Cyber Threat Intelligence - Threat Hunter - Hybrid

Your opportunity

Charles Schwab Cybersecurity Operations organization is seeking a Cyber Threat Hunter within the Threat Intelligence team. The selected candidate will focus on identifying threats to Schwab and analyzing threats to our organization's core assets. Threat Intelligence team members are tasked with developing relationships both internally and externally, identifying trends, educating employees, studying attacker TTPs and providing proactive defense measures and models to other teams.

What you are good at:

• Play a critical role in analysis of disparate information and synthesizing into relevant actionable intelligence.
• Ability to deliver accurate, timely and professional intelligence products.
• Support investigative efforts within the Cyber Defense organization.
• Capable communicator that can engage others both internally and externally to protect the company’s critical assets.
• Interface with peer departments across the firm.
• Build positive and productive relationships with the business and technology.
• Ability to securely share actionable intelligence internally and externally while maintaining TLP.

What you have

What you have:

• Minimum of 3 years of experience in one or more or more of the following areas is required: Threat Hunting, Information Security, Enterprise Security Monitoring & response, Security Orchestration and Automation, Information Technology, Penetration Testing, Threat Intelligence, Security Architecture/Design Strategy, System Analysis and Implementation, or related function.
• BS in Computer Science (or related field) or equivalent work experience.
• Knowledge of how advanced adversaries operate, their TTPs and malware families.
• Scripting or programming experience for automating processes.

• Conduct threat hunting to identify and prioritize, classify, and report on cyber threats following industry best practices.
• Collect, process, catalog, and document threat information and regularly provide expert analysis through curated intelligence briefings.
• Experience in the consumption, processing, and analysis of tactical Cyber Threat Intelligence within an operational environment, supporting monitoring detection and response capabilities.
• In cooperation with vital stakeholders, participates and executes in developing an effective strategy to assess and mitigate foreign and domestic risk, manage crises and incidents, and safeguard the organization.
• Directs and assists team resources in identifying, developing, implementing, and maintaining security processes, practices, and policies throughout the organization to reduce risks, respond to incidents, and limit exposure and liability in all areas of information, financial, physical, personal, and reputational risk.
• Ensures the organization’s compliance with the local, national, and international regulatory environments where applicable to the accountability of this role (i.e., privacy, data protection, and environmental health and safety).
• Contribute to advancing the organization's global security intelligence program, focusing on actionable data to proactively protect the company, employees, and assets.
• Demonstrated effectiveness influencing the cross-organizational teams.
• Understanding of NIST, MITRE ATT&CK framework.
• Experience with varied technologies including SOAR, SIEM, Cloud based security platforms, data analysis tools.

What’s nice to have:

• Experience in monitoring OSINT (Open-Source Intelligence), SOCMINT (Social Media Intelligence), and internal intelligence resources for known and emerging security threats to employee safety, company security, business operations, or reputation risks and provide correlation and trending analysis.
• Develop and manage relationships with high-level law enforcement officials and international counterparts, including international security agencies, intelligence, and other relevant governmental functions and private sector counterparts worldwide.
• Experience with any Public Clouds (AWS/GCP/Azure)
• Experience with reporting/visualization of metrics, establishing and maintaining standards, processes, and procedures.