Cyber Threat Intelligence Analyst

The focus of the Senior Cyber Threat Intelligence Analyst is to defend against cyber threat activity by collecting and producing intelligence to drive active cyber defence efforts. The analyst will use data analysis, cyber intelligence, and information sharing networks to gain an improved information position on trends in the threat landscape. The candidate's affinity with data science methodology will help to automate the threat intelligence cycle and its processes and make it more efficient. The analyst will also directly support the CISO organisation by applying analytic and technical skills to identify malicious activity, varied threat groups, and in some cases support incident response tasks.

A typical workday in the GCIC team is varied, dynamic and fast-paced. It may involve threat intelligence support to incident analysis, report or brief writing, operational analysis of external threat campaigns, process design to integrate threat intelligence into cyber defensive activities or improving internal intelligence processes to uplift the GCIC capability.

Your job

Your job consists of the following tasks:

• Review all-source intelligence including internal, open source and closed source intelligence to identify emerging threat trends, TTP's and IOCs;
• Transform these trends and TTP's into timely, actionable intelligence products to contribute to ABN AMRO's defensive posture through prevention, detection and Red Team activities;
• Conduct intelligence investigations into malicious cyber activity to provide attribution, identify adversary TTP's, and provide additional context to threats to the network;
• Produce high-quality written reports, presentations and briefings, both in internal and external forums, to a wide variety of audiences, ranging from highly technical teams to executive management;
• Support time-sensitive and critical cyber incident response activities by providing intelligence including TTP's and IOCs to shorten the incident response cycle and protect the ABN AMRO network;
• Establish and maintain productive internal working relationships with other critical teams including our Security Operations Center, Supply Chain Security, Red Team and Brand Protection partners;
• Improve the threat intelligence function's efficiency and effectiveness by applying data science methodology and techniques.
• Contribute to the wider cyber threat intelligence community by establishing critical sharing and interpersonal relationships with industry and government organisations;
• Stay up-to-date on relevant cyber threat trends, defensive cyber practices, tooling and processes to apply industry standard practices to GCIC operations.

Working environment

You will be working within the Global Cyber Intelligence Center (GCIC) team within the ABN AMRO CISO Cyber Defence Grid. The team consists of highly motivated and passionate analysts, and contains a broad range of cyber skills including intelligence analysis, malware analysis and reverse engineering, SOC analysis and forensics, incident response, and Red Team operations. ABN AMRO is an English-language working environment, and supports hybrid working arrangements subject to operational requirements., * An attractive gross monthly salary based on a 36-hour work week, including holiday allowance and a flexible benefit budget.

• An excellent pension scheme, ensuring that you are well prepared for the future.
• Flexibility in working: working from home is possible in consultation with your team and depending on your role. We will provide an ergonomic home office setup for you.
• Plenty of room for relaxation with five weeks of vacation per year, supplemented by two mandatory days off. You can also purchase up to four additional weeks of vacation annually.
• Five "Banking for better days": extra days off that you can use for personal development or volunteer work.
• Personal development is key: you receive a development budget of €1,000 per year, which can accumulate up to €3,000.
• An annual public transport pass with free public transportation throughout the Netherlands for both business and private use.

• 2+ years

• Analytische skills

• Excellent communication skills, We are looking for an experienced, self-driven Cyber Threat Intelligence Analyst who can operate independently and as part of a high-performing team in the Global Cyber Intelligence Center at ABN AMRO. Do you hold advanced cyber threat intelligence knowledge and do you have a data driven approach? Do you want to improve the analytic capacity of the team you're working in, uplift the skills of others, and contribute to the transformation of internal processes to data driven processes? Then please read further and apply online to this vacancy!, You are a self-starter with strong initiative and interpersonal skills. You can identify, establish relationships with, and align with key stakeholders. You have a strong understanding of how threat intelligence contributes to cyber defensive processes, and have proven experience in designing and implementing these processes. You can operate under pressure during incident response activities and can independently support incident investigations. You collaborate and communicate well with others, and actively seek opportunities to share threat intelligence to internal and external customers. You have strong research, analytical, and problem-solving skills and have experience in mentoring junior threat intelligence staff. Our ideal candidate can demonstrate the following skills:

• A good understanding of the cyber threat intelligence cycle, and experience in cyber threat intelligence collection, production, and writing;

• Experience implementing common threat analysis models such as the Diamond Model, Cyber Kill Chain, and MITRE ATT&CK TTP framework;

• Strong foundational knowledge of common tactics, techniques and procedures used by threat actors in the wild;

• Experience with designing and implementing data driven processes and the use of LLMs to make the threat intelligence cycle more efficient.

• Experience with implementing processes to integrate threat intelligence into broader defensive activities including detection, prevention, incident response and red team operations;

• A strong understanding of incident response processes and how threat intelligence analysis supports IR activities;

• Experience conducting technical threat intelligence investigations into malicious activity, including conducting attribution and TTP analysis;

• Familiarity with technical engineering requirements associated with the production of intelligence;

• Proven ability to design and tailor briefings to present findings and conclusions clearly and concisely to all levels of staff, management and/or vendors;

• Ability to track industry developments, threat trends and relevant technologies

• € 5.847 - € 8.353 pm
• Excellent employment conditions
• In charge of personal development

Why ABN AMRO?

• Building a future proof bank
• A diverse and inclusive culture
• Extensive internal career opportunities