps.
Produce intelligence reports and technical briefings on current and emerging threats for audiences with a various levels of technical knowledge and seniority.
Use excellent analytical skills to work in a diverse team environment, exchanging ideas and data with incident responders, threat emulation engineers, and developers.
Occasionally conduct dynamic and static malware analysis on samples obtained from threat hunting activity to assist in signature development
Present complex technical topics to senior management, internal stakeholders, and peers
Provide subject matter expertise, technical deliverables oversight of strategic Cyber projects and initiatives to enhance and improve Cyber Intelligence capabilities and maturity.
Develops security solutions for medium to highly complex information security issues.
Collaborates with appropriate response partners, assist with determining the root cause of incidents and work with stakeholders and responsible parties to remediate any identified control gaps or failures
Escalate issues to management in a timely manner with appropriate information regarding severity, exposure, and action items; this role requires critical thinking and investigative mindset coupled effective written, and verbal communication skills.
Act as a mentor to more junior analysts
Serves as an Information Security Subject Matter Expert (SME) by maintaining knowledge of industry recognized security technologies and concepts; actively engages and assists lines of business to understand their needs and develop secure business solutions.
While operating within the Bank's risk appetite, achieve results by consistently identifying, assessing, managing, monitoring, and reporting risks of all types.
Responsible and accountable for risk by openly exchanging ideas and opinions, elevating concerns, and personally following policies and procedures as defined.
Accountable for always doing the right thing for customers and colleagues, and ensures that actions and behaviors drive a positive customer experience.
Performs other duties as assigned.
What you bring to the team Bachelor's Degree in Computer Science, Information Systems, or other related field, or other relevant experience.
4 to 8 years of experience with the analysis/investigation of cyber security threats and associated incidents.
A empathetic approach to collaboration and a flexible attitude, ready to work with a team passionate about disrupting adversaries and protecting the Bank and our customers
A well-rounded understanding of the current threat landscape
Strong knowledge of Cyber Threat Intelligence principles to include indicators of compromise (IOC) types, indicator pivoting and indicator attribution strength.
Skills to profile and track cyber actors efficiently, including YARA, infrastructure tracking, reverse engineering capabilities, and indicator pivoting techniques
The ability to make a hypothesis based on your research, prove or disprove it using data, and communicate that information
Excellent interpersonal, organizational, writing, communications, and briefing skills
Motivation to dig through internal and open-source data to find threat information and use it to protect Fifth Third interests
Preferred Qualifications Experience working remotely with a geographically distributed team
Familiarity with interpreting malware sandboxing reports
Experience with Network and Host malware detection engineering
Direct experience tracking apex cyber actors, familiarity with their TTPs and key features that can be used for attribution.
Enough experience with a scripting language to automate various aspects of your work
Information security community experience; a blog, website, published papers, conference presentations, or other experience on the public side of the security field
Position is not available for immigration sponsorship.
#LI-MB1
Lead Cyber Threat Intelligence Analyst
Total Base Pay Range 80,500.00 - 169,100.00 USD Annual
At Fifth Third, we understand the importance of recognizing our employees for the role they play in improving the lives of our customers, communities and each other. Our Total Rewards include comprehensive benefits and differentiated compensation offerings to give each employee the opportunity to be their best every day.
The base salary for this position is reflective of the range of salary levels for all roles within this pay grade across the U.S. Individual salaries within this range will vary based on factors such as role, relevant skillset, relevant experience, education and geographic location. In addition to the base salary, this role is eligible to participate in an incentive compensation plan, with any such payment based upon company, line of business and/or individual performance.
Our extensive benefits programs are designed to support the individual needs of our employees and their families, encompassing physical, financial, emotional and social well-being.You can learn more about those programs on our 53.com Careers page at: or by consulting with your talent acquisition partner.
LOCATION -- Virtual, Ohio
00000 Attention search firms and staffing agencies: do not submit unsolicited resumes for this posting. Fifth Third does not accept resumes from any agency that does not have an active agreement with Fifth Third. Any unsolicited resumes - no matter how they are submitted - will be considered the property of Fifth Third and Fifth Third will not be responsible for any associated fee.
Fifth Third Bank, National Association is proud to have an engaged and inclusive culture and to promote and ensure equal employment opportunity in all employment decisions regardless of race, color, gender, national origin, religion, age, disability, sexual orientation, gender identity, military status, veteran status or any other legally protected status.