Information Security Analyst I

Get Referred

Job Description

Reporting to the Director of Third Party Security Monitoring, the Cyber Threat Intelligence Analyst is responsible for providing intelligence analysis in order to identify threats and to quantify vulnerabilities leveraged by those threats, developing timely and actionable alerts, briefs, and analytical assessments. Focusing on threats originating from third parties, the Cyber Threat Intelligence Analyst will produce actionable information in a clear and concise manner. The individual will report top threats by providing awareness, indications, warnings, and operational readiness briefings; the Cyber Threat Intelligence Analyst will then ensure validated threat intelligence is actioned by third parties.


In this position the Cyber Threat Intelligence Analyst is expected to:

  • Analyze, process, and compare data to produce intelligence products.
  • Identify credible, new intelligence, and subject matter resources relative to current and emerging threats.
  • Author assessments on cyber threats, attacks, and incidents of interest to American Express.
  • Provide subject matter expertise on cyber threats to support current analytic operations and initiatives.
  • Work with third parties developing shared intelligence.
  • Ensure risk reduction is carried out by third party service providers and business partners.


Primary Responsibilities

  • Perform open source threat collection and analysis activities identifying indications of cyber threats, malicious code, malicious websites, and vulnerabilities through both automated and manual analysis
  • Identify credible, new intelligence, and subject matter resources relative to current and emerging threats.
  • Analyze vulnerabilities, exploits, malware and tools and translating analysis into actionable intelligence
  • Provide subject matter expertise on cyber threats to support current analytic operations and initiatives.
  • Create written and verbal intelligence products for internal American Express customers to assist in proactively addressing threats.  
  • Correlate risk assessment activity with cyber threat monitoring and develop long term trend analysis capability.
  • Develop and present key findings to senior leadership.
  • Demonstrate professionalism and excellent communication skills when representing American Express in third-party relationships.


Additional Responsibilities

  • Create, develop, and manage tools and scripts to assist in the monitoring of cyber risk, intelligence sources, and automation of processes
  • Assist with and participate in cyber incident response and outreach activity related to company’s most critical third party vendors and partners
  • Develop, improve, and document processes related to cyber monitoring and incident response
  • Develop metrics and reporting programs for senior leadership
  • Project management
  • Occasional off-hours and weekend work required.


  • Must have 5+ years of experience in cyber threat intelligence, security operations, or forensic cyber investigations and incident response, including the analysis of malware, hacking tools, and threat actor tactics, techniques and procedures to characterize threat actors’ technical methods for accomplishing their missions.
  • Solid understanding of what information or assets are of value to threat actors and how organizations are breached.
  • Understanding of and experience with modern technical security controls and technologies, such as firewalls, SIEMs, IPS, HIPS, web proxies, etc.
  • Must be proficient with OS-Int gathering techniques, dark web monitoring concepts,
  • Demonstrated expertise in application security, specifically web, mobile, and cloud application security, secure configuration, and database security
  • Expert knowledge of CIS Critical Controls, OWASP Top 10, and ability to effectively communicate and articulate information security risks
  • Operational understanding of TCP/IP, computer networking and common protocols such as DNS, SMTP, HTTP, etc.
  • Should be proficient in the use and management of common penetration testing tools, including web, vulnerability, and code scanning tools
  • Can apply a variety of structured analytic techniques to generate and test a hypothesis, assess cause and effect, challenge analysis, and support decision making.
  • Basic understanding of forensic analysis on and data captures from networks (packet capture), hosts (volatile/live memory), electronic media, log data, and network devices in support of intrusion analysis or enterprise level information security operations.
  • Should have working knowledge in one or more of the following areas:
    • Nation State Threat Actors
    • Cyber Crime
    • Extremist Groups and Cyber Terrorists
    • Hacktivism
    • Distributed Denial of Service Attacks
    • Fraud
    • Malware
    • Emerging Threats
    • Social Engineering
    • Cloud Technologies and Security Relevant Issues
  • Possesses the ability to review information to determine its significance, validate its accuracy and assess its reliability.
  • Must have excellent verbal and written communication skills, interpersonal collaborative skills, and the ability to communicate security and risk-related concepts to technical and non-technical audiences.
  • Must possess the ability to multitask, prioritize, and manage time effectively
  • Must be able to pay strong attention to detail
  • Previous experience as a security researcher, cyber threat researcher, or cyber crime investigator preferred.
  • Bachelor's degree in Cybersecurity, Computer Science or Information Systems, or equivalent combination of education and experience preferred.

ReqID: 19019409
Schedule (Full-Time/Part-Time): Full-time
Date Posted: Nov 27, 2019, 7:02:33 AM