Information Security Analyst
Brighton (The City of Brighton and Hove) Bachelor's Degree IT development
Job description
American Express is a global service company, providing customers with exceptional access to products and experiences that enrich lives and build business success.
Each day, we make it easier, safer and more rewarding for consumers and businesses to purchase the things they need and for merchants to sell their goods and services, enabling them to do and achieve more.
We're committed to becoming the world's most respected service brand and daily deliver extraordinary service to our customers, constantly reinventing our ways of working to ensure we offer rich rewards that redefine expectations for our clients and ourselves.
The Cyber Threat Intelligence Analyst is responsible for providing analysis in order to identify threats, quantify vulnerabilities of current threats in order to develop timely and actionable alerts, briefs and analytical assessments. Focusing on threats originating in information technology environments, the Information Security Analyst will produce actionable information in a clear and concise manner. This position will support the American Express Fusion Center. The individual will report top threats impacting American Express Financial Technologies, by providing awareness, indications, warnings, and operational readiness, the Fusion Center protects the AXP brand, global business operations, technology infrastructure and client trust against cyber threats worldwide.
· Analyze, process, and compare data to produce tactical intelligence products.
· Identify credible, new intelligence and subject matter resources relative to current/emerging threats.
· Author tactical assessments on cyber threats, attacks, and incidents of interest to AXP.
· Provide subject matter expertise on cyber threats to support current analytic operations and initiatives.
ESSENTIAL DUTIES AND RESPONSIBILITIES
· Create written and verbal intelligence products for internal AXP customers to assist in proactively addressing threats to the IT or InfoSec infrastructure.
· Perform open source threat collection and analysis activities identifying indication of cyber threats, identify malicious code, websites, and vulnerabilities through automated and manual analysis using existing and purpose-built tools.
· Experience in analyzing malware / hacking tools and threat actor tactics, techniques, and procedures to characterize threat actors' technical methods for accomplishing their missions.
· Collect, analyze, catalog, store, and assist in the deployment of indicators of compromise (IOCs) in partnership with the Fusion Center to help refine detection and response efforts.
· Conduct intrusion analysis to ascertain the impact of an attack and develop threat trends to develop mitigation techniques and countermeasures that can prevent future attacks.
Offer of employment with American Express is conditioned upon the successful completion of a background verification check, subject to applicable laws and regulations.
Desired profile
Required skills:
· In-depth knowledge of common security controls, detection capabilities, and other practices / solutions for securing digital environments, to include packet flows / TCP & UDP traffic, firewall and proxy technologies, anti-virus, Intrusion Detection/Prevention Systems and other host-based monitoring, email monitoring and spam technologies, SIEMs, etc.
· Experience in analyzing malware / hacking tools and threat actor tactics, techniques, and procedures to characterize threat actors' technical methods for accomplishing their missions.
· Understanding of forensic analysis on and data captures from networks / packet capture, hosts (volatile/live memory), electronic media, log data, and network devices in support of intrusion analysis or enterprise level information security operations.
· Understanding of what information or assets are of value to threat actors and how organizations are breached.
· In-depth understanding of modern technical security controls (i.e. firewalls, SIEMS, IPS, HIPS, web proxies).
· Must
have
strong
verbal
and
written
communication
skills; interpersonal collaborative skills; and the ability to communicate security and risk-related concepts to technical and non-technical audiences.
· Can apply a variety of structured analytic techniques to generate and test a hypothesis, assess cause and effect, challenge analysis, and support decision making.
· Should have working knowledge in two or more of the following areas:
· Nation State Threat actors
· Cybercrime
· Hacktivism
· Distributed Denial of Service attacks
· Fraud
· Malware (i.e. remote access tools, exploit kits, etc.)
· Emerging Threats
· Phishing Techniques
· Social Engineering
· Web Application Attacks
· Previous experience as a Military Threat Operations team member, Security Researcher, Cyber Threat Researcher, or Cyber Crime investigator preferred.
· Experience in working in one or more of threat intelligence, Security operations, security engineering, security architecture, or forensics
· Possesses the ability to review information to determine its significance, validate its accuracy and assess its reliability
· Bachelor's degree or equivalent combination of education and experience preferred
We place great importance on doing what is right, what is best and what is innovative. And we continue seeking people to champion these values and beliefs as we grow. The world's a big place, filled with big ideas and amazing people. And we want the best of them here at American Express. We're interested in where you came from, but we're even more excited about where you will go with American Express.
To complete your application please click on the links below. However, if you require any assistance with the completion of this process – or need any reasonable adjustments to be made – then please contact the Recruitment Team on or 00800 83 000038 (for Russia based candidates 810 800 83 000038).