This job listing has expired and the position may no longer be open for hire.

Threat Intelligence Analyst/ Investigator at Prudential

Posted in Legal 30+ days ago.

This job brought to you by eQuest

Type: Full-Time
Location: New York, New York

Job Description:

High Tech Investigations Unit

We are a Fortune 100 financial services leader with a dynamic and diverse workforce and a strong emphasis on talent management.  Our High Technology Investigations Unit, part of the larger Cybersecurity and Privacy Law Team, is seeking a threat intelligence analyst.  The employee will be assigned to the National Cyber Forensics Training Alliance (NCFTA), performing threat intelligence collection and analysis, along with the coordination and expansion of the unit’s internal and external information sharing program.  The analyst will report to the incident response and cybersecurity investigations team, and will be responsible for real-time, proactive, and retroactive response and analysis of IT, cybersecurity, and cyber-enabled fraud incidents in support of the High Tech Investigations Unit, Information Security Office, and Prudential Financial businesses.


The analyst will continuously research and report on threat actors, vulnerabilities, and TTP’s that represent a risk to the enterprise.  Through coordination with a variety of industry and governmental groups, paid and open-source intelligence assets, and information-sharing groups and portals, the threat intelligence analyst will conduct intelligence-driven incident response, and early warning in the furtherance of the information security and anti fraud mission of the High Tech Investigation Unit. The analyst will apply findings to proactive use cases in the enterprise SIEM, and will survey and harden the fraud gatekeeping infrastructure of Prudential Financial .   The analyst will serve as a liaison between numerous internal and external security, investigative, and counter-fraud entities, and will facilitate sharing and analysis of technical and behavioral TTP’s.


The successful candidate will possess and develop strong technical and interpersonal skills and will have the ability to handle high-profile matters and to work under pressure with minimal supervision. While the primary work location is the NCFTA office in Manhattan, NY and the company’s Newark, NJ office, the employee may be asked to participate in a variety of industry working groups and task force operations internationally.  The employee will periodically be required to travel for training and work assignments as needed.


Roles and Responsibilities:

  • Represent Prudential as a member of the NCFTA at their New York City offices

  • Collect and report to management on threat intelligence indicators relevant to Prudential Financial

  • Prepare regular threat intelligence briefs to management from a variety of sources

  • Develop new sources of threat intelligence for consideration by management

  • Develop systematic exploitation of available information sharing and threat intelligence sources

  • Brief business units and their leadership regarding impending security threats gleaned from analysis of the gathered intelligence

  • Participate in highly sensitive, complex, and confidential response, analysis, and protection against fraud, IT, and cybersecurity incidents

  • 3 years professional experience, including intelligence gathering and analysis and/or incident response and technical investigations experience, preferably involving financial services investigations.  We will consider post-graduate education on a year for year basis in lieu of professional experience.

  • Experience or training using Recorded Future, TruStar, Virus Total, Domaintools or similar threat intelligence tools

  • Advanced experience or training using Splunk or similar tools

  • Experience or training in analytic report writing

  • Experience or training in incident handling

  • Knowledge of typical attack vectors, network exploitation techniques, and exfiltration channels

  • Knowledge of current conventional and cyber threats and the associated tactics, techniques, and procedures used for account takeover and fraud.

  • Knowledge and understanding of network protocols, network devices, multiple operating systems, and secure architectures

  • Knowledge of personal computers, mobile devices, and server hardware, including RAID networked drive storage systems

  • Excellent analytical and problem-solving skills

  • Excellent communications skills, both written and oral are critical

  • Preferred Qualifications

  • Experience and/or training in computer evidence seizure, computer forensic analysis, and data recovery on Windows, Apple and Linux-based systems and devices

  • EnCE, ACE, CFCE, CISSP, or similar industry-accepted certifications

  • Experience with computer network surveillance/monitoring

  • Knowledge of network intrusion detection and response operations

  • Experience or training with analysis of security events from multiple sources including but not limited to events from Security Information Monitoring (SIEM) tools, network and host-based intrusion detection systems, firewall logs, system logs (Unix and Windows), mainframes, mid-range, applications, and databases

  • Knowledge of and experience using Splunk to create reports, write complex search queries and conduct ad-hoc queries

  • Knowledge of and/or certifications with industry digital forensic tools such as EnCase, X-Ways, F-Response, and/or open source tools

  • Understanding of Windows, MAC and Linux operating systems

  • Knowledge of Cloud computing platforms, primarily AWS and Microsoft.

  • Experience with Python scripting language; additional languages a plus

  • Experience with Microsoft PowerShell, particularly about writing queries for Office 365

  • Recent and basic programming experience