Cyber Threat Analyst - Threat Intelligence, VP (Collection Manager)
- Employer
- Morgan Stanley
- Location
- Singapore, Singapore
- Salary
- Competitive
- Closing date
- Sep 29, 2023
View more
- Job Function
- Other
- Industry Sector
- Finance - General
- Employment Type
- Full Time
- Education
- Bachelors
You need to sign in or create an account to save a job.
Morgan Stanley is a leading global financial services firm providing a wide range of investment banking, securities, investment management and wealth management services. The Firm's 55,000 employees, located in 1,200 offices across 43 countries, serve clients including corporations, governments and individuals. As a market leader, the talent and passion of our people is critical to our success. Together, we share a common set of values rooted in integrity, excellence, a strong team ethic and giving back to our communities. Morgan Stanley provides a superior foundation for building a professional career - a place for people to learn, achieve and grow. A philosophy that balances personal lifestyles, perspectives and needs is an important part of our culture
Division Profile
The Threat Hunting & Cybersecurity Detection team leverages offensive cyber tactics to identify threats within the Firm's network through the creation of advanced custom cyber analytics to hunt for higher end cyber actors, also delivering high-quality, actionable threat intelligence to the Firm.
Role Profile
The Cyber Threat Intelligence team is seeking an innovative self-starter to join our team in Singapore. In this role, you will lead CTI's framework for data collection, curation, classification, triage and analysis. You will provide guidance and direction to a team of analysts responsible for proactively monitoring the threat landscape for new cyber threat activity, including vulnerabilities and incidents involving the Firm's third-party suppliers, by leveraging open-source intelligence and vendor intelligence. You will manage CTI's collection management framework, including intelligence requirements, escalation thresholds, and collection queries. You will use your knowledge of adversary tactics, techniques, and procedures to produce reporting, escalate intelligence to technical teams, and coordinate with external peers and intelligence sharing groups to share and consume intelligence.
Key Job Responsibilities
• Monitor intelligence sources for timely and actionable cyber threat information relevant to the Firm
• Contribute to daily monitoring of critical vulnerabilities, cyber events impacting critical third-parties/vendors, and notable cyber activity/campaigns, authoring reports as required
• Expand the development and management of CTI's collection management framework, including managing the team's collection requirements and intelligence requirements of stakeholders
• Manage the curation of collection feeds and queries based on intelligence and monitoring requirements
• Responsible for collection, review, assessment, and escalation of information, including periodic review and fine-tuning of escalation thresholds
• Assist in the collection of research material for the development of finished intelligence products for a diverse stakeholder base
• Perform assessment and validation of actionable indicators of compromise in CTI's Threat Intelligence Platform (TIP)
• Support collection and processing efforts for tracking and researching threat activity trends within CTI's TIP
• Track and manage metrics around the efficacy of the collection portfolio
Qualifications:
Experience & Skills Required (Essential):
• 4+ years experience in a cyber threat intelligence or cybersecurity role
• 1+ years experience leading a team
• Experience with intelligence data collection from multiple sources (OSINT, Threat Feeds, Vendor, Partner, Deep/Dark Web, etc.), leveraging automated and non-automated processes
• Experience communicating the analysis of cyber threats (written and oral) at both a strategic and operational level
• Exceptional ability to establish and manage relationships with vendors, partners, and internal stakeholders
• In-depth knowledge of the cyber threat landscape and working knowledge in following areas: vulnerabilities and exploits, malware, adversary tactics (TTPs), phishing, and financially motivated or APT threat groups
• Familiarity with Threat Intelligence Platforms, SIEMs, and security tools and solutions
• Working knowledge of security frameworks and models, including MITRE ATT&CK
Experience & Skills (Preferred):
• BS/MS degree in Computer Science, Cybersecurity, or 4+ years equivalent technology experience
• Ability to utilize APIs to query data for collection
• Proficiency with Python scripting
Division Profile
The Threat Hunting & Cybersecurity Detection team leverages offensive cyber tactics to identify threats within the Firm's network through the creation of advanced custom cyber analytics to hunt for higher end cyber actors, also delivering high-quality, actionable threat intelligence to the Firm.
Role Profile
The Cyber Threat Intelligence team is seeking an innovative self-starter to join our team in Singapore. In this role, you will lead CTI's framework for data collection, curation, classification, triage and analysis. You will provide guidance and direction to a team of analysts responsible for proactively monitoring the threat landscape for new cyber threat activity, including vulnerabilities and incidents involving the Firm's third-party suppliers, by leveraging open-source intelligence and vendor intelligence. You will manage CTI's collection management framework, including intelligence requirements, escalation thresholds, and collection queries. You will use your knowledge of adversary tactics, techniques, and procedures to produce reporting, escalate intelligence to technical teams, and coordinate with external peers and intelligence sharing groups to share and consume intelligence.
Key Job Responsibilities
• Monitor intelligence sources for timely and actionable cyber threat information relevant to the Firm
• Contribute to daily monitoring of critical vulnerabilities, cyber events impacting critical third-parties/vendors, and notable cyber activity/campaigns, authoring reports as required
• Expand the development and management of CTI's collection management framework, including managing the team's collection requirements and intelligence requirements of stakeholders
• Manage the curation of collection feeds and queries based on intelligence and monitoring requirements
• Responsible for collection, review, assessment, and escalation of information, including periodic review and fine-tuning of escalation thresholds
• Assist in the collection of research material for the development of finished intelligence products for a diverse stakeholder base
• Perform assessment and validation of actionable indicators of compromise in CTI's Threat Intelligence Platform (TIP)
• Support collection and processing efforts for tracking and researching threat activity trends within CTI's TIP
• Track and manage metrics around the efficacy of the collection portfolio
Qualifications:
Experience & Skills Required (Essential):
• 4+ years experience in a cyber threat intelligence or cybersecurity role
• 1+ years experience leading a team
• Experience with intelligence data collection from multiple sources (OSINT, Threat Feeds, Vendor, Partner, Deep/Dark Web, etc.), leveraging automated and non-automated processes
• Experience communicating the analysis of cyber threats (written and oral) at both a strategic and operational level
• Exceptional ability to establish and manage relationships with vendors, partners, and internal stakeholders
• In-depth knowledge of the cyber threat landscape and working knowledge in following areas: vulnerabilities and exploits, malware, adversary tactics (TTPs), phishing, and financially motivated or APT threat groups
• Familiarity with Threat Intelligence Platforms, SIEMs, and security tools and solutions
• Working knowledge of security frameworks and models, including MITRE ATT&CK
Experience & Skills (Preferred):
• BS/MS degree in Computer Science, Cybersecurity, or 4+ years equivalent technology experience
• Ability to utilize APIs to query data for collection
• Proficiency with Python scripting
You need to sign in or create an account to save a job.
Sign in to create job alerts
Sign in or create an account to start creating job alerts and receive personalised job recommendations straight to your inbox.
Create alert