Senior Cyber Threat Intelligence Engineer
Apply NowCompany: Raymond James Financial, Inc.
Location: Saint Petersburg, FL 33710
Description:
Job Description
Note: This position will follow our hybrid work model, we expect the selected candidate to be in the office 2-3 days a week at the St. Petersburg, FL Corporate Office location.
Description:
The financial services industry is constantly under attack by sophisticated cyber adversaries that range from nation-states to criminals. In response, Raymond James trusts the Cyber Threat Center (CTC) with ensuring all equities are secure against all tiers of cyber adversaries. We are the central hub for Computer Network Operations and are on the front lines of vulnerability management, security incident response, threat hunting, and intelligence. You will be working with emerging technologies to solve challenging security problems in a fast-paced and continually evolving environment while helping steer the direction and evolution of the team. This highly visible team within the organization evaluates threats to the environment and dynamically adjusts to the ever-changing threat landscape by applying practical security knowledge to developing new detective measures to protect the firm.
Job Summary:
The Cyber Threat Center Senior Cyber Threat Intelligence Engineer will be responsible for engineering solutions which enables automation, content and analytics builds, and metrics for Intelligence and Insider Threat program. The engineer will drive technological improvements in threat actor-based intelligence analysis, creating relevant, timely, and actionable intelligence products, and will provide support to cyber incident response and cyber threat hunting teams. The focus of the Senior Cyber Threat Intelligence Engineer through automation, programming, content and analytics creation is to defend against adversarial activity and smartly detect insider threats to deter successful exploitation of Raymond James information networks. The Engineer enables the teams use of data analysis, threat intelligence, and cutting-edge security technologies. This role directly supports the Cyber Threat Center by applying analytic and technical skills to investigate intrusions, identify malicious activity and potential insider threats, and in some cases conduct computer network operations. This role reports to the Manager Cyber Threat Intelligence Team.
Responsibilities:
Skills/Previous Experience:
Licenses/Certifications:
Education
Bachelor's: Computer and Information Science, Bachelor's: Information Technology, High School (HS) (Required)
Work Experience
General Experience - 7 to 12 months
Certifications
Travel
Less than 25%
Workstyle
Hybrid
At Raymond James our associates use five guiding behaviors (Develop, Collaborate, Decide, Deliver, Improve) to deliver on the firm's core values of client-first, integrity, independence and a conservative, long-term view.
We expect our associates at all levels to:
Grow professionally and inspire others to do the same
Work with and through others to achieve desired outcomes
Make prompt, pragmatic choices and act with the client in mind
Take ownership and hold themselves and others accountable for delivering results that matter
Contribute to the continuous evolution of the firm
At Raymond James - as part of our people-first culture, we honor, value, and respect the uniqueness, experiences, and backgrounds of all of our Associates. When associates bring their best authentic selves, our organization, clients, and communities thrive. The Company is an equal opportunity employer and makes all employment decisions on the basis of merit and business needs.
#LI-NM1
Note: This position will follow our hybrid work model, we expect the selected candidate to be in the office 2-3 days a week at the St. Petersburg, FL Corporate Office location.
Description:
The financial services industry is constantly under attack by sophisticated cyber adversaries that range from nation-states to criminals. In response, Raymond James trusts the Cyber Threat Center (CTC) with ensuring all equities are secure against all tiers of cyber adversaries. We are the central hub for Computer Network Operations and are on the front lines of vulnerability management, security incident response, threat hunting, and intelligence. You will be working with emerging technologies to solve challenging security problems in a fast-paced and continually evolving environment while helping steer the direction and evolution of the team. This highly visible team within the organization evaluates threats to the environment and dynamically adjusts to the ever-changing threat landscape by applying practical security knowledge to developing new detective measures to protect the firm.
Job Summary:
The Cyber Threat Center Senior Cyber Threat Intelligence Engineer will be responsible for engineering solutions which enables automation, content and analytics builds, and metrics for Intelligence and Insider Threat program. The engineer will drive technological improvements in threat actor-based intelligence analysis, creating relevant, timely, and actionable intelligence products, and will provide support to cyber incident response and cyber threat hunting teams. The focus of the Senior Cyber Threat Intelligence Engineer through automation, programming, content and analytics creation is to defend against adversarial activity and smartly detect insider threats to deter successful exploitation of Raymond James information networks. The Engineer enables the teams use of data analysis, threat intelligence, and cutting-edge security technologies. This role directly supports the Cyber Threat Center by applying analytic and technical skills to investigate intrusions, identify malicious activity and potential insider threats, and in some cases conduct computer network operations. This role reports to the Manager Cyber Threat Intelligence Team.
Responsibilities:
- Identify cyber threats, trends, and new developments on various cybersecurity topics by analyzing open-source intelligence and data which includes geopolitical and transnational events.
- Perform analysis of data and information meeting Raymond James intelligence requirements as well as the financial sector's current cybersecurity intelligence needs.
- Conduct research, analysis, and document events that meet Raymond James Intelligence Requirements.
- Produce quality intelligence reports for management and other teams.
- Be able to articulate and communicate intelligence openly and publicly at all levels of the business.
- Apply analytic tradecraft to intelligence. Investigate, document, and report on cybersecurity issues and emerging trends.
- Identify and monitor the Tactics, Techniques, and Procedures (TTPs) used by cyber threat actors by analyzing open-source intelligence and data.
- Provide actionable strategic, technical, and tactical cyber information and intelligence through reports, briefings, and presentations.
- Make analytical predictions about cyber adversaries and their future activities based upon known TTPs.
- Identify threats by performing relevant research and data analysis using both internal and external tools and resources.
- Performs other duties and responsibilities as assigned.
Skills/Previous Experience:
- Three (3) or more years of in Cyber Threat Intelligence or relevant experience is highly preferred.
- Experience within a highly regulated environment like Financial Services preferred but not required.
- Must be a capable of becoming a qualified administrator for multiple platforms used by the Cyber Threat Intelligence Team (ServiceNow, Proofpoint, Splunk, Tanium, Veriato and Axiom).
- Possess expert knowledge of the intelligence cycle.
- Possess knowledge of the cyber kill chain, and MITRE Attack Framework.
- Possess critical thinking and problem-solving skills.
- Possess excellent communication skill in interpreting data, making assessments, and in preparing clear, actionable intelligence reports for peers, management, and executive leadership.
- Knowledge of how malware is developed, functions, and persistence.
- Excellent verbal and written communication skills including the ability to clearly articulate technical and strategic level cyber matters to a variety of audiences.
- Ability to produce quality finished intelligence products.
- Experience using Splunk for monitoring and event correlation.
- Experience with scripting in Python or JavaScript.
Licenses/Certifications:
- SANS or Offensive security certification is preferred but not required.
Education
Bachelor's: Computer and Information Science, Bachelor's: Information Technology, High School (HS) (Required)
Work Experience
General Experience - 7 to 12 months
Certifications
Travel
Less than 25%
Workstyle
Hybrid
At Raymond James our associates use five guiding behaviors (Develop, Collaborate, Decide, Deliver, Improve) to deliver on the firm's core values of client-first, integrity, independence and a conservative, long-term view.
We expect our associates at all levels to:
Grow professionally and inspire others to do the same
Work with and through others to achieve desired outcomes
Make prompt, pragmatic choices and act with the client in mind
Take ownership and hold themselves and others accountable for delivering results that matter
Contribute to the continuous evolution of the firm
At Raymond James - as part of our people-first culture, we honor, value, and respect the uniqueness, experiences, and backgrounds of all of our Associates. When associates bring their best authentic selves, our organization, clients, and communities thrive. The Company is an equal opportunity employer and makes all employment decisions on the basis of merit and business needs.
#LI-NM1