Veritude is seeking a Senior Cyber Threat Intelligence Analyst for Fidelity Investments. This position is based in Merrimack, NH.
Analyze threat information from a variety of internal and external sources to provide actionable intelligence to maintain and enhance the defenses Fidelity information systems and resources. Support Enterprise Cybersecurity and IT operations responding to cyber incidents by providing insightful research and analysis. With direction develop the cyber security collection posture statements and the information collection requirements. Support writing whitepapers and threat analysis documentation by identifying relevant current events and collecting supporting documentation. With direction develop the threat controls documentation.
Work as a team member to ensure indications of compromise are promptly identified and stakeholders are informed with actionable and complete information.
- Familiarity with cyber threats, and malicious cyber threat actor motivations and capabilities relevant to regions of interest
- Strong written and oral communication skills and the ability to prioritize work
- Understanding of controls implementation such as NIST 800-53, ISO 27001, or NISPOM
- Familiarity with intelligence analysis methods and the intelligence lifecycle
- Experience distilling raw information into intelligence products
- Ability to write clear and concise analytical information products
- Ability to prepare and present research findings in both client and public settings
- Ability to maintain or develop professional contacts in the cyber security
- Understanding of information security program(s) in the financial sector
- Working knowledge of threat analysis and enterprise level cyber threat mitigation strategies
- Working knowledge of networks, operating systems, technical vulnerabilities are exploited
- Working knowledge of databases and query design
DESIRED SKILLS AND EXPERIENCE
- Five years of information systems security, or computer network defense experience
- Industry certifications in cyber security incident management, such as GIAC Certified Incident Handler (GCIH), Certified Information Systems Security Professional (CISSP), Security + and other related credentials
- Security Operations Center (SOC) or Network Operations Center (NOC) experience
- Experience in the Intelligence Community (IC)