Principal Cybersecurity Analyst – Threat Intelligence
At Discover, be part of a culture where diversity, teamwork and collaboration reign. Join a company that is just as employee-focused as it is on its customers and is consistently awarded for both. We’re all about people, and our employees are why Discover is a great place to work. Be the reason we help millions of consumers build a brighter financial future and achieve yours along the way with a rewarding career.
The Threat Intelligence team is Discover Financial Services main proponent of cyber threat information and intelligence collection, analysis, and dissemination of finished product to Discover Financial Services core of security operations teams, information technology teams, information technology risk teams, and overall executive decision makers. Our core mission is focused on protecting Discover Financial Services assets from all cyber related attacks and advancing our technological maturity in order to continue to combat these types of threats. The Threat Intelligence team is responsible for planning, executing and operationalizing the cyber intelligence lifecycle. This team is comprised of industry leading experts in intelligence analysis, intelligence gathering, cyber security and monitoring, investigations and engineering. The team is responsible for external engagement with peer groups in information security circles over cyber threats and on the development of global cyber policy. The Threat Intelligence teams collection efforts focus on events ranging from intrusions, malware, DDoS, unauthorized access, insider attacks, and loss of proprietary information. This includes developing deep understanding of global threat actors and the geopolitical drivers of cyberspace. The Threat Intelligence team plays an integral role in the alerting, response, and mitigation of computer security incidents at Discover Financial Services. The Threat Intelligence Team works closely with the incident response team, and various lines of business to mitigate risk to the company.
Responsibilities
- Acts as the principal advisor to upper management in Cybersecurity matters. Provides guidance to Cybersecurity architects in the design and development of security solutions, consistent with business goals and risk tolerance. Works closely with business analysts, engineers, and architects to ensure security requirements are effectively met through all phases of system lifecycles. Determines whether systems perform as expected, provides input to the determination of operational effectiveness, and takes action to remediate issues and resolve gaps. Directs security solutions and technical assurance in alignment with business risk and regulatory requirements.
- Works closely with management to define and promote the strategic direction of the team. Provides strong leadership and direction to team members. Provides subject matter expertise across all Cybersecurity technologies. Oversees Cybersecurity projects and initiatives to ensure complete and timely delivery of key objectives.
- Identifies, evaluates, and remediates potential vulnerabilities, and develops cyber solutions, internal processes, and standards for threat intelligence workflow. Contains potential breaches, conducts digital forensics, and submits an independent, classified incident review to senior leadership. Articulates defensive security measures, defines new security requirements, and develops mitigation techniques to maximize protection and preservation of the brand. Advises leadership on an entire range of risk matters facing the department and ensures the mitigation of operational risks. Resolves conflicts in laws, regulations, policies, standards, or procedures.
- Resolves and remediates security issues and/or vulnerabilities. Ensures compliance to audit, regulatory, and legal requirements. Builds and maintains effective relationships with peers and internal business partners, and external vendors. Provides oversight for team direction, tactical responsibilities, and effective controls.
- Designs metrics models and develops advanced capabilities to ensure confidentiality, integrity, availability, authentication, and non-repudiation. Develops unique cybersecurity performance and risk indicators to maintain constant awareness of the status of the highly dynamic operating environment. Develops assessment plans and measures risk performance for effective dashboard reporting. Conducts strategic and operational effectiveness assessments as required for cyber events, and regulatory and audit reviews
Minimum Qualifications
At a minimum, here’s what we need from you:
- H.S. Diploma or GED
- 6+ years of experience in Information Security, Computer Science, Engineering, Data Analytics, or related field
Preferred Qualifications:
If we had our say, we’d also look for:
- Bachelor’s Degree in Information Security , Computer Science, Business Administration, Data Analytics, or related field
- 8+ years of experience in Information Security, Computer Science, Engineering, Data Analytics, or related field
- In lieu of a degree, 4+ years of experience with related certifications: CISSP/GIAC
- PMP, CEH, GIAC, CISM, CISSP
- Knowledge of common adversary tactics, techniques, and procedures (TTPs)
- Strong communication skills, written and verbal.
- Experience in copy-editing, proofreading, and technical writing for long documents
- Experience with threat intelligence tools & management platforms
- Experience with collecting, analyzing, and interpreting data from multiple sources, documenting the results and providing meaningful analysis products
- Knowledge of the principal methods, procedures, and techniques of gathering information and producing, reporting, and sharing intelligence
- Excellent teamwork skills and ability to collaborate with a diverse team of skilled cybersecurity professionals
- Experience with current and historical Threat Actor Group(s) TTPs
- Ability to work independently and as part of a team
- Knowledge of security best practices, and federal and private sector security standards
#L1_LJ1
Discover Financial Services is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran status, among other things, or as a qualified individual with a disability.
So, what are you waiting for? Apply today!