Truist · 2 days ago

Cybersecurity Threat Principal Analyst

Raleigh, NC

Full-time

Hybrid

Senior Level

8+ years exp

Wonder how qualified you are to the job?

Maximize your interview chances

BankingFinance

Actively Hiring

Insider Connection @Truist

Discover valuable connections within the company who might provide insights and potential referrals, giving your job application an inside edge.

Responsibilities

Build and maintain threat profile library based on accepted intelligence requirements, threat models, and available Cyber Defense controls

Track how threat intelligence is applied by teams responsible for each domain of Cyber Defense to reduce risk

Build and execute workflows that enable Threat Management

Participate in a rotation to conduct stakeholder briefings, gather feedback and new requirements for continuous improvement

Collaborate on intelligence team products and respond to stakeholder RFIs

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

CybersecurityIT KnowledgeOperating SystemsComputer ProgrammingWeb DevelopmentDatabase AdministrationAttack Surface ManagementSOC OperationsIDS/IPSSIEMThreatsVulnerabilitiesExploitsIncident ResponseRemediationAutomated Threat Intelligence SharingSTIXTAXIIThreat Intelligence AnalysisLeadershipCommunicationCyber OperationsThreat IntelligenceOffensive SecurityThreat HuntingIndustry CertificationsCertified Information Systems Security Professional (CISSP)GIAC Certified Intrusion Analyst (GCIA)GIAC Cyber Threat Intelligence (GCTI)Information Technology Certifications

Required

Bachelor’s degree in Computer Science or related field or equivalent education and related training

8 years of experience in Cybersecurity or related work

Broad knowledge of general IT with mastery of one or more of the following areas: operating systems, networking, computer programming, web development or database administration

Demonstrated advanced knowledge of cyber security operations with mastery of one or more of the following: attack surface management, Security Operations Center (SOC) operations, Intrusion Detection/Intrusion Prevention Systems (IDS/IPS), Security Information and Event Management (SIEM) use, threats (including Advanced Persistent Threat (APT), insider), vulnerabilities, and exploits; incident response, investigations and remediation

Experience with systems for automated threat intelligence sharing using industry standard protocols, such as Structured Threat Information Expression (STIX) and Trusted Automated Exchange of Indication Information (TAXII) Advanced knowledge of processes, procedures and methods to research, analyze and disseminate threat intelligence information

Ability to lead and persuade individuals and large teams on ideas, concepts and opportunities

Preferred

3 to 5 years of experience in mid-level Cyber Operations role at a US critical infrastructure and/or regulated private entity (Threat intelligence, offensive security, threat hunting, threat intelligence, etc.)

Industry certifications in cybersecurity, such as Certified Information Systems Security Professional (CISSP), GIAC Certified Intrusion Analyst (GCIA), GIAC Cyber Threat Intelligence (GCTI), and other related credentials

Information Technology certifications and/or experience with development or operations

Demonstrated experience with self-management of project deliverables to multiple stakeholders, collaborating with offensive security, threat detection, threat response and other operational security teams.