Cybersecurity Threat Intelligence Analyst

Title: Cybersecurity Threat Intelligence Analyst (Part-Time/Full Time)Locations: San Francisco, CARemote option: This role is available for 3 days/week as a remote worker.Area Overview: The National Incident Response Team (NIRT), a national service provider for the Federal Reserve System, delivers effective and efficient national intrusion detection, incident response, security intelligence, threat assessment, and vulnerability assessment services for the Federal Reserve System. The mission of the National Incident Response Team is to play a leading role in the Federal Reserve System s efforts to protect its information systems against unauthorized use. Job Description: NIRT is seeking a highly motivated intelligence or information security professional to serve as a Cyber Threat Intelligence (CTI) Analyst. This role is a mid to senior level analyst position who will work with a group of highly-skilled cyber professionals across intelligence, response, detection, and offensive security areas all focused on defending the Federal Reserve System (FRS) from current and future cyber threats. This analyst will detail and analyze significant current events, threat actors, campaigns, tactics, techniques, and procedures (TTPs), and malware with the purpose of synthesizing information, identifying patterns and understanding impact to current risk posture. This role will analyze both raw and finished reporting, with an emphasis on driving the security posture of the FRS cybersecurity fusion center. The candidate will also inform FRS information security and technology practitioners and managers, assess exposure, identify controls/mitigations, and provide situational awareness. Required Skills:

• Bachelor s degree in Computer Science, Information Systems, Computer Engineering, Cybersecurity, Systems Analysis, International Relations, Political Science, Intelligence/National Security Studies, or a domain related field or an equivalent combination of education and work experience.
• Typically requires 3 to 5 years of combined IT, Security, and Intelligence work experience with a broad range of exposure to systems analysis, application development, systems administration and over 5 years experience in computer network defense, computer network exploitation, incident response, computer forensics, malware reversing, or cyber intelligence; experience in relevant computer network defense discipline. Experience within national defense or the Intelligence Community and expert knowledge of analytic tradecraft along with a demonstrated ability to interpret complex cyber security issues may substitute for formal technical training and experience.
• Communicate cyber threat and risk information to business leaders; included delivering briefings and engagements w key bank stakeholders; contextualize reporting to support cyber risk decision-making
• Analyze and review external threat intelligence reporting; determine relevance for FRS and customers, evaluate content for future cybersecurity fusion center action (detect, respond, assess, emulate)
• Understands the cyber threat landscape for the financial services industry, central banks, and US government entities; contextualize broad changes in the cyber threat landscape for the business.
• Understand adversary TTPs for both cloud and on-prem environments; apply the MITRE ATT&CK Framework to drive the development of detection logic and adversary analysis
• Provide intelligence support to, and collaborate with, incident response, detection, and threat emulation teams; provide adversary insight for other SecOps teams to drive effective service delivery.
• Must be a and ability to obtain and maintain National Security Clearance

• Define workflows for optimizing the intelligence lifecycle; manage customer engagement; develop cross-team initiatives to implement cybersecurity improvements for recognized gaps
• Provides expertise and guidance to other team members on the development and implementation of improvements to core CTI competencies: collection optimization, tactical support to incident response and detection, operational impact analysis, or strategic intelligence analysis