Threat Management Analyst
Working Arrangement: Remote
Schedule: Sunday to Thursday, 9 am - 6 pm Saudi Time GMT+3
Contract Duration: initial 6 - 12 months
Job Description:
- Monitor global and regional cyber threat intelligence sources to identify emerging threats relevant to the bank.
- Analyze threat actor TTPs, campaigns, malware families, and attack vectors that may impact cloud, API, mobile, and digital banking platforms.
- Enrich SIEM/SOAR alerts with contextual intelligence to support L2/L3 investigations.
- Produce threat advisories, risk briefings, and intelligence reports for CDC and leadership.
- Maintain and update the bank's threat landscape, mapping threat activity to MITRE ATT&CK.
- Provide IOCs, IOAs, and behavioral patterns to Detection Engineering for new use cases.
- Support proactive threat hunting by supplying hypotheses and intelligence-based leads. Collaborate with engineering teams to assess exposure to newly disclosed vulnerabilities (zero-days, CVEs).
- Participate in purple team exercises to validate readiness against priority threats.
- Maintain relationships with external intelligence-sharing communities and regulators (where applicable).
Qualifications
- 2+ years of experience in cyber threat intelligence, SOC, or cybersecurity analysis.
- Strong understanding of IOCs, IOAs, TTPs, kill chain, and MITRE ATT&CK.
- Experience monitoring threat feeds and analyzing threat actor behaviour, malware, and campaigns.
- Ability to enrich SIEM/SOAR alerts with contextual intelligence.
- Skilled in producing threat advisories, intelligence briefs, and technical reports.
- Experience providing IOCs/TTPs to support detection engineering and threat hunting.
- Familiarity with assessing zero-days/CVEs and evaluating exposure.
- Strong analytical, research, and communication skills.
- Certifications like GCTI, CySA+, CTIA, or GSEC are a plus.
