Cyber Threat Intel Analyst III

The Cyber Threat Intelligence Analyst is responsible for a broad range of operational tasks within tactical, operational, strategic intelligence efforts or collection management functions.  Duties can include daily intelligence collection and triage, managing intelligence content in a threat intelligence platform, developing threat profiles, curating IoCs in a threat intelligence platform, identifying threats to Key Service Providers, darkweb research and brand abuse operations, tracking threat entity infrastructure, researching priority vulnerabilities and associated threats. The analyst is expected to prepare longer term analytic products concerning various risks posed by cyber threats and provide intelligence support to incident response activities. Information consumed in these duties will result in daily and ad hoc intelligence products authored by the analyst and disseminated to various stakeholders throughout the Credit Union.

• Conduct intelligence collection, triage and analysis of information obtained through intelligence sources
• Conduct research on threat actor groups, malware, exploit methods & vulnerabilities
• Perform advanced technical intelligence analysis of cyber threats using analytical tradecraft methods and forensic tools 
• Maintain relationships with peer organizations through trusted communities of interest
• Track known malicious infrastructure and use intelligence techniques to quickly identify new malicious infrastructure
• Provide analysis on threats impersonating NFCU brand  
• Provide analysis of high impact vulnerabilities
• Research darkweb actors and trends impacting the Financial Services Industry
• Perform threat modeling of high priority threats
• Author cyber threat trends and strategic analysis of worldwide events
• Provide intelligence analysis to determine country specific cybersecurity risks
• Provide inputs for a intelligence collection plan
• Network with external organizations through trusted communities of interest and assist in developing relationships with internal stakeholders 
• Use commercial and open sources (OSINT) for information collection in support of duties assigned 
• Use a combination of OSINT research, network, and host forensic analysis, log review and correlation to support investigations
• Develop comprehensive intelligence reports which describe threats and their tactics for a range of audiences 
• Develop internal documentation, such as detailed procedures, playbooks, and operational metrics reports as required
• Execute daily ad hoc tasks or lead small projects as needed
• Contribute to internal documentation, such as detailed procedures, playbooks, and operational metrics reports as required
• Provide supporting research to longer term analytic projects as required 
• Execute daily tasks as assigned

• Graduation from an accredited four year college or university in a technical / engineering discipline or equivalent work experience 
• 5-8 years in a intelligence, cyber threat intelligence or information security role with experience working in cybersecurity tools, intelligence sources and threat intelligence platforms
• Previous experience in one or more of the following threat modeling, intelligence collection management, tracking cyber threat infrastructure, darkweb research, analyzing high impact vulnerabilities, strategic analysis of cyber trends or worldwide events
• Ability to correlate IoCs to logs and alerts from a variety of different technologies, including IDS/IPS, firewall, proxies, and anti-virus across multiple platforms
• Experience in Cybersecurity analysis, incident response, or a related field with increasing responsibility
• Experience in SEIM Platforms such as Splunk, ServiceNow, etc.
• Ability to develop specific expertise, discern patterns of complex threat actor behavior, and communicate an understanding of current and developing cyber threats
• Ability to leverage online research tools to identify and navigate online forums, specialized Web sites, social media, and traditional sources
• Experience with collecting, analyzing, and interpreting qualitative and quantitative data from multiple sources for the purposes of documenting results and analyzing findings to provide advanced threat intelligence
•  Strong research, analytical, and problem solving skills
• Excellent verbal, written and interpersonal communication skills 
• Proven ability to present findings and conclusions clearly and concisely to all levels of staff, management and/or vendors
• CISSP, GIAC, or other related Information Security certifications 

Hours: Monday - Friday, 8:00AM - 4:30PM

Locations: 820 Follin Lane, Vienna, VA 22180 | 5510 Heritage Oaks Drive, Pensacola, FL 32526 | 141 Security Drive, Winchester, VA 22602 | Remote

Navy Federal provides much more than a job. We provide a meaningful career experience, including a culture that is energized, engaged and committed; and fierce appreciation for our teams, who are rewarded with highly competitive pay and generous benefits and perks.

Our approach to careers is simple yet powerful: Make our mission your passion.

• Best Companies for Latinos to Work for 2024
• Computerworld® Best Places to Work in IT
• Forbes® 2025 America’s Best Large Employers
• Forbes® 2024 America's Best Employers for New Grads
• Forbes® 2024 America's Best Employers for Tech Workers
• Fortune Best Workplaces for Millennials™ 2024   
• Fortune Best Workplaces for Women ™ 2024
• Fortune 100 Best Companies to Work For® 2024
• Military Times 2024 Best for Vets Employers
• Newsweek Most Loved Workplaces
• 2024 PEOPLE® Companies That Care
• RippleMatch Recruiting Choice Award
• Yello and WayUp Top 100 Internship Programs

From Fortune. ©2024 Fortune Media IP Limited. All rights reserved. Used under license. Fortune and Fortune Media IP Limited are not affiliated with, and do not endorse products or services of, Navy Federal Credit Union.

Equal Employment Opportunity: All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected Veteran.

Hybrid Workplace: Navy Federal Credit Union is a hybrid workplace, and details will be discussed during your interview process.

Disclaimers: Navy Federal reserves the right to fill this role at a higher/lower grade level based on business need. An assessment may be required to compete for this position. Job postings are subject to close early or extend out longer than the anticipated closing date at the hiring team’s discretion based on qualified applicant volume. Navy Federal Credit Union assesses market data to establish salary ranges that enable us to remain competitive. You are paid within the salary range, based on your experience, location and market position.

Bank Secrecy Act: Remains cognizant of and adheres to Navy Federal policies and procedures, and regulations pertaining to the Bank Secrecy Act.