Threat Intelligence Analyst

As a Threat Intelligence Analyst, you will be responsible for supporting the threat intelligence function at StoneX. You will work closely with the Exposure Management Manager and Threat Intelligence Lead Analyst to provide timely situational awareness, translate cyber threats into actionable information to ensure resources are focused on the right risks, and to reduce the probability of material impact to the company.

This is an individual contributor hybrid position that requires 4 days in the office per week at the Bangaluru Office. If your resume doesn't perfectly line up with the role responsibilities and qualifications, we encourage you to apply anyway.  You could be one step away from work that will transform your life and career.

Starting salary will vary based on criteria such as location, experience, education, and qualifications. There may be flexibility for exceptional candidates. This role is also eligible to earn performance based incentive compensation.

Key Responsibilities:

• Perform collection and analysis of threat data and intelligence to support stakeholder intelligence requirements.
• Develop strategic, tactical, and operational intelligence products for stakeholder dissemination.
• Present intelligence related to cyber threats at both a technical and management level to help shape both tactical and strategic priorities.
• Research and analyze TTPs (tactics, techniques, and procedures) to generate behavioral security posture improvement actions, such as detections or hunt packages, to support the identification of cyber threats within the StoneX environment.
• Provide intelligence support during incident response engagements.
• Collaborate with Threat Intelligence Team members, internal teams and departments, and appropriate business partners to address the cyber threat landscape.
• Escalate issues to management in a timely manner with appropriate information regarding risk and impact.
• Develop and build automation playbooks, as well as maintain and update the Threat Intelligence aspects to the security orchestration, automation, and response (SOAR) solution.
• Exercise independent judgement in methods, techniques, and evaluation criteria for obtaining results.

This job might be for you if:

• You enjoy learning about cyber threats and proactively protecting an organization.
• You enjoy digging through the logs and interpreting the data.
• You love taking on difficult challenges, finding creative solutions, and stepping outside your comfort zone to learn and grow.
• You do not get flustered easily. If you do not know the answer, you will use the available resources to try to find the answer first. 
• You enjoy working on a team to fulfill a mission.
• You are fluent in English.
• You possess excellent verbal and writing skills.
• You enjoy reading, research, and writing.
• You have a radical curiosity.
• You are motivated and driven. You volunteer for new challenges without waiting to be asked. You're going to take ownership of the time you spend with us and truly make a difference. 

To land this role:

You need to exhibit a high degree of emotional intelligence, empathy, and the ability to learn quickly. Experience with MITRE ATT&CK and Python is a plus The ability to write well is a requirement of this job. 

Qualifications:

Basic Qualifications

• A college or university degree with 1 – 3 years' professional experience; or no college or university degree with 5 years' professional experience. If the applicant has a degree it is preferred in Information Security, Computer Sciences, Information Systems, Engineering, Sciences, International Studies, STEM or a related field.
• Experience with frameworks such as the Lockheed Martin Cyber Kill Chain, Diamond Model and MITRE ATT&CK.
• Experience with TCP/IP, common networking ports and protocols (HTTP, DNS, etc.), traffic flow, system administration, defense-in-depth, and common security elements.
• Experience with information analysis and the intelligence analysis cycle.
• Familiarity with developing and curating intelligence related to the cyber threat landscape such as threat actors, malware, vulnerabilities and tactics, techniques, and procedures.
• Experience with performing technical indicator and TTPs analysis across different platforms and datasets.
• Commitment to training, self-study and maintaining proficiency in the cyber threat intelligence domain.

Preferred Qualifications

• Experience in Incident Response, Security Operations or Cyber Threat Intelligence functions.
• Experience with translating threat intelligence from OSINT and private intelligence reports into custom detections and mitigations across multiple security technologies.
• Experience in developing detections to aid in the proactive identification of adversary capabilities using various open and closed source platforms.
• Experience performing automated malware analysis to identify functionality of adversary tools and capabilities.
• Experience performing data analysis using a Security Information and Event Management (SIEM) system and the creation of queries, alerts, and reports.
• Experience using a SOAR platform and creating automation playbooks with Python.
• Experience using structured analytic techniques and identifying biases.
• Understands attack signatures, tactics, techniques, and procedures associated with advanced threats and the ability to develop relevant alerting and countermeasures.