Threat Intelligence Analyst

About the role

The mission of Cyber Security Threat Intelligence team is to proactively manage cyber security risks to protect the bank and share threat intelligence that can reduce the impact of cyber compromise to the community.

As an Analyst, you will have a combination of strong technical and interpersonal skills. You will demonstrate deep understanding of the cyber security practices and possess extensive knowledge of the cyber threat landscape to provide direction and guidance to broader security stakeholders who seek assistance from the threat intelligence squad.

What will your day look like
- Improving visibility into ANZ’s attack surface, threats and attack methodologies impacting the organisation.
- Automate and integrate threat intelligence with enterprise-wide security detective and preventive controls to improve the holistic security posture of ANZ.
- Reduce the time to identify and respond to incidents by supplying enriched context, timely, actionable threat intelligence to the Security Operations teams who detect, prevent and respond to cyber threats.
- Assist and guide the Security Operations squad with threat hunting activities.
- Briefing and educating cyber security stakeholders on the overall threat landscape and on specific, high priority threats relevant to ANZ.
- Producing and sharing threat intelligence with peer organisations, federal government, law enforcement and the broader community.
- Model and understand threats that impact ANZ and develop strategies on how best to defend against these threats.

What will you bring?
- Experience working in a threat intelligence, threat hunting, or incident response role.
- A desire to continuously learn new techniques / technologies and bring innovative ideas into the squad.
- A strong awareness and understanding of the overall threat landscape by tracking and analysing new and emerging threats, and being able to add organisational context in relation to specific assets.

**To have**:

- 5+ years of experience working in cyber security domains, with related technical experience to support cyber domain knowledge.
- Strong oral and written communication skills, including the ability to clearly convey complex information and technical data to all levels of management.
- Experience leading and directing technical projects involving multiple team members and stakeholder engagement
- Experience working in a collaborative team to make assessments of time-sensitive issues and adjust priorities quickly as stakeholder demands change
- A strong, broad understanding of information technology and information security practices.
- Possess a solid understanding of cyber threat intelligence sourcing, production, sharing standards and protocols.
- Extensive knowledge of intelligence analysis for monitoring, sorting, prioritization, and analysis of intelligence traffic from multiple sources
- Experience with research and validation of Advanced Persistent Threats (APT) and their mapping against the MITRE PRE-ATT&CK and ATT&CK frameworks.
- Knowledge of threat intelligence analysis frameworks such as the Diamond Model and Kill Chain.
- Knowledge of cyber and corporate tooling such as a SIEM, EDR, mail gateways and internal collaboration tools

**Desired**:

- Experience developing and documenting technical user guides, standard operating procedures for threat intelligence processes
- Experience in scripting languages such as Python and PowerShell
- Threat Modelling using known and accepted frameworks
- Experience with STIX/TAXI for the expression of Cyber Threat Intelligence
- SANS GIAC Certification (GPEN/GCFA/GNFA/GDAT/GCTI/GREM)
- Organisational skills to manage multiple competing priorities and deadlines in a fast-paced working environment

We know not everyone will bring all of the skills and experience, and at ANZ we are focused on people bringing a growth mindset to their approach to work. Some of the skills we are looking for are below, but don’t worry if you don’t have all of these as learning on the job is the way we work.

So, why join us?

We’re reinventing the way we do banking, and our community of collaborative, innovative thinkers who create human-centred solutions are helping us get there. We’re responding faster to changing customer requirements, focusing on the things that matter.

We’ll also offer you the opportunity to develop your career, working in a diverse and inclusive workplace where the different backgrounds, perspectives and life experiences of our people are celebrated and create a great place to grow, thrive and belong.

A happy workplace is a thriving one, and some of the perks you’ll get from being ServiceNow Engineer at ANZ are:
Lifestyle leave - top up your annual leave with up to four weeks of additional purchased leave or take a longer period of unpaid time off
Great discounts on our financial products, and an annual Superannuation top up payment of $500 for all female employees to address the Superannuation