We have a new opportunity for an Information Security Analyst in the Enterprise Information Security, Cyber Threat Management organization. The individual selected for this position will provide cyber threat intelligence analysis, assess and analyze attack surface, conduct threat modeling, and deliver 'actionable intelligence' with focus on current and emerging cyber-attacks against financial sector assets. The candidate will work with internal teams to identify and analyze, share correlated and enriched threat Client to assist incident response and threat detection, allowing faster time to action.
- •Drive threat modeling exercises that help Wells Fargo Lines of Business (LOB) personnel understand the potential cyber threats against their products and systems; the mitigating controls we have in place; and the remaining residual risk.
- •Actively monitor and research cyber threats on the Internet and Dark web with a direct or indirect impact/relevance to financial services, business operations, technology infrastructure, and client trust.
- •Collect, process, and scan for indicators of compromise (IoC) across the Wells Fargo enterprise.
- •5+ years of information security administration experience
- •1 + years of threat intelligence experience within the financial services industry
- Experience with Splunk, ThreatConnect, and other indicator of compromise (IoC) handling tools
- Ability to manage complex issues and develop solutions
- Proficiency in Microsoft Word, PowerPoint, and Excel
- Excellent verbal and written communication skills
- Experience deriving actionable intelligence and threat indicators out of intelligence feeds •Ability to present complex material in a digestible, consumable manner to all levels of management
- Ability to execute in a fast paced, high demand, environment while balancing multiple priorities •Ability to work effectively, as well as independently, in a team environment •Experience working in a large enterprise environment
- A BS/BA degree or higher Other Desired Qualifications
- Advanced hands-on experience in threat management and/or vulnerability management
- Have a working knowledge in one or more of the following areas:
- - Threat Modeling Framework
- - APT & AET
- -Cyber crime
- - Fraud
- - Emerging Threats
- - Social Engineering
- - Insider Threats
- - Technology Applications