Cyber Security Analyst - Threat Researcher
Smbc Global Foundation Inc
Cyber Security Analyst - Threat Researcher
As a Cyber Security Analyst - Threat Researcher, you will be a key part of a high performing Cyber Threat Intelligence program with a desire to continually improve and advance capabilities that protect SMBC Group. A qualified applicant will have demonstrated experience researching cyber threats and vulnerabilities to develop and maintain attack flow models as part of the threat modeling process.
This role plays a key part in advancing our understanding of adversary tactics, techniques, and procedures (TTPs) by transforming threat intelligence into visual attack flow models that drive proactive defense strategies. It involves close collaboration with stakeholders to communicate cybersecurity risks and advocate for secure technologies and practices. This is an excellent opportunity for a developing cybersecurity professional to apply threat-informed defense in a complex enterprise environment, address real-world challenges, and strengthen SMBC Group resilience against evolving threats.
Key responsibilities include:
- Conduct deep-dive research into threat actors, malware families, vulnerabilities, exploits, and campaigns to identify attack patterns and extract adversary tactics, techniques, and procedures (TTPs).
- Analyze threat intelligence from open-source, commercial, and internal telemetry to identify relevant attack patterns and enrich threat models
- Stay current with evolving threat landscape and industry best practices to identify emerging threats to the financial services sector.
Additional responsibilities include:
- Design and maintain attack flow models that visually represent adversary behaviors across the cyber kill chain.
- Use frameworks such as MITRE ATT&CK, Diamond Model, and Cyber Kill Chain to structure flows that map TTPs to real-world attack scenarios.
- Simulate adversary behaviors against financial systems (e.g., SWIFT, ACH, card processing platforms) to identify detection and mitigation gaps.
- Build attack flow models that support detection logic, vulnerability identification, threat hunting, and red team simulations.
Required qualifications include:
- 3+ years of dedicated experience in cyber threat intelligence, threat research, or a threat hunting role within a SOC or information security program.
- Strong understanding of adversary TTPs and threat modeling frameworks (MITRE ATT&CK, Diamond Model, etc.).
- Ability to analyze large datasets, multi-task, and effectively prioritize tasks.
- Conduct attack surface risk modeling and articulate high-risk areas to stakeholders.
- Experience building visual attack flows or kill chain diagrams using industry tools.
- Excellent research, analytical, visualization, and communication skills.
SMBC's employees participate in a Hybrid workforce model that provides employees with an opportunity to work from home, as well as, from an SMBC office. SMBC requires that employees live within a reasonable commuting distance of their office location. Prospective candidates will learn more about their specific hybrid work schedule during their interview process. Hybrid work may not be permitted for certain roles, including, for example, certain FINRA-registered roles for which in-office attendance for the entire workweek is required.
SMBC provides reasonable accommodations during candidacy for applicants with disabilities consistent with applicable federal, state, and local law. If you need a reasonable accommodation during the application process, please let us know at accommodations@smbcgroup.com.