Cyber Threat Intelligence Analyst
In Asia Pacific, BNP Paribas is one of the best-positioned international financial institutions with an uninterrupted presence since 1860. Currently with over 17,000 employees* and a presence in 13 markets, BNP Paribas provides corporates, institutional and private investors with product and service solutions tailored to their specific needs. It offers a wide range of financial services covering corporate & institutional banking, wealth management, asset management, insurance, as well as retail banking and consumer financing through strategic partnerships.
Worldwide, BNP Paribas has a presence in 73 markets with more than 196,000 employees. It has key positions in its three main activities: Domestic Markets and International Financial Services (whose retail-banking networks and financial services are covered by Retail Banking & Services) and Corporate & Institutional Banking, which serves two client franchises: corporate clients and institutional investors. Asia Pacific is a key strategic region for BNP Paribas and it continues to develop its franchise in the region.
BNP Paribas offers you an exciting career in an international business environment that is fast-paced, diverse and focuses on creating high-value relationships with our clients. We offer competitive salary and benefits, as well as a working environment where you’re valued as part of the team.
* excluding partnerships
As part of the Control Framework team, The Cyber Threat Intelligence Analysts will collect, research, coordinate, and deliver adapted intelligence to BNP Paribas business and métiers to help them in increasing their cyber threat awareness, programs and initiatives within APAC. The successful candidate will work within the Control Framework team and collaborate with APAC Cyber Threat Intelligence team
Build Threat Intelligence framework for E-Fraud controls to deliver adapted intelligence to the APAC BNP Paribas métier and business such as:
Compliance, Legal, Operational Risk Control
- Work closely with Cyber Threat Intelligence team to select the adapted threat intelligence feeds to integrate into BNP Paribas multi-feeds platform to cover the e-fraud threats
- Adapt the Threat intelligence methodology to address the E-fraud threats
- Identify and track E-fraud threats (actors, campaigns) across domains (crime, espionage, hacktivism) of potential concern to BNPP utilizing both technical and actor information, threat intelligence platforms, and other sources.
- Monitor closely the e-fraud threats actors across various business lines.
- Conduct awareness campaigns to business and relevant teams (Control and business) that presents a high e-fraud risks for the businesses in APAC
- Work with APAC Cyber Threat Intelligence team to define e-fraud scenarios for the threat hunting exercises in APAC Participate in test, implement and deploy threat hunting tools for BNP Paribas APAC
- Internal collaboration and networking experience with business lines to collect and formulate intelligence requirements for key banking activities and their related risks. Knowledge and application of the Intelligence Cycle and TTP profiling frameworks.
- Main interfaces including Production Security, Cyber Threat Intelligence, Cyber Security Incident Response Team, Digital Risk & Security Risk Management, Service providers, Business IT, Legal and Compliance, ORC, CTO, CIOs, and country COOs.
Contribute to the Permanent Control framework for implementation of policies and procedures in day‐today business activities, such as Control Plan.
- Comply with regulatory requirements and internal guidelines.
- Contribute to the reporting of all incidents according to the Incident Management System
Technical & Behavioral Competencies
At least 3 years of experience in the information security (cyber security) field with at least 2 year of experience working with or as part of a CTI organization.
• Formal training and experience in intelligence analysis or targeting / collections management preferred
• Track record of managing culture change and awareness related to information/cyber security threat landscape,
• A knowledge of e-fraud threats (actors, campaigns) is a plus
• Prior experience as part of a security operations or incident response organization extremely beneficial
• Independent, self-motivated and innovative with good problem solving, interpersonal and communication skills, and can foster teamwork
• Fluent spoken and written Chinese preferred to interact with counterparts in the region
• Russian language experience is a plus to understanding source code comments
• Regional exposure is preferred with experience working in different cultures in the Asia-Pacific region
• Strong understanding of cyber threat analysis models such as kill chain, diamond model, etc and how they apply to both targeted and non-targeted threats
• Experience using commercial and open source (OSINT) information to support intelligence analysis
• Experience in common scripting languages such as Python, Ruby, LUA, Powershell or BASH
• Strong understanding of common security products and technologies utilized in Enterprise environments (proxies, WAF, Firewalls, IDPS, Anti-Malware, Endpoint, etc)
• Understanding of the OSI stack and the various protocols from layer 1 – 7 including SNMP, HTTP, VPN, DNS, etc.