American Express Careers

Cyber Threat Intelligence Analyst

Phoenix, Arizona
Digital Commerce Technology

Apply Get Referred

Job Description

Why American Express?
There’s a difference between having a job and making a difference.
American Express has been making a difference in people’s lives for over 160 years,
backing them in moments big and small, granting access, tools, and resources to take
on their biggest challenges and reap the greatest rewards.
We’ve also made a difference in the lives of our people, providing a culture of learning
and collaboration, and helping them with what they need to succeed and thrive. We
have their backs as they grow their skills, conquer new challenges, or even take time to
spend with their family or community. And when they’re ready to take on a new career
path, we’re right there with them, giving them the guidance and momentum into the
best future they envision.
Because we believe that the best way to back our customers is to back our people.
The powerful backing of American Express.
Don’t make a difference without it.
Don’t live life without it. 
The Cyber Threat Intelligence Analyst is responsible for providing analysis in order to identify threats, quantify vulnerabilities of current threats in order to develop timely and actionable alerts, briefs and analytical assessments. Focusing on threats originating in information technology environments, the Information Security Analyst will produce actionable information in a clear and concise manner.  This position will support the American Express Fusion Center. The individual will report top threats impacting American Express Financial Technologies, by providing awareness, indications, warnings, and operational readiness, the Fusion Center protects the AXP brand, global business operations, technology infrastructure and client trust against cyber threats worldwide.
  • Analyze, process, and compare data to produce tactical intelligence products.
  • Identify credible, new intelligence and subject matter resources relative to current/emerging threats.
  • Author tactical assessments on cyber threats, attacks, and incidents of interest to American Express.
  • Provide subject matter expertise on cyber threats to support current analytic operations and initiatives.
  • Create written and verbal intelligence products for internal AXP customers to assist in proactively addressing threats to the IT or InfoSec infrastructure.  
  • Perform open source threat collection and analysis activities identifying indication of cyber threats, identify malicious code, websites, and vulnerabilities through automated and manual analysis using existing and purpose-built tools. 
  • Experience in analyzing malware / hacking tools and threat actor tactics, techniques, and procedures to characterize threat actors’ technical methods for accomplishing their missions.
  • Collect, analyze, catalog, store, and assist in the deployment of indicators of compromise (IOCs) in partnership with the Fusion Center to help refine detection and response efforts.
  • Conduct intrusion analysis to ascertain the impact of an attack and develop threat trends to develop mitigation techniques and countermeasures that can prevent future attacks.


  • In-depth knowledge of common security controls, detection capabilities, and other practices / solutions for securing digital environments, to include packet flows / TCP & UDP traffic, firewall and proxy technologies, anti-virus, Intrusion Detection/Prevention Systems and other host-based monitoring, email monitoring and spam technologies, SIEMs, etc.
  • Experience in analyzing malware / hacking tools and threat actor tactics, techniques, and procedures to characterize threat actors’ technical methods for accomplishing their missions.
  • Understanding of forensic analysis on and data captures from networks / packet capture, hosts (volatile/live memory), electronic media, log data, and network devices in support of intrusion analysis or enterprise level information security operations.
  • Understanding of what information or assets are of value to threat actors and how organizations are breached.
  • In-depth understanding of modern technical security controls (i.e. firewalls, SIEMS, IPS, HIPS, web proxies).
  • Must have strong verbal and written communication skills; interpersonal collaborative skills; and the ability to communicate security and risk-related concepts to technical and non-technical audiences.
  • Can apply a variety of structured analytic techniques to generate and test a hypothesis, assess cause and effect, challenge analysis, and support decision making.
  • Should have working knowledge in two or more of the following areas:
    • Nation State Threat actors
    • Cybercrime
    • Hacktivism
    • Distributed Denial of Service attacks
    • Fraud
    • Malware (i.e. remote access tools, exploit kits, etc.)
    • Emerging Threats
    • Phishing Techniques
    • Social Engineering
    • Web Application Attacks
  • Previous experience as a Military Threat Operations team member, Security Researcher, Cyber Threat Researcher, or Cyber Crime investigator preferred.
  • 2+ years’ working in one or more of threat intelligence, Security operations, security engineering, security architecture, or forensics
  • Possesses the ability to review information to determine its significance, validate its accuracy and assess its reliability.
  • Bachelor's degree or equivalent combination of education and experience preferred

Employment eligibility to work with American Express in the U.S. is required as the company will not pursue visa sponsorship for these positions.


ReqID: 19006892
Schedule (Full-Time/Part-Time): Full-time
Date Posted: Apr 10, 2019, 5:22:29 PM
Apply Get Referred