Vice President - CYBER SECURITY THREAT INTELLIGENCE SENIOR ANALYST – CIB NAR CYBER SECURITY

Business Overview:

The Cyber Threat Intelligence (CTI) Team specializes in the collection and analysis of information pertaining to the cyber threat landscape and assesses potential impact to the Firm. Cyber Threat Intelligence, obtained from internal and external sources, is collected, shared, analyzed, and leveraged across the firm’s infrastructure.

The Cyber Threat Intelligence (CTI) Team aims to support and enhance the BNP Paribas Americas security posture by providing situational awareness and a thorough understanding of the cyber threat landscape through the delivery of timely and actionable intelligence. The team regularly produces intelligence analysis for its defined stakeholders and contributes to detection efforts, preventative security controls and response to cyber events. By combining technical expertise with a thorough understanding of the geopolitical and strategic threat landscape, the team ensures depth and breadth of coverage of cyber threats and events and contextualizes them to help determine their relevance to the Firm.

Candidate Success Factors:

Candidates are measured on the following four performance drivers, which will dictate how individual impact is considered on the Americas platform:

• Results and Impact
  • Able to influence peers and team.
  • Demonstrates good judgement when making decisions of high complexity and impact.
  • Exercise appropriate autonomy in the execution and delivery of work. 
  • Responsible for driving outcomes, which have meaningful effect on team or department.
• Leadership and Collaboration:
  • Creates trust with colleagues.
  • Acts in leadership capacity for projects, processes, or programs.
• Client, Customer and Stakeholder Focus: 
  • Able to build relationships with a mix of colleagues and clients.
  • Interacts regularly with management and department leaders.
  • Demonstrates the ability to influence stakeholders at the team level. 
• Compliance Culture and Conduct: 
  • Takes full responsibility for personal actions and demonstrates courage in facing problems and conflicts.
  • Perceived as a person of high moral character; upholds corporate values and displays high ethical standards.

Responsibilities: 

• Collaborate with Cyber Threat Intelligence in other regions, and entities.
• Support the Incident Response, Purple team and the Vulnerability Management teams in Americas by providing situational awareness on threats
• Establish and maintain strategic relationships with local and federal government agencies as well as industry organizations to establish information sharing capabilities.
• Triage tactical, technical reporting in real time to determine its accuracy and identify threats of potential interest.
• Monitor cyber threat intelligence from multiple sources for actionable indicators/information.
• Evaluate threat intelligence for credibility, relevance, and exposure.
• Maintain and correlate detailed threat actor profiles/groups on adversaries of interest/relevance to the firm, covering tactics, techniques and procedures (TTPs), intent, goals and strategic objectives that could support defensive mitigation and hardening efforts.
• Produce Security Alerts, bulletins, technical notifications and vulnerability notes, in a brief and human readable form, regarding current vulnerabilities, exploits, and other security issues.
• Maintain knowledge of the threat landscape by monitoring internal and external intelligence sources to assist in the creation of quarterly threat landscape briefings.
• Participate in the development of the threat modeling processes and methodologies that will fully test the firm’s resiliency to attacks across businesses, platforms and applications.
• Track actor groups (nation-state, criminal, hacktivist and terrorist), incidents and campaigns.
• Execute threat hunts to proactively look for malicious activities within the network.
• Perform other cyber intelligence-related duties, as assigned and respond to ad-hoc requests as required.

Minimum Required Qualifications:

• Strong problem solving and analytical skills, verbal and written communication skills. 
• Excellent interpersonal skills and the ability to work effectively with others as a team.
• Ability to work independently and effectively managing and prioritizing multiple tasks.
• Solid understanding of IT security concepts with an emphasis on Security and Risk Assessment.
• Knowledge and experience with law and regulations surrounding the financial services sector.
• Advanced user of Microsoft Excel, Microsoft Word and Microsoft PowerPoint.
• Excellent understanding of networking concepts and Information Security, including emerging threats and attack methodologies.
• Excellent written and verbal communication skills.
• Demonstrable understanding of Information Technology principles, including software, hardware, and networking.
• A broad understanding of all areas of banking and the threats faced by the financial sector.
• Understanding of the Threat Intelligence Lifecycle.
• Excellent writing and presentation skills to communicate findings and recommendations to different audiences and stakeholders.

Preferred Qualifications: 

• Bachelor’s degree in computer science or engineering (relevant concentration preferred) with 7+ years of experience preferably within an intelligence function in the financial sector; Familiarity with intelligence cycle; or a Graduate Degree (Masters) in MIS.
• Information Security certifications (e.g., CISSP, CISA, CISM, SANS coursework).
• SharePoint administration and document management.
• Understanding of the Tactics, Techniques, and Procedures of cyber threat actors.
• Understanding of geo-political dynamics and how they affect the wider cyber threat landscape.
• Experience working with the Kill Chain, Diamond Model of Intrusion, Advanced Persistent Threat, Third Party Risks, Cybercrime, Hacktivism, Cyber Fraud, Malware and Ransomware, Mobile Threats, Social Engineering, Insider Threats, Incident Response, Threat Intelligence, and Host & Network-based security and similar frameworks and concepts.

• Experience working with the Kill Chain, Diamond Model of Intrusion, Advanced Persistent Threat, Third Party Risks, Cybercrime, Hacktivism, Cyber Fraud, Malware and Ransomware, Mobile Threats, Social Engineering, Insider Threats, Incident Response, Threat Intelligence, and Host & Network-based security and similar frameworks and concepts.
• Experience conducting intelligence investigations and familiarity with investigative tools, including Threat Intelligence Platforms (TIPs).
• Working knowledge of Python.

FINRA Registrations Required:

• Not Applicable 

CFTC Swap Dealer Associated Person (if yes, NFA Swaps Proficiency Program is required): 

• Not Applicable 

SEC Security-Based Swap Dealer Associated Person:

• Not Applicable 

While the description above describes our ideal candidate, we encourage applicants to apply even if they do not fully meet the complete list of qualifications noted.

The expected starting salary range for this position is between $120k to $185k annually. The actual salary may vary based upon several factors including, but not limited to, relevant skills/experience, time in role, base salary of internal peers, prior performance, business line, and geographic/office location.

In addition, our comprehensive benefits package aims to support our employees in various aspects of their lives. From healthcare and wellness programs to retirement plans and childcare services, we prioritize the well-being and growth of our employees. Our benefits include medical, dental and vision coverage, a 401(k) Savings Plan, backup childcare, life, accident and disability insurance, mental health support and paid time off. Additional details about our benefits offerings, inclusive of eligibility for a discretionary bonus, will be provided during the hiring process.

About BNP Paribas:

BNP Paribas is a leading bank in Europe with an international reach across the US, EMEA and APAC. It has a presence in 65 countries, with nearly 190,000 employees. The bank employs over 3,500 people in offices in the US across 10 states including New York, Jersey City, Chesterbrook, PA, San Francisco, Boston, Chicago, Denver, Miami, and Washington, DC. BNP Paribas has built a strong and diversified presence to support its client base. We continue to grow and strengthen our commitment to the US market through our Corporate & Institutional Banking activities. We are one of a few non-US banks to offer a full value chain for our clients, from trading to financing, and clearing and custody in the US with the international footprint and capacity to deliver both globally and locally. Leveraging the strength of our European roots, our network can support clients in virtually every region of the world, enabling more connectivity and efficiency wherever our clients conduct business. We take pride in our expertise and our ability to adapt while constantly looking ahead to create a more sustainable world.

As an international company with a global footprint, the unique cultures and viewpoints of our team members are an integral part of the fabric of BNP Paribas. We are a company with a purpose - to be a responsible and sustainable global leader. We aim to create an environment where our employees feel empowered to drive change, make an impact and be true to themselves. We employ talented individuals from a wide variety of backgrounds, locally and globally, and are inspired by our employees who help us in cultivating a diverse, equitable and inclusive workplace through initiatives such as our Diversity, Equity & Inclusion (DEI) Leadership Forum and Employee Resource Group (ERG) communities. We strive to be a workplace where all team members can grow and thrive and offer robust training, development, and mentoring opportunities to make that vision a reality. Our leaders are deeply committed to DEI and highly accessible to our employees, consistently soliciting feedback on how we can continue to support our employees to reach their highest potential. 

BNP Paribas. The Bank for a Changing World - https://usa.bnpparibas/en/homepage/join-us/our-opportunities/

BNP Paribas is committed to providing a work environment that fosters diversity, inclusion, and equal employment opportunity without regard to race, color, gender, age, creed, sex, religion, national origin, disability (physical or mental), marital status, citizenship, ancestry, sexual orientation, gender identity and gender expression, or any other legally protected status.

Protect yourself from fraudulent job postings. Emails about jobs at BNP Paribas will always come from addresses ending @bnpparibas.com @us.bnpparibas.com, @ca.bnpparibas.com, or @br.bnpparibas.com. You should be suspicious of emails regarding employment with BNP Paribas coming from any other domains and should not respond. BNP Paribas will never send payments to or request payments from candidates for positions posted by BNP Paribas.  

BNP Paribas is committed to providing a work environment that fosters diversity, inclusion, and equal employment opportunity without regard to race, color, gender, age, creed, sex, religion, national origin, disability (physical or mental), marital status, citizenship, ancestry, sexual orientation, gender identity and gender expression, or any other legally protected status.

Protect yourself from fraudulent job postings. Emails about jobs at BNP Paribas will always come from addresses ending @bnpparibas.com @us.bnpparibas.com, @ca.bnpparibas.com, or @br.bnpparibas.com. You should be suspicious of emails regarding employment with BNP Paribas coming from any other domains and should not respond. BNP Paribas will never  send payments to or request payments from candidates for positions posted by BNP Paribas