Your Role and Responsibilities
The Kyndryl CISO Defense Tower is looking for a talented professional to join our growing advanced threat detection and response team that drives proactive identification of threats within the organization, provide rapid response, detect and defeat sophisticated adversaries focused on breaching our organization, and identifies and blocks advanced behavioral techniques. As a Threat Intelligence Analyst at Kyndryl, the qualified candidate will be tasked with identifying threats to the enterprise as well as our customers. They will investigate the newest cyber events and threats. Their role will include summarizing your findings, reporting data, producing actionable threat intelligence and aid in enhancing cyber defense.
- Track day-to-day emerging cyber events and identify those with the greatest impact on our enterprise and our customers.
- Be a leading knowledge source in information security and cyber matters supporting other departments with your knowledge and expertise.
- Develop attack detection & response playbooks, counter-measure definition, and strategies to mitigate emerging threats
- Threat Hunting using various toolsets, based on intelligence gathered
- Conduct cyber threat modeling to improve threat detection & mitigation
- Provide intelligence briefings to other areas of the business on threats or threat actors and the risk they bring to the environment
- Coordinates the planning, development and production of communication materials using various communication vehicles
- Interface with Security Operational Center (SOC) management and related internal groups for review, production, and dissemination of content
- Proactively hunt for currently undetected abuse by leveraging internal data, open-source intelligence and third party private intelligence
- Participate in the shaping of new enforcement policies to mitigate emergent threats
- Maintain thorough documentation of cyber threats, threat vectors, threat actors, and threat trends for consumption during threat modeling activities and security incidents.