Cyber Security Analyst - Threat Researcher

The anticipated salary range for this role is between $97,000.00and $154,000.00. The specific salary offered to an applicant will be based on their individual qualifications, experiences, and an analysis of the current compensation paid in their geography and the market for similar roles at the time of hire. The role may also be eligible for an annual discretionary incentive award. In addition to cash compensation, SMBC offers a competitive portfolio of benefits to its employees.

Role Description

As a Cyber Security Analyst - Threat Researcher, you will be a key part of a high performing Cyber Threat Intelligence program with a desire to continually improve and advance capabilities that protect SMBC Group. A qualified applicant will have demonstrated experience researching cyber threats and vulnerabilities to develop and maintain attack flow models as part of the threat modeling process.

This role plays a key part in advancing our understanding of adversary tactics, techniques, and procedures (TTPs) by transforming threat intelligence into visual attack flow models that drive proactive defense strategies. It involves close collaboration with stakeholders to communicate cybersecurity risks and advocate for secure technologies and practices. This is an excellent opportunity for a developing cybersecurity professional to apply threat-informed defense in a complex enterprise environment, address real-world challenges, and strengthen SMBC Group resilience against evolving threats.

Role Objectives : Delivery

Key Responsibilities :

Successful candidates will require a blend of technical, analytical, and communication skills. You must be able to demonstrate a comprehensive understanding of cyber security best practices and clearly communicateknowledge of vulnerability exploitation lifecycles and network security concepts. You will be required to work as part of a team but capable of performing independantthreat research to identify threat opportunity, security gaps, and key areas for improvement to mitigate potential cybersecurity related risks. You will be required toconvey output of all threat research and analysis through the production of intelligence reports, briefings, and visual attack path diagrams in a clear, actionable format. Specific areas of responsibilties include :

Threat Research & Analysis :

• Conduct deep-dive research into threat actors, malware families, vulnerabilities, exploits, and campaigns to identify attack patterns and extract adversary tactics, techniques, and procedures (TTPs).
• Analyze threat intelligence from open-source, commercial, and internal telemetry to identify relevant attack patterns and enrich threat models
• Stay current with evolving threat landscape and industry best practices to identify emerging threats to the financial services sector.

Attack Flow Modeling :

• Design and maintain attack flow models that visually represent adversary behaviors across the cyber kill chain.
• Use frameworks such as MITRE ATT&CK, Diamond Model, and Cyber Kill Chain to structure flows that map TTPs to real-world attack scenarios.
• Simulate adversary behaviors against financial systems (e.g., SWIFT, ACH, card processing platforms) to identify detection and mitigation gaps.
• Build attack flow models that support detection logic, vulnerability identification, threat hunting, and red team simulations.

Tooling & Automation :

• Use threat intelligence platforms (TIPs), SIEMs, to automate data collection and analysis.
• Leverage threat modeling tools such as ATT&CK Navigator, or custom graphing tools to create and manage attack flows.
• Develop scripts or workflows to automate the generation and updating of attack flow diagrams based on new intelligence.

Reporting & Communication :

• Produce clear, actionable intelligence reports and visualizations for both technical and executive audiences.
• Present attack flow models in threat briefings, tabletop exercises, and strategic planning sessions.
• Work closely with SOC analysts, security testing, cyber resiliance, and threat modeling pesonnel to validate and operationalize attack flows.
• Communicate and integrate understanding of attack flow models into threat detection logic for security engineering, SIEMs, and other security orchestration tools.
• Recommend improvements to threat modeling methodologies and threat intelligence workflows.

Qualifications and Skills

Required Qualifications :

• 3+ years of dedicated experience in cyber threat intelligence, threat research, or a threat hunting role within a SOC or information security program.
• Strong understanding of adversary TTPs and threat modeling frameworks (MITRE ATT&CK, Diamond Model, etc.).
• Ability to analyze large datasets, multi-task, and effectively prioritize tasks.
• Conduct attack surface risk modeling and articulate high-risk areas to stakeholders.
• Experience building visual attack flows or kill chain diagrams using industry tools.
• Excellent research, analytical, visualization, and communication skills.

Preferred Qualifications :

• Bachelor of Information Technology, Computer Science, or similar preferable
• Practical, hands-on threat modeling experience using frameworks such as STRIDE, attack trees, and OWASP methodologies.
• Familiarity with graph databases or visualization libraries (e.g., Neo4j, Graphviz, D3.js).
• Experience in a financial institution, FinTech, or other industry with regulatory environment.

Familiarity with financial regulations and compliance frameworks (e.g., FFIEC, GLBA, PCI-DSS).

• Certifications such as GCTI, CTIA, CEH, or MITRE ATT&CK Cyber Threat Intelligence Certification.
• Proficiency in scripting languages such as KQL and Python for data parsing, enrichment, and automation of threat intelligence workflows.

Cyber Security Analyst • New York, NY, US