Information Security Analyst-Cyber Threat Intelligence/ Forensics

Get Referred

Job Description

Why American Express?

There’s a difference between having a job and making a difference.

American Express has been making a difference in people’s lives for over 160 years, backing them in moments big and small, granting access, tools, and resources to take on their biggest challenges and reap the greatest rewards.

We’ve also made a difference in the lives of our people, providing a culture of learning and collaboration, and helping them with what they need to succeed and thrive. We have their backs as they grow their skills, conquer new challenges, or even take time to spend with their family or community. And when they’re ready to take on a new career path, we’re right there with them, giving them the guidance and momentum into the best future they envision.

Because we believe that the best way to back our customers is to back our people.

The powerful backing of American Express.

Don’t make a difference without it.

Don’t live life without it.

The Cyber Threat Intelligence Analyst is responsible for providing analysis in order to identify threats, quantify vulnerabilities of current threats in order to develop timely and actionable alerts, briefs and analytical assessments. Focusing on threats originating in information technology environments, the Information Security Analyst will produce actionable information in a clear and concise manner. 

This position will support the American Express Fusion Center. The individual will report top threats impacting American Express Financial Technologies, by providing awareness, indications, warnings, and operational readiness, the Fusion Center protects the AXP brand, global business operations, technology infrastructure and client trust against cyber threats worldwide. 

  • Analyze, process, and compare data to produce tactical intelligence products.
  • Identify credible, new intelligence and subject matter resources relative to current/emerging threats.
  • Author tactical assessments on cyber threats, attacks, and incidents of interest to AXP.
  • Provide subject matter expertise on cyber threats to support current analytic operations and initiatives. 
  • Create written and verbal intelligence products for internal AXP customers to assist in proactively addressing threats to the IT or InfoSec infrastructure.   
  • Perform open source threat collection and analysis activities identifying indication of cyber threats, identify malicious code, websites, and vulnerabilities through automated and manual analysis using existing and purpose-built tools. 
  • Experience in analyzing malware / hacking tools and threat actor tactics, techniques, and procedures to characterize threat actors’ technical methods for accomplishing their missions.
  • Collect, analyze, catalog, store, and assist in the deployment of indicators of compromise (IOCs) in partnership with the Fusion Center to help refine detection and response efforts.
  • Conduct intrusion analysis to ascertain the impact of an attack and develop threat trends to develop mitigation techniques and countermeasures that can prevent future attacks. 

Minimum Qualifications

  • In-depth knowledge of common security controls, detection capabilities, and other practices / solutions for securing digital environments, to include packet flows / TCP & UDP traffic, firewall and proxy technologies, anti-virus, Intrusion Detection/Prevention Systems and other host-based monitoring, email monitoring and spam technologies, SIEMs, etc.
  • Experience in analyzing malware / hacking tools and threat actor tactics, techniques, and procedures to characterize threat actors’ technical methods for accomplishing their missions.
  • Understanding of forensic analysis on and data captures from networks / packet capture, hosts (volatile/live memory), electronic media, log data, and network devices in support of intrusion analysis or enterprise level information security operations.
  • Understanding of what information or assets are of value to threat actors and how organizations are breached.
  • In-depth understanding of modern technical security controls (i.e. firewalls, SIEMS, IPS, HIPS, web proxies).
  • Musthavestrongverbalandwrittencommunicationskills; interpersonal collaborative skills; and the ability to communicate security and risk-related concepts to technical and non-technical audiences.
  • Can apply a variety of structured analytic techniques to generate and test a hypothesis, assess cause and effect, challenge analysis, and support decision making.
  • Should have working knowledge in two or more of the following areas: 
    • Nation State Threat actors
    • Cybercrime
    • Hacktivism
    • Distributed Denial of Service attacks
    • Fraud
    • Malware (i.e. remote access tools, exploit kits, etc.)
    • Emerging Threats
    • Phishing Techniques
    • Social Engineering
    • Web Application Attacks 
  • Previous experience as a Military Threat Operations team member, Security Researcher, Cyber Threat Researcher, or Cyber Crime investigator preferred.
  • 2+ years’ working in one or more of threat intelligence, Security operations, security engineering, security architecture, or forensics
  • Possesses the ability to review information to determine its significance, validate its accuracy and assess its reliability. 
  • Bachelor's degree or equivalent combination of education and experience preferred
Employment eligibility to work with American Express in the U.S. is required as the company will not pursue visa sponsorship for these positions. 

ReqID: 20004221
Schedule (Full-Time/Part-Time): Full-time
Date Posted: Mar 17, 2020, 11:11:42 AM