Analyst, Threat Analyst and Response Team
At Prudential, we understand that success comes from the talent and commitment of our people. Together, we have a shared vision in securing the future of our customers and our communities. We strive to build a business that you can shape, an inclusive workplace where everyone's ideas are valued and a culture where we can thrive together. Our people stay connected and tuned in to what's happening around us, keeping us ahead of the curve. While focused on the long-term, we look to the future to bring growth, development and benefit to everyone whose lives we touch.
Prudential Threat Analyst and Responder of TARC conducts cyber threat analysis, aimed at providing Prudential and stakeholders with insights into localized and global cyber threats to derive actionable information and responses for the organization. Threat Analyst and Responder team is responsible for researching and communicating information about emerging cyber threats for the effective detection, analysis and containment of attacks. This includes understanding and analysing the perpetrator's modus operandi, such as tactics, techniques and procedures (TTP), and deriving potential motives and goals behind these activities. Threat Analyst and Responder works internal and external stakeholders to analyses data, generate timely and accurate threat reports, and recommend response strategies to mitigate the cyber threats, vulnerabilities and risks. Job Responsibilities:
- Operationalize 24x7 Threat Analysis and Response Service:
Explore large data sets to uncover novel techniques and attack origination to generate custom alerts for enterprise customers
Identify and report the latest human adversary behaviours, drive critical context-rich alerts, and help drive innovations for detecting advanced attacker tradecraft
Manage the incident response process by providing advanced analysis services to include recommending containment and remediation processes, independent analysis of security events, and reporting of identified incidents to Incident Handling
- Operationalize Signals vs Noises campaigns:
Manage joint team effort to normalize data from breach and attack simulations, threat intel, and incident response
Support IR orchestration and AI initiative and process and documentation improvement.
Stay abreast of evolving risks, new developments in the security industry and industry best practices in threat intel, analysis and threat response techniques
Select, implement, and maintain tools, technologies, and skills to perform all work to highest standards
- Excel in Collaboration:
Work closely with customers on reporting, stewardship calls and in the case of escalations.
Identify, evaluate and report emerging security threats.
Collaborate with network of CERTS and ISPs that can effectively support security collaboration needs in the case of crisis
Ensure timely reporting of security control gaps and emerging threats to the customer
Maintain regular written and in-person communications with RITS's executives, other leads regarding security defence strategy
- Collaborate in Threat Hunting and Threat Intel operations
Participate and assist in production of threat intelligence reports that communicate the results of the analyses to the respective audience
Participate and assist in continuous Breach and Attack Simulation for all BUs to gain insights of organizational risks and to evolve detection use cases
- Team Administration, Project Planning and Management:
Define project scope, budget and schedule while focusing on regular and timely delivery of value as aligned to the scope, budget and schedule; organize and lead project status, working sessions, huddles; prepare and distribute progress reports; manage risks and issues; correct deviations from plans; perform delivery planning for assigned projects and management of that backlog
Manage staffing, including recruitment, supervision, scheduling, development, evaluation, and disciplinary actions.
Develop and maintain an educational environment where the knowledge and performance of the group is constantly advancing
- Strong ability to use data to tell a story
- Experience with reverse engineering, incident response, or machine learning models
- Excellent cross-group and interpersonal skills, with the ability to articulate business need for detection improvements
- Skilled working with extremely large data sets, using tools and scripting languages like: Excel, SQL, Python, Splunk, and PowerBI
- Strong written and verbal communication skills to command respect with gravitas and engage a variety of large audiences, internally and externally
- Experience with Incident Management
- Experience with cyber threat intelligence
- Experience with SIEM tools
- Experience with Endpoint Detection & Response tools
- Experience with data analysis
- Experience with SOAR