JRI-America (JRI-A) provides IT services for SMBC Group.
The Cyber Threat Intelligence & Analysis Team Lead is responsible for organizing and delivering the monitoring and response activities within the SOC. The Cyber Threat Intelligence & Analysis Team Lead leads and coordinates the work of a team of analysts who monitor, analyse and respond to security alerts, incidents and threats. The team consumes, processes, analyzes and operationalizes cyber threat intelligence, threat data, alerts, vulnerability information or other indicators of threat activity for the purposes of identifying and mitigating threat activity and then improving security detection and prevention capabilities in SMBC’s environment.
- Provide leadership to and coordinate the activities of a team of analysts in the provision of security monitoring and incident response activities.
- Manage daily operations and processes, to deliver consistently high-quality intelligence, analysis, investigations, monitoring and responses.
- Manage the intake and distribution of work within the function to deliver consistently high-quality monitoring, analysis and responses.
- Coordination of team meetings, team reporting, management reporting and delivery of metrics.
- Ensure the timely delivery and constant improvement of management reporting for all activities undertaken by the team.
- Establish a close working relationship with key providers i.e. MSSPs/Service providers, lead weekly/monthly calls and ensure the services provided to the SOC by them are fully managed to a high quality, including alert triage quality and coverage.
- Lead and support as necessary, projects that support the enhanced delivery of services by the SOC.
- Technical resource for items related to their function; responsible for understanding bank infrastructure and understanding exposure to critical threats, vulnerabilities.
- Recommend countermeasures, security techniques, tools and vendor products to mitigate security vulnerabilities and strengthen the overall security posture.
- Escalate all issues to Function Manager / SOC Management.
- Initiate continuous improvement ideas and suggestions to increase efficiencies and productivity.
- Coordinate with security operations and incident response staff to tune and improve detection capabilities or to aid in investigations or respond to incidents.
- Responsible for the performance of the function, including the management of staff and processes.
- Lead the integration of Cyber Threat Intelligence into all aspects of the teams work including the delivery of supporting processes and documentation.
- Onboard new tools and ensure all team processes and knowledge is fully documented and the team is trained and supported appropriately.
- Conduct, disseminate and follow up on operational risk assessments relating to security operations. Take the lead internally for driving forward ACR recommendations and ensuring they are dealt with effectively.
Education & Skills
- 5+ years of experience in information security (network, application and systems) or related technology experience required, experience in the financial services industry is preferred.
- Strong knowledge of technology and security controls related to the detection, analysis, containment, eradication, and recovery from cyber security incidents.
- Ability to use logic and reasoning to identify the strengths and weaknesses of IT systems.
- A forensic approach to challenges.
- A good understanding of how threat actors work and ability to keep up with the fast pace of change in the criminal cyber-underworld.
- An understanding of the intelligence cycle, and experience with Threat Intelligence Platforms.
- Strong people, time and task management skills.
- Professional Certifications an advantage but not essential if have requisite role knowledge, GCIH, GNFA, GFCA, Certified Ethical Hacker (CEH), CISSP certification a plus.
- Technical writing experience with management level reports.
To apply for this job email your details to email@example.com