Operational Threat Intelligence Analyst - External monitoring for social media-based malicious content, compromised credit and debit card products 91611-

Position Title: Analyst, Operational Threat Intelligence

Contract Duration: 8 months

Remote/Hybrid: Hybrid - 2 days a week in office - rotation

OT: 10 hrs of OT every 4 weeks. This role requires to be on call for a week once every four months.

Location Address: Toronto-CC East 12th Floor

Schedule Hours: Mon - Fri 9 -5pm - early and late shifts as well - starting at 7 or 11

Operational: Tactical monitoring and analysis of active and potential threats on a daily basis to The Bank's. This includes:

• External monitoring for social media-based malicious content, compromised credit and debit card products, technical vulnerabilities, malware, as well as compromised third parties, merchants, and point-of-sale machines to prevent threats and risks to The Bank.

• Detection of threat actors, events, and indicators of compromise affecting other financial institutions and extracting relevant information to prevent exploitation within The Bank

Availability to interview: ASAP

Job Description:

• Fusion Threat Intelligence is responsible for operational and strategic level intelligence collection, analysis, and production which discerns trends beyond the tactical and makes linkages to the external threat environment, strengthening assessments and providing recommendations which directly support intelligence end-users across the Information Security, Corporate Security, and Fraud Management domains.

How You’ll Succeed

• Intelligence Cycle Expertise - Provide specialized advice, consultation, and analysis on intelligence issues and trends relating to cybersecurity, fraud, and corporate security, including in support of incidents, investigations and other Fusion use cases. Complete operational and strategic level analysis that captures high-level analytical insights and produce concise intelligence briefings meeting consumer needs; ensuring a high standard of service delivery. Provide expert advice/consultation to senior management on designing, implementing, optimizing and maintaining the intelligence cycle to inform and aid the protection assets, information, and people.

• Relationship Building - Develop and manage relationships with management and business leaders, including guiding collaboration with security pillars; providing knowledge of intelligence best practices and advanced collection and analysis techniques.

• Support to Key Stakeholders - Support complex incidents and investigations as an intelligence practitioner. Identify potential threats to the bank; take action and contribute to problem and event management to resolve as quickly and efficiently as possible. Undertake special projects with internal and external stakeholders, as assigned / required.

• Strategic Thinking Approach - Provide support to Fusion Centre management, team members and peers as required to support delivery of Fusion Threat Intelligence programs.

• Communication - Demonstrate exceptional ability to communicate in a clear, concise and logical manner, verbally and in writing; sufficient to convey complex information/ideas on issues involving interpretation and opinion, capable of ensuring senior leaders are kept aware of issues and provided informed and timely advice.

• Leadership and Team Player - Contribute to the development of intelligence analysts within the Fusion Threat Intelligence team and a healthy work environment. Ability to maintain a high degree of professionalism and integrity; capable of creating a trusting work environment where the expression of diverse perspectives is encouraged.

Must haves:

1. 2+ years experience in threat intelligence

2. Knowledge of common security threats, industry best practices, security technologies and how they relate

3. Previous cyber security environment experience

4. Experience with Threat Actors and Attack Techniques

5. External Monitoring experience

Nice to have:

Previous experience within the financial sector space

It’s an asset if you have an information security certification - CompTIA Sec+, CISM

Education and Certifications: Undergrad level diploma.

Supplier Call Notes

• Communicate via briefings with other teams

• Interview Assessment-will be given a Cyber security topic to assess their writing

• Team has hired from wide variety of backgrounds - good to have previous banking but not necessary

• CW will be interacting with the stakeholders

• Threat monitoring technologies - no specific tooling requirements

• Security Analyst Title?-as long as they have an understanding of intelligence cycle and can do long form and short form reporting