• Competitive
  • Warsaw, Mazowieckie, Poland
  • Permanent, Full time
  • Standard Chartered Bank
  • 2019-07-23

Threat Use Case Analyst

  • Location: Warsaw, Mazowieckie, Poland
  • Salary: Competitive
  • Job Type: Full time

Threat Use Case Analyst

About Standard Chartered
We are a leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East.

To us, good performance is about much more than turning a profit. It's about showing how you embody our valued behaviours - do the right thing, better together and never settle - as well as our brand promise, Here for good.

We're committed to promoting equality in the workplace and creating an inclusive and flexible culture - one where everyone can realise their full potential and make a positive contribution to our organisation. This in turn helps us to provide better support to our broad client base.


The Role Responsibilities

• Support the Cyber Threat Use Case Manager, Cyber Defence Analysts, and Threat Intel Analysts in designing, implementing threat use cases & identifying potential threat scenarios,
• Develop and gather requirements for threat use cases to detect adversary behaviours
• Maintain the threat use case library to ensure use cases are properly enriched, mapped to Mitre Att&ck, and operating correctly
• Work closely with other service lines to continuously enhance threat use cases as new products, logs, and capabilities are introduced to the organization
• Identify and improve orchestration, data enrichment and triage capabilities through SOAR platform
• Work closely with content detection engineering team to continuously monitor and tune threat use cases,


Our Ideal Candidate

• Experience and strong domain knowledge/expertise in security operations (e.g., SOC, Forensics, Threat Intelligence) or red teaming/pentesting with advanced knowledge of adversary techniques.
• Experience identifying adversary behaviours and techniques used to conduct attacks
• Good understanding of security threats across multiple platforms/environments (e.g., Windows/*nix/Cloud/Mainframe/Containers)
• Knowledge of threat intelligence platform (TIP), IOCs, into alerting and detection strategy is highly beneficial
• Ability to work across functional teams to incorporate security products into SIEM