Sr. Staff - Cyber Threat Analyst

Apply Now    
Job ID:
20170523-2592
Job Category:
Information Technology
Relevant Work Experience:
IT-Other Specialty Engineering-2-5 yrs
Current Licenses / Certifications:
None
Position Located In:
AZ - Phoenix
Education:
BA/BS
Job Type:
Full Time
Description:

Other - CA, TCOMMUTE, KEEP-ID USED FOR TCOMMUTERS, 94105
Christine Marie Hill
20170523-2592

We believe that, when done right, investing liberates people to create their own destiny. We are driven by our purpose to champion every client’s goals with passion and integrity. We respect and appreciate the diversity of our employees, our clients, and the communities we serve. We challenge conventions strategically to create value for our clients, our firm and the world. We live and bring to life the concept of ‘own your tomorrow’ every day. We champion our employee strengths, guide their development, and invest in their long-term success. We hire optimistic, results-oriented, curious, innovative, and adaptable people with the desire to help our clients and one another succeed.

As a company, we were established by Chuck over 40 years ago to champion Main Street over Wall Street, and to help Americans transform themselves from earners to owners. Through advocacy and innovation, we work to make investing more affordable, accessible and understandable for all.  As we enter our fifth decade, we are looking for talented, innovative and driven people who believe they can help themselves, and our clients, create a better future.

Our Opportunity:

Sr. Staff, Cyber Threat Intelligence Analyst

What you’ll do:

The CTI Team is responsible for providing analysis on relevant threats to the Schwab environment in support of the overall Active Defense effort. Through the collection and analysis of threat information and historical data from various sources, the CTI team attempts to provide predictive analysis to guide overall Firm security strategy. In addition, the CTI team is key in providing additional tactical context and support to the Security Monitoring & Incident Response teams. The CTI team assists in improvement of all security functions through the creation of metrics, threat reports and briefings, threat indicators, and content for both detective and preventative controls. 

The Sr. Analyst is primarily responsible for analyzing various sources of threat related data using standard toolsets and methodologies in search of patterns relating to potential threats to the Firm in support of providing risk related recommendations for action. They will provide guidance and mentoring for Jr. analysts in research and intelligence tradecraft. Sr. analysts will additionally consult on new security detection content with the Security Tools & Engineering team and work with other security teams to ensure all tools are tuned to properly detect and alert on new threat activity. 

What you have:

  • Preferred Experience: 
    • 5+ years working within an information security-related discipline
    • 2+ years' experience in one of the following: 
      • Network operations or engineering 
      • System administration on Unix, Linux, or Windows 
      • Offensive security (penetration testing/vulnerability scanning) 
    • 2+ years working as a SOC/CIRT team lead.
    • 2+ years working as a Cyber Threat Intelligence Analyst
  • Bachelor’s degree in a technical field (i.e. Computer Science, Computer Engineering, Intelligence Analysis) preferred, but not required
  • Experience with a Threat Intel Platform (e.g. Anomali, Threat Quotient, ThreatConnect)
  • Experience with relationship visualization software (e.g. Maltego, Palantir)
  • In-depth knowledge of network and host security technologies and products (such as firewalls, network IDS, scanners)
  • Extensive experience in topic research and data analytics
  • The capability to perform static, dynamic, and code level analysis of malicious documents and binaries leveraging sandbox technologies, debuggers/disassemblers (i.e. OllyDBG/IDA Pro), and/or open source tools. Experience with manual extraction and deobfuscation of malicious VB Macros, JavaScript, PowerShell, etc...
  • Advanced understanding of network protocols and network traffic analysis. Ability to dissect packet captures and identify anomalies
  • Experience developing custom IDS and Yara signatures based on the results on your analysis
  • Involved with information security sharing communities, working groups, and trust groups
  • History with presenting at information security conferences, local user groups, etc...
  • A passion for learning and teaching. A desire to train and mentor internal resources
  • The ability to analyze, track, and report on threat campaigns targeting Charles Schwab and/or the financial industry as a whole
  • Ability to perform vulnerability analysis and advise leadership and key stakeholders on the assessed risk and urgency
  • Proficient in one or more scripting languages (Python preferred). Contributions to open source projects a plus
  • Knowledge of User Behavior Analysis 
  • Knowledge of honeypots/honeynets
  • Strong written and verbal communication skills required. Must have the ability to effectively communicate to both highly technical and executive audiences
  • Demonstrated ability to work in a team environment, able to train and coach other team members 

Industry certifications such as GIAC (specifically GCIH, GCIA, and GREM), CISSP and OSCP preferred. Formal Cyber Threat Intelligence training such as SANS FOR578 or Treadstone 71 a plus.

What you’ll get:

 

  • Comprehensive Compensation and Benefits package
  • Financial Health: 401k Match, Employee Stock Purchase Plan, Employee Discounts, Personalized advice, Brokerage discounts
  • Work/Life Balance: Sabbatical, Paid Parental Leave, New Mothers returning to work Program, Tuition Reimbursement Programs, Time off to volunteer, Employee Matching Gifts Program
  • Everyday Wellness: Health and Lifestyle Wellness Rewards, Onsite Fitness Classes, Healthy Food Choices, Wellness Champions
  • Inclusion: Employee Resource Groups, Commitment to diversity, Strategic partnerships
  • Not just a job, but a career, with an opportunity to do the best work of your life

Learn more about Life@Schwab.

Charles Schwab & Co., Inc. is an equal opportunity and affirmative action employer committed to diversifying its workforce. It is Schwab's policy to provide equal employment opportunities to all employees and applicants without regard to race, color, religion, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), gender identity or expression, national origin, ancestry, age, disability, legally protected medical condition, genetic information, marital status, sexual orientation, protected veteran status, military status, citizenship status or any other status that is protected by law.


Job Specifications
Relocation Offered?: No
Work Schedule: Days
Languages: English - spoken
Current Licenses / Certifications: None
Relevant Work Experience: IT-Other Specialty Engineering-2-5 yrs
Position Located In: US - Telecommute
Education: BA/BS
Job Type: Full Time

Category:Information Technology
Activation Date: Tuesday, June 27, 2017
Expiration Date: Saturday, December 30, 2017
Apply Here
Apply Now    

Brokerage Products: Not FDIC Insured • No Bank Guarantee • May Lose Value

Charles Schwab & Co., Inc. is an equal opportunity and affirmative action employer committed to diversifying its workforce. It is Schwab's policy to provide equal employment opportunities to all employees and applicants without regard to race, color, religion, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), gender identity or expression, national origin, ancestry, age, disability, legally protected medical condition, genetic information, marital status, sexual orientation, protected veteran status, military status, citizenship status or any other status that is protected by law. Schwab also does not discriminate against applicants or employees because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant.

At Schwab, we believe that every employee, through their diverse abilities and experiences, can contribute to our growth, innovation and client loyalty. We embrace diversity and are committed to providing equal opportunity to all employees and applicants. If you have a disability, and require reasonable accommodations in the application process, call Human Resources at 800-725-3535. We will be happy to assist you. Schwab will only share your accommodation request with those individuals who have a specific need to know. The request for an accommodation will not affect Schwab’s hiring decisions. All other submissions should be performed online.

The Charles Schwab Corporation provides a full range of securities, brokerage, banking, money management, and financial advisory services through its operating subsidiaries. Its broker-dealer subsidiary, Charles Schwab & Co., Inc. (“Schwab”), Member SIPC , offers investment services and products, including Schwab brokerage accounts. Its banking subsidiary, Charles Schwab Bank (member FDIC and an Equal Housing Lender), provides deposit and lending services and products.