Cyber Threat Intelligence Engineer

Zions Bancorporation’s Enterprise Technology and Operations (ETO) team is transforming what it means to work for a financial institution. With a commitment to technology and innovation, we have been providing our community, clients and colleagues with the best experience possible for over 150 years. Help us transform our workforce of the future, today.

We are currently seeking a Cyber Threat Intelligence Engineer.  As the Cyber Threat Intelligence Engineer, you will play a key role in identifying emerging cyber threats, authoring reports that will inform executives and help mature and expand our cyber threat intelligence practice. The engineer will drive technological improvements in threat actor-based intelligence analysis, creating relevant, timely, and actionable intelligence products, and will provide support to cyber incident response and cyber threat hunting teams.  

Key Responsibilities:

• Working as a liaison with other financial institutions, government agencies and industry work groups.
• Briefing both technical and non-technical audiences on relevant cyber threats, including executive management through reports and presentations.
• Provide real time support to incident response teams both leading up to and during the incident management process.
• Inform incident response and vulnerability teams on relevant threats and risks.
• Analyzing data from multiple sources to correlate and report on threats and insights for the organization,
• Assist in development of strategic roadmap for CTI function.
• Other duties as assigned.

Qualifications:

• Investigate, and forecast emerging technical trends and communicate effectively with actionable suggestions to different types of audiences.
• Technical acumen with the ability to conduct both technical and contextual analysis of emerging and persistent cyber threats to known or potential vulnerabilities that exist in the enterprise environment.
• Ability to expertly manage an information collection and correlation process that will enable proactive analysis and research of current cyber threat TTP's from external and internal incidents and evidence to inform and assist efforts responsible for information security alerting, detection, control improvement and response.
• Must be capable of becoming a qualified administrator for multiple platforms used by the Cybersecurity Operations Center (SIEM, vulnerability tooling, ServiceNow, threat intelligence platforms and forensic tooling).
• Possess expert knowledge of Cyber Threat Intelligence Lifecycle, including network threats, attacks, attack vectors, advanced persistent threats and methods of exploitation with an understanding of intrusion set Tactics, Techniques, and Procedures (TTPs).
• Experience in Open Source intelligence (OSINT) analysis.
• Have an ability to map threat actor activities to MITRE ATT&CK Matrix.
• Knowledge of malware analysis concepts and methods and techniques.
• Exposure/proficiency to languages such as Russian, Chinese, etc. is a plus.
• Ability to generate reports and presentations that illustrate research through visualizations, charts, graphs, infographics, and evidence capture for technical and non-technical audiences.
• Provide input and leadership for the development of objectives, key results, and program metrics.
• Requires a bachelor’s in information technology, Computer Science or related field.
• 8+ years in information security, threat intelligence, intelligence source collection, development and correlation with information requirements and basic Intelligence analysis and production concepts or other directly related experience.
• Experience specific to the cyber threat environment in the financial sector, experience with analytical tools and processes is a plus.
• A combination of education and experience may meet qualifications.

Location:
This position has a hybrid work from home schedule with a minimum of three days per week in the office at the new Zions Technology Center in Midvale, UT.

The Zions Technology Center is a 400,000-square-foot technology campus in Midvale, Utah. Located on the former Sharon Steel Mill superfund site, the sustainably built campus is the company’s primary technology and operations center. This modern and environmentally friendly technology center enables Zions to compete for the best technology talent in the state while providing team members with an exceptional work environment with features such as:

• Electric vehicle charging stations and close proximity to Historic Gardner Village UTA TRAX station.
• At least 75% of the building is powered by on-site renewable solar energy.
• Access to outdoor recreation, parks, trails, shared bikes and locker rooms.
• Large modern cafe with a healthy and diverse menu.
• Healthy indoor environment with ample natural light and fresh air.
• LEED-certified sustainable building that features include the use of low VOC-emitting construction materials.

Benefits:  

• Medical, Dental and Vision Insurance - START DAY ONE!  
• Life and Disability Insurance, Paid Parental Leave and Adoption Assistance
• Health Savings (HSA), Flexible Spending (FSA) and dependent care accounts
• Paid Training, Paid Time Off (PTO) and 11 Paid Federal Holidays
• 401(k) plan with company match, Profit Sharing, competitive compensation in line with work experience
• Mental health benefits including coaching and therapy sessions
• Tuition Reimbursement for qualifying employees
• Employee Ambassador preferred banking products

Apply now if you have a passion for impactful outcomes, enjoy working collaboratively with co-workers, and want to make a difference for the clients and communities we serve.