Senior Threat Intelligence Analyst

Join ABN AMRO as a Senior Threat Intelligence Analyst

At a glance

We are looking for an experienced, self-driven Cyber Threat Intelligence Analyst who can operate independently and as part of a high-performing team in the Global Cyber Intelligence Center (GCIC) at ABN AMRO. The ideal candidate will possess advanced cyber threat intelligence and IT security knowledge, strive to improve the analytic capacity of the team, uplift the skills of others, and contribute to the enhancement of internal processes.

The focus of the Senior Cyber Threat Intelligence Analyst is to defend against cyber threat activity by collecting and producing intelligence to drive active cyber defence efforts. You will use data analysis, cyber intelligence, and information sharing networks to gain an improved information position on trends in the threat landscape. You will also directly support the CISO organisation by applying analytic and technical skills to identify malicious activity, varied threat groups, and, in some cases, support incident response tasks.

A typical workday in the GCIC team is varied, dynamic, and fast-paced. It may involve threat intelligence support to incident analysis, report or brief writing, operational analysis of external threat campaigns, process design to integrate threat intelligence into cyber defensive activities, or improving internal intelligence processes to uplift the GCIC capability.

Your job

• Review all-source intelligence, including internal, open source, and closed source intelligence, to identify emerging threat trends, TTPs, and IOCs.
• Transform these trends and TTPs into timely, actionable intelligence products to contribute to ABN AMRO’s defensive posture through prevention, detection, and Red Team activities.
• Conduct intelligence investigations into malicious cyber activity to provide attribution, identify adversary TTPs, and provide additional context to threats to the network.
• Produce high-quality written reports, presentations, and briefings, both in internal and external forums, to a wide variety of audiences, ranging from highly technical teams to executive management.
• Support time-sensitive and critical cyber incident response activities by providing intelligence, including TTPs and IOCs, to shorten the incident response cycle and protect the ABN AMRO network.
• Establish and maintain productive internal working relationships with other critical teams, including our Security Operations Center, Supply Chain Security, Red Team, and Brand Protection partners.
• Contribute to the wider cyber threat intelligence community by establishing critical sharing and interpersonal relationships with industry and government organisations.
• Stay up-to-date on relevant cyber threat trends, defensive cyber practices, tooling, and processes to apply industry standard practices to GCIC operations.

Working environment

You will be working within the Global Cyber Intelligence Center (GCIC) team, part of the ABN AMRO CISO Cyber Defence Grid. The team consists of highly motivated and passionate analysts and covers a broad range of cyber skills, including intelligence analysis, malware analysis and reverse engineering, SOC analysis and forensics, incident response, and Red Team operations. ABN AMRO is an English-language working environment and supports hybrid working arrangements, subject to operational requirements.

Your profile

You are a self-starter with strong initiative and interpersonal skills. You can identify, establish relationships with, and align with key stakeholders. You have a strong understanding of how threat intelligence contributes to cyber defensive processes and have proven experience in designing and implementing these processes. You can operate under pressure during incident response activities and can independently support incident investigations. You collaborate well with others and actively seek opportunities to share threat intelligence with internal and external customers.

Our ideal candidate can demonstrate the following hard skills:

• A good understanding of the cyber threat intelligence cycle, and experience in cyber threat intelligence collection, production, and writing.
• Experience implementing common threat analysis models such as the Diamond Model, Cyber Kill Chain, and MITRE ATT&CK TTP framework.
• Strong foundational knowledge of common tactics, techniques, and procedures used by threat actors in the wild.
• Experience with implementing processes to integrate threat intelligence into broader defensive activities, including detection, prevention, incident response, and red team operations.
• A strong understanding of incident response processes and how threat intelligence analysis supports IR activities.
• Experience conducting technical threat intelligence investigations into malicious activity, including conducting attribution and TTP analysis.
• Familiarity with technical engineering requirements associated with the production of intelligence.

And it would be great if you recognize yourself in the following soft skills too:

• Strong research, analytical, and problem-solving skills.
• Excellent verbal, written, and interpersonal communication skills.
• Proven ability to design and tailor briefings to present findings and conclusions clearly and concisely to all levels of staff, management, and/or vendors.
• Experience mentoring junior threat intelligence staff.
• Ability to track industry developments, threat trends, and relevant technologies.
• Ability to work independently and as part of a team.

We are offering

We offer a challenging but rewarding opportunity to develop industry-leading skills and experience in a supportive work environment. ABN AMRO employees are given the keys to their own success and are actively encouraged to seek training and development opportunities, including formal technical and soft skills training, conferences, professional networking, and personal growth projects. In addition, we offer:

• The gross monthly salary displayed above is based on a 36-hour work week, including vacation pay and benefit budget.
• The Benefit Budget is 11% of your salary. The Benefit Budget allows you to acquire additional employment benefits. If you make no purchases or reservations in the Benefit Shop in a given month, you are paid one twelfth of your Benefit Budget that month.
• Five weeks of vacation per year, with the option to purchase an additional four weeks per year.
• Personal development budget of €1,000 per year, which you can accumulate up to €3,000.
• Possibility to work from home (in consultation with your team and depending on your position).
• An annual public transport pass with free public transportation throughout the Netherlands.
• An excellent pension scheme.