Lead Cyber Threat Intelligence Analyst

Make banking a Fifth Third better®

We connect great people to great opportunities. Are you ready to take the next step? Discover a career in banking at Fifth Third Bank.

GENERAL FUNCTION:

As a member of the Information Security discipline, this role is responsible for assisting in the evaluation and development of systems security across the enterprise with an emphasis on detecting, responding and preventing cyber incidents. They will will actively monitor, analyze and correlate network traffic utilizing the latest in security technology, evaluate security incidents, perform research and provide in-depth incident analysis. Additionally, they will review threat data from various sources and assess cyber intelligence to support in-depth analysis of various threats. This position requires technical expertise and knowledge of security practices, procedures, and capabilities in order to perform non-repetitive, analytical work.

Responsible and accountable for risk by openly exchanging ideas and opinions, elevating concerns, and personally following policies and procedures as defined. Accountable for always doing the right thing for customers and colleagues, and ensures that actions and behaviors drive a positive customer experience. While operating within the Bank’s risk appetite, achieves results by consistently identifying, assessing, managing, monitoring, and reporting risks of all types.

ESSENTIAL DUTIES AND RESPONSIBILITIES:

• Monitors, analyzes, and interprets system logs for events and incidents reflective of unauthorized access or operational irregularities and escalates for action as appropriate.
• Responds to incidents to prevent additional loss and to obtain and preserve forensic evidence.
• Collaborates with appropriate response partners, assist with determining the root cause of incidents and work with stakeholders and responsible parties to remediate any identified control gaps or failures
• Escalate issues to management in a timely manner with appropriate information regarding severity, exposure, and action items; this role requires critical thinking and investigative mindset coupled effective written, and verbal communication skills.
• Act as a mentor to more junior anaylsts
• Promotes activities to foster information security awareness throughout the organization.
• Responsible and accountable for risk by openly exchanging ideas and opinions, elevating concerns, and personally following policies and procedures as defined.
• Accountable for always doing the right thing for customers and colleagues, and ensures that actions and behaviors drive a positive customer experience.
• While operating within the Bank’s risk appetite, achieves results by consistently identifying, assessing, managing, monitoring, and reporting risks of all types.
• Serves as an Information Security Subject Matter Expert (SME) by maintaining knowledge of industry recognized security technologies and concepts; actively engages and assists lines of business to understand their needs and develop secure business solutions.
• Help assess, implement, and manage security related systems, processes and tools.
• Remains knowledgeable of changes in security technology, industry practices, and state and federal regulatory requirements; provides technical assistance to IT staff in the detection and resolution of security problems.
• Provide subject matter expertise, technical deliverables oversight of strategic Cyber projects and initiatives to enhance and improve Cyber Intelligence capabilities and maturity.
• Develops security solutions for medium to highly complex information security issues.
• Performs other duties as assigned.

MINIMUM KNOWLEDGE, SKILLS AND ABILITIES REQUIRED:

• Bachelor’s Degree in Computer Science, Information Systems, or other related field, or other relevant experience.
• 4 to 8 years of experience with the analysis/investigation and containment of potential data breaches or cyber security incidents.
• Scripting/Coding experience - Python, Regex, Yara as examples
• Knowledge of current hacking techniques, vulnerability disclosures, data breach incidents, and security analysis techniques
• Knowledge of malware families, botnets, threats by sector, and various attack campaigns and attacker methods, tools/techniques/practices
• Knowledge of cloud technologies including O365
• Common security controls is required including; authentication, encryption, IDS, WAFs, firewalls, HIPS, EDR, EPP, etc.
• Proficient in both Linux and Windows operating systems.
• Understanding of application protocols
• Strong analytical, tactical and critical thinking ability.
• Ability to handle multiple competing priorities in a fast-paced environment.
• Ability to communicate effectively across multiple levels
• Preferred CISSP, GIAC, or other relevant certification

Fifth Third Bank, National Association is proud to have an engaged and inclusive culture and to promote and ensure equal employment opportunity in all employment decisions regardless of race, color, gender, national origin, religion, age, disability, sexual orientation, gender identity, military status, veteran status or any other legally protected status.