Threat Intelligence Analyst

Company

HDFC Bank is one of India's premier banks providing a wide range of financial products and services to over 43 million customers. Promoted by Housing Development Finance Corporation (HDFC), India's leading housing finance company, HDFC Bank began operations in 1995 with a simple mission: to be a "World-class Indian Bank"​. With a single-minded focus on product leadership, customer focus and operational excellence, the bank has accomplished this, emerging as a leading player in all its business segments. From a full range of products to the sheer convenience of their delivery, HDFC Bank today has made significant strides in the banking space. It was recognized as India’s Most Valuable Brand for 5 consecutive years in a study conducted by Kantar, a research agency of the WPP group.

Job Role : Threat Intelligence Analyst

Job Purpose

A successful threat intelligence analyst should be aware of different types of tools. This includes various threat intelligence tools, report writing tools, threat modelling tools and methodologies, statistical data analysis tools, malware analysis tools, and threat sharing platforms. Apart from that, these professionals should have the skills to collect data from Indicators of Comprise (IoCs). This collection could be done through external and internal resources. This role will be responsible for independent collection, analysis, and production of finished Threat Intelligence in support of Bank Cyber Defense, Technology, and additional lines of business.  Them candidate will be responsible for collecting information and conducting technical analysis to develop intelligence for the Bank. Additionally, the candidate will maintain awareness of the global threat landscape and review complex, technical threat data, enrich it with contextual information and produce in finished intelligence for key stakeholder consumption. Significant time will be spent conducting technical analysis and reporting that will influence proactive detection logic and methodology implemented within Cyber Defense. TI analysts will regularly collaborate with its Cyber Defense partners in Cyber Threat Detection, Active Defense, Digital Forensics and Incident Response, as well as the Cyber Defense Response Center to respond to incidents and aid in investigations. This Analyst must maintain and secure the enterprise-wide cyber systems and networks, come up with security initiatives that will provide timely and complete resolutions and work with advanced forensic tools and techniques for attack reconstruction.

Keywords & Responsibility 

• Triage and analyze inappropriate correspondence, which includes email, physical mail, and telephonic messages to determine the level of risk
• Real-time monitoring of Surface, Deep and Dark Web forums to gather threat information relevant to Bank
• Monitor all-source information to identify threats and escalate appropriately
• Analyze and assess risks and threats to the company, associates, or assets
• Evaluate escalating situations, apply critical thinking, and coordinate effectively with other security personnel
• Triage incoming requests for information, provide timely and pertinent analysis, and coordinate response efforts with multiple departments
• Produce intelligence reports, threat assessments, and conduct investigations. Author threat information reports and briefings
• Identification of emerging threats
• Assist in incident investigations. Respond to Requests for Information from various team
• Must have an in-depth understanding of the concepts and threat forces
• Good working knowledge of advanced threat analysis technology in subjects such as Financial, telecommunications, computer science, and other is an added advantage
• Developing analytical threat models
• Coordinating with the threat study teams and offering all necessary functional guidance to avoid any malicious activities
• Support the team with research and source analysis
• Develop analytical products using enterprise and all-source intelligence
• Conduct malware analysis and provide indicators for defensive measures
• Reverse engineer attacker encoding protocols
• Understand the attack signatures and techniques
• Take charge of the collection methods, production resources and responsibilities
• Should have the necessary skills to take care of the highly classified information
• Offer all the necessary support to cyber security initiative through predictive and reactive analysis
• Must articulate the emerging trends to the co-workers
• Coordinate the resources and provide timely and complete resolutions
• Provide situational awareness and understanding of threats related to Bank OR financial sector to enhance the decision making process at the organization.
• Assist in case management and provide monthly, quarterly, and annual reports

Preferred Qualifications:

• BE/Bsc degree in Information Technology or Information Security, Computer Science, or another related field of study and 2/4+ years performing cyber threat intelligence analysis
• Any relevant certification (CISSP, CEH, Security+, SANS certification(s), Network+, CCNA)
• Technical skills proficiency in the following areas: strong understanding of malware (malware communication, installation, malware types), network communication using TCP/IP protocols, basic system administration, intermediate knowledge of computer network defense operations (proxy, firewall, IDS/IPS, router/switch) and open source information collection
• Experience implementing or improving operational processes or procedures in the intelligence analysis lifecycle.
• Experience in open source investigation techniques
• Excellent oral and written communication skills; ability to succinctly summarize and assess information
• Experience working with highly confidential information
• Knowledge of Cyber Threat Intelligence principles to include indicators of compromise (IOC) types, indicator pivoting and indicator attribution strength
• An innovative mind-set. Ability to grasp complex problems and explain them simplistically
• Ability to work under pressure and accomplish tasks on time
• Familiarity with MITRE ATT&CK, CBEST, and TIBER frameworks
• Proficiency hunting APT data using open source or commercial cyber threat analytic tools or data repositories such as VirusTotal, Passive Total, Threat Miner, or Maltego
• Strong ability to correlate data and research using open source repositories (ex. VirusTotal, Domaintools, Threatminer, etc.)
• Ability to apply formal intelligence analysis methods, develop hypothesis, prove/disprove relationships, always ask why, defend your analysis, and apply attribution to cyber threat activity
• Ability to make confidence-based assessments for purposes of attribution based on their technical analysis of network traffic, multi-source data, malware and system analysis. Candidate must be able to identify analytic bias
• Tool and script development OR Programming experience
• Familiarity with Hundreds of Methodologies, Tools, and Platforms
• Knowledge of Various Data Collection and Acquisition Techniques
• Aware of Multiple Data Analysis Approaches
• Cyber intelligence analysts need analytical skills to identify data breaches or bad actors who are manipulating operating systems and destroying the functionality of a business.
• Knowledge and Application of Threat Intelligence Tools