Senior Support Analyst

Nomura Overview:
Nomura is an Asia-headquartered financial services group with an integrated global network spanning over 30 countries. By connecting markets East & West, Nomura services the needs of individuals, institutions, corporates and governments through its four business divisions: Retail, Asset Management, Wholesale (Global Markets and Investment Banking), and Merchant Banking. Founded in 1925, the firm is built on a tradition of disciplined entrepreneurship, serving clients with creative solutions and considered thought leadership. For further information about Nomura, visit www.nomura.com.

 

Nomura Services India, (Powai) supports Nomura’s businesses around the world. Powai’ s world class capabilities in trading support, research, information technology, financial control, operations, risk management and legal support have played a key role in facilitating Nomura’s global operations and are an integral part of Nomura’s global expansion plans. The Powai operation is a critical part of the platform to support the growth of Nomura’s global business.

 

Job Description

 

Job Title:

Cybersecurity Threat Intelligence Analyst within Global Cyber Threat Intelligence (GCTI) - GCTI core business support analyst

Corporate Title:

Analyst/Senior Analyst

Division:

Group IT Head Office (部)

Department / Group:

Information Security (課)

Location:

Japan, India, Singapore, USA, Europa

Hiring Manager:

Global Head of Cyber Threat Intelligence

 

1) Job/Group Overview:

 

Nomura is an Asia-based financial services group with an integrated global network spanning over 30 countries. By connecting markets East & West, Nomura services the needs of individuals, institutions, corporates and governments through its three business divisions: Retail, Asset Management, and Wholesale (Global Markets and Investment Banking). Founded in 1925, the firm is built on a tradition of disciplined entrepreneurship, serving clients with creative solutions and considered thought leaders.  

Nomura employs a robust Information Security department, members of which are located in all of its major regions, namely EMEA, Americas, India and Japan. This team is responsible for designing, implementing and maintaining Nomura’s Cyber Threat Intelligence (CTI) strategy and practise across all of these regions.

The team’s focus is to serve as the single point of contact for all Information Security & IT Security related CTI queries, concerns and technologies.   The team provides a high standard of user and business support in a responsive and timely manner across all businesses, takes responsibility and ownership for maintaining the global/regional strategy, and delivers the operational deployment of global/regional security services in a manner consistent with the common business goals and objectives in the region.

 

The role of a GCTI analyst is split 50%/50% between general GCTI analyst functions (sections 2-4) and function specific roles (sections 5)

 

2) Responsibilities:

 

The candidate will need to have a solid grounding within both Cyber Threat Intelligence and understanding of wider cyber security practices 

• Good understanding of the classic intelligence cycle – direction, collection, analysis and dissemination.
• A broad understanding of CTI as it applies to 3rd party risk, digital risk, brands, VIP, cyber-physical, vulnerability and TTP tracking.
• Proactively engage in the GCTI Request For Information (RFI) process and contribute to ongoing investigations in a fast passed environment. 
• Work closely with Function managers within GCTI on ad hoc tasks
• Develop SME knowledge in one of the 5 defined functions within GCTI (vulnerability, brand, 3rd party risk, TTPs and BAU) 
• Provide subject matter expertise on cyber threats to support current analytic operations and initiatives.
• Create reports and presentations on incidents and trends of relevance to Nomura.
• Liaise with Internal security teams such as SOC, Vulnerability management, threat hunting and others.

Additional Responsibilities

• Create, develop, and manage tools and scripts/process to assist in the monitoring of cyber risk, intelligence sources, and automation of processes.
• Develop metrics and reporting programs for senior leadership.
• Project management of Intelligence Lifecycle, including documentation.
• Occasional off-hours and weekend work required.

3) Requirements (indicate mandatory and/or preferred)

Mandatory

• Approximately 3-5 years of IT Security or CTI
• Proficient with OSINT gathering techniques and dark web monitoring concepts
• Knowledge of cyber threat intelligence models (e.g. MITRE ATT&CK, Kill Chain, Diamond Model) and experience in applying them to analysis.
• Knowledge of methodologies and techniques for identifying, prioritizing, and classifying cyber threats.
• Experience tracking and understanding threats from: Nation State threat actors, cybercrime, extremist groups, hacktivism, malware, vulnerabilities, fraud, and social engineering techniques.
• Strong verbal and written communication skills.
• Good organization, communication, and coordination skills are essential for this position.

Preferred

• Any security certifications, such as:  CTIA, CISSP, CISM, CISA, Security+, CEH, CCSK, or similar industry recognized certifications.
• Knowledge of controls frameworks such as NIST CSF, NIST SP 800-53, ISO 27001/2, CIS, and FISC.
• Experience working in a global team.            

4) Personal Characteristics:

• Strong communication skills, ability to work comfortably with different regions.
• Good team player, ability to work on a local, regional and global basis and as part of joint cross location teams and cross functional teams.
• Ability to be pro-active and self-manage tasks through to completion.
• Able to perform under pressure.

 

5) GCTI core business support analyst

 

Technical Skills

 

• Experience in investigating cyber incidents, based on both a quantitative and qualitative starting point i.e., “what is the threat to Nomura from the breach of XYZ third party supplier?” (qualitative) and “what is the threat to Nomura from CVE-2010-3333?” (quantitative).
• Should be comfortable in analysing malware using static and dynamic method to an introductory/ intermediate level.
• Strong intelligence analysis skills in regards to using or 3rd party vendor tools as well as supplementing these with open source intelligence skills.

Soft skills

 

• Be comfortable dealing with senior stake holders within the business and across cultural and language lines.
• Happy to convene and run meetings focused on intelligence issues
• Experience is communicating technical updates to senior stakeholders in a written and verbal form
• Strong team player with desire to evangelise CTI inside and outside of the CISO function