Job Summary

We are seeking a Lead, Ransomware Affiliates who has extensive knowledge in Intelligence Analysis, Data Querying and Analysis and General Cyber Security Awareness to join our Cyber Intelligence - Threat Management team in Newark. The successful candidate will be responsible for serving as a Threat Lead who will have ownership and accountability for the development of high impact intelligence related to defined geographic or thematic threat. 

The candidate should have a comprehensive understanding of cyber threat intelligence, intelligence processes, and technical investigative skills. They should also have experience in incident response, malware analysis, and risk management. As part of the Threat Lead role, you will be responsible for driving the strategy around intelligence collection, requirements, stakeholder engagement and identifying creative solutions for delivering impactful intelligence across the Group.

We appreciate self-driven candidates who will be working closely with the wider Cyber Intelligence - Threat Management teams, creating and maintaining a list of business stakeholders (e.g. within the different lines of business) and engage regularly with those stakeholders to understand their business and threat landscape. We believe that a willingness to acquire new skills will contribute to success in this role.

Key Responsibilities

• Threat lead for the Ransomware Affiliate Threat Area (RATA) which focuses on the individual threat actors (affiliates) that form part of the broader Ransomware-as-a-Service (RaaS) program, and is directly accountable for the development of high impact intelligence relating to the threat area.
• Produce high quality standardised intelligence reports to a full range of stakeholders, from technical peers to senior executives, providing detailed analysis on cyber events, including relevant economic and geopolitical variables. 
• Provide decision-makers with a strategic view of the threat, predicting shifts in adversarial intent, goals and strategic objectives. 
• Create and maintain detailed threat actor profiles on all relevant threat actors and groups within the threat area, mapping known TTPs to the MITRE ATT&CK framework. 
• Profile and track threat actors (Ransomware Affiliates) in intelligence analysis platform – Synapse.
• Analyse patterns of adversary behaviours and develop hunting rules resulting in automated detection and curated threat data feed.
• Support various source (internal/external) analysis to understand and track adversaries targeting the bank.
• Act as a part of incident response team where appropriate and provide operational cyber intelligence support during ongoing incidents 
• Establish, develop and own relationships with senior internal and external stakeholders, and provide in-person/video intelligence briefings where needed. 
• Protect the bank by performing technical research into advanced, targeted attacks, malware campaigns, malware and other emerging technologies that post risk to the bank
• Actively contribute to driving forward the maturity of the team through continual process improvements, particularly intelligence analysis methodology and intelligence production. 
• Although the role does not currently have direct people leader responsibilities, as a senior analyst and threat area lead, you will provide coaching and mentoring to junior analysts;
  • This will include reviewing and editing intelligence products from other members of the team and providing appropriate feedback and suggestions. 
• Maintain the highest standards of risk management, particularly regarding intelligence collection operations, data processing and confidentiality of information handling. 

Qualifications

• 4+ years of cyber threat intelligence experience preferably in Banking and Financial services sector or law enforcement
• Bachelor’s degree in computer related major
• In-depth knowledge of the global cyber threat landscape, including threat actors, attack types, tactics, techniques and procedures. 
• Familiarity with the cybercrime / ransomware ecosystem and its various intricacies.
• Strong experience and understanding of intelligence processes: analytical methods, the intelligence cycle, intelligence collection plans, source and information evaluation etc.
• Familiarity with structured analysis techniques for intrusion analysis e.g. Kill Chain, Diamond Model, MITRE ATT&CK.
• Experience in Threat Hunting with tools such as VirusTotal, pDNS, Certificate Transparency logs, Shodan
• Experience in intelligence sharing within communities such as FS-ISAC, NCFTA
• Strong technical investigative skills and expertise, such as an understanding of network protocols (particularly network layer, presentation layer and application layer).
• Strong threat research focus and investigative curiosity with the ability to be self-sufficient.
• Proficient in technical indicator pivoting and investigation (e.g. creating YARA rules to deploy in global malware repositories or developing Censys/Shodan queries for C2 hunting).
• Experience interrogating link analysis or data analysis tools (such as Synapse, IBM i2, Maltego, Palantir).
• Knowledge of scripting or coding languages such as Python or Storm (Synapse).
• A strong communicator both written and verbal with experience in writing and reviewing intelligence reports
• Experience with incident response and malware analysis
• Hands-on experience in audit engagement and risk management is added advantage
• Experience in using various open sources and tools to research external threat actors and threat actor group

Nice to have:

• Worked in SOC analysis and investigation environment is preferred
• Appropriate certifications, such as GIAC GREM, GDAT, GCTI 

About Standard Chartered

We're an international bank, nimble enough to act, big enough for impact. For more than 170 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents and we can't wait to see the talents you can bring us.

Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion.

Together we:

• Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
• Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
• Are better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term

What we offer

In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.

• Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations.
• Time-off including annual leave, parental/maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum.
• Flexible working options based around home and office locations, with flexible working patterns.
• Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
• A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning.
• Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.

Recruitment Assessments

Expected annual base pay range for the role is 150,000 USD to 215,000 USD. The final offer will be determined on an individualised basis using a number of variables, including but not limited to skill set, depth of experience and education, internal relativity, and specific work location. At Standard Chartered Bank, Base pay is only part of the total compensation package. Discretionary variable pay and a range of attractive bank sponsored benefit programs are available and designed to foster employee overall health and well-being including, but not limited to, a best in class 401k plan with up to 8% employer match, robust medical plan coverage with employer funded Health Savings Accounts, inclusive family building benefits, and flexible/hybrid working arrangements for many of our positions subject to role specific considerations

Some of our roles use assessments to help us understand how suitable you are for the role you've applied to. If you are invited to take an assessment, this is great news. It means your application has progressed to an important stage of our recruitment process.

Visit our careers website www.sc.com/careers