Charles Schwab Sr. Staff - Cyber Threat Analyst in Phoenix, Arizona
Phoenix - AZ, PHX4701A, 4701 E Francisco Dr, 85044-5365
Christine Marie Mosby
We believe that , when done right, investing liberates people to create their own destiny. We are driven by our purpose to champion every client’s goals with passion and integrity. We respect and appreciate the diversity of our employees, our clients, and the communities we serve. We challenge conventions strategically to create value for our clients, our firm and the world. We live and bring to life the concept of ‘own your tomorrow’ every day. We champion our employee strengths, guide their development, and invest in their long-term success. We hire optimistic, results-oriented, curious, innovative, and adaptable people with the desire to help our clients and one another succeed.
As a company, we were established by Chuck at http://www.aboutschwab.com/about/leadership/charles_schwab over 40 years ago to champion Main Street over Wall Street, and to help Americans transform themselves from earners to owners. Through advocacy and innovation, we work to make investing more affordable, accessible and understandable for all. As we enter our fifth decade, we are looking for talented, innovative and driven people who believe they can help themselves, and our clients, create a better future.
Sr. Staff, Cyber Threat Intelligence Analyst
What you’ll do:
The CTI Team is responsible for providing analysis on relevant threats to the Schwab environment in support of the overall Active Defense effort. Through the collection and analysis of threat information and historical data from various sources, the CTI team attempts to provide predictive analysis to guide overall Firm security strategy. In addition, the CTI team is key in providing additional tactical context and support to the Security Monitoring & Incident Response teams. The CTI team assists in improvement of all security functions through the creation of metrics, threat reports and briefings, threat indicators, and content for both detective and preventative controls.
The Sr. Analyst is primarily responsible for analyzing various sources of threat related data using standard toolsets and methodologies in search of patterns relating to potential threats to the Firm in support of providing risk related recommendations for action. They will provide guidance and mentoring for Jr. analysts in research and intelligence tradecraft. Sr. analysts will additionally consult on new security detection content with the Security Tools & Engineering team and work with other security teams to ensure all tools are tuned to properly detect and alert on new threat activity.
What you have:
5+ years working within an information security-related discipline
2+ years' experience in one of the following:
Network operations or engineering
System administration on Unix, Linux, or Windows
Offensive security (penetration testing/vulnerability scanning)
2+ years working as a SOC/CIRT team lead.
2+ years working as a Cyber Threat Intelligence Analyst
Bachelor’s degree in a technical field (i.e. Computer Science, Computer Engineering, Intelligence Analysis) preferred, but not required
Experience with a Threat Intel Platform (e.g. Anomali, Threat Quotient, ThreatConnect)
Experience with relationship visualization software (e.g. Maltego, Palantir)
In-depth knowledge of network and host security technologies and products (such as firewalls, network IDS, scanners)
Extensive experience in topic research and data analytics
Advanced understanding of network protocols and network traffic analysis. Ability to dissect packet captures and identify anomalies
Experience developing custom IDS and Yara signatures based on the results on your analysis
Involved with information security sharing communities, working groups, and trust groups
History with presenting at information security conferences, local user groups, etc...
A passion for learning and teaching. A desire to train and mentor internal resources
The ability to analyze, track, and report on threat campaigns targeting Charles Schwab and/or the financial industry as a whole
Ability to perform vulnerability analysis and advise leadership and key stakeholders on the assessed risk and urgency
Proficient in one or more scripting languages (Python preferred). Contributions to open source projects a plus
Knowledge of User Behavior Analysis
Knowledge of honeypots/honeynets
Strong written and verbal communication skills required. Must have the ability to effectively communicate to both highly technical and executive audiences
Demonstrated ability to work in a team environment, able to train and coach other team members
Industry certifications such as GIAC (specifically GCIH, GCIA, and GREM), CISSP and OSCP preferred. Formal Cyber Threat Intelligence training such as SANS FOR578 or Treadstone 71 a plus.
What you’ll get:
Comprehensive Compensation and Benefits package
Financial Health: 401k Match, Employee Stock Purchase Plan, Employee Discounts, Personalized advice, Brokerage discounts
Work/Life Balance: Sabbatical, Paid Parental Leave, New Mothers returning to work Program, Tuition Reimbursement Programs, Time off to volunteer, Employee Matching Gifts Program
Everyday Wellness: Health and Lifestyle Wellness Rewards, Onsite Fitness Classes, Healthy Food Choices, Wellness Champions
Inclusion: Employee Resource Groups, Commitment to diversity, Strategic partnerships
Not just a job, but a career, with an opportunity to do the best work of your life
Learn more about Life@Schwab at http://www.aboutschwab.com/careers/lifeatschwab/" .
Charles Schwab & Co., Inc. is an equal opportunity and affirmative action employer committed to diversifying its workforce. It is Schwab's policy to provide equal employment opportunities to all employees and applicants without regard to race, color, religion, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), gender identity or expression, national origin, ancestry, age, disability, legally protected medical condition, genetic information, marital status, sexual orientation, protected veteran status, military status, citizenship status or any other status that is protected by law.
Relocation Offered?: No
Work Schedule: Days
Languages: English - spoken
Current Licenses / Certifications: None
Relevant Work Experience: IT-Other Specialty Engineering-2-5 yrs
Position Located In: AZ - Phoenix
Job Type: Full Time
Activation Date: Tuesday, June 27, 2017
Expiration Date: Friday, September 1, 2017