Threat Intel Strategic Analyst Fusion, Associate, Singapore
- Singapore Singapore Singapore SG
- Permanent, Full time
- Morgan Stanley
- 17 Jun 18 2018-06-17
See job description for details
Morgan Stanley is a leading global financial services firm providing a wide range of investment banking, securities, investment management and wealth management services. The Firms 55,000 employees, located in 747 offices across 42 countries, serve clients including corporations, governments and individuals. As a market leader, the talent and passion of our people is critical to our success. Together, we share a common set of values rooted in integrity, excellence, a strong team ethic and giving back to our communities. Morgan Stanley provides a superior foundation for building a professional career - a place for people to learn, achieve and grow. A philosophy that balances personal lifestyles, perspectives and needs is an important part of our culture.
Division & Department Profile
The mission of the Global Technology division is to provide a highly reliable and commercial technology platform, which supports the Firms strategy, delivered by an innovative, world-class team of professionals. Technology & Information Risk (TIR) is part of the Global Technology organization and manages operational and technology related risks on behalf of the Firm. TIR's mandate is to enable the Firm to manage its technology and data related risks through implementing proactive, comprehensive and consistent risk management practices across the Firm to protect the franchise while capturing business opportunities. The TIR team partners with the business by ensuring that Technology and Data understands how to manage escalate and monitor risk.
Morgan Stanleys state-of-the-art Cybersecurity Fusion Center (Fusion) is charged with orchestrating prevention, detection, and response to cyber events that threaten the Firms clients, assets, and reputation. Partnering with key stakeholders across Enterprise Technology & Risk and the Business Units, Fusion manages cyber events from detection through response to resolution, and serves as the Firms focal point for cyber communications and reporting. Fusing together information received externally from our partners and internally from our detection and analytics teams to enable rapid decision-making, Fusion is the cornerstone of the Firms agile and adaptive cyber defense strategy - enabling the Firm to rapidly align our defensive capabilities to adapt to changing adversary tactics.
The Threat Intelligence (TI) Team specializes in the collection and analysis of information pertaining to the cyber threat landscape and assesses potential impact to the Firm and its operations. The teams key mission is to support and enhance the Firms security posture by providing situational awareness and a thorough understanding of the cyber threat landscape through the delivery of timely and actionable intelligence. The team regularly produces intelligence analysis for its defined stakeholders and contributes to Fusions detection efforts, preventative security controls and response to cyber events.
By combining technical expertise with a thorough understanding of the geopolitical and strategic threat landscape, the team ensures depth and breadth of coverage of cyber threats and events, and contextualizes them to help determine their relevance to the Firm. The team is made up of a Strategic Hub (New York), a Technical Analysis Hub (Baltimore) and Joint Hubs (Glasgow, Singapore).
The team is seeking a Strategic Threat Intelligence Analyst to join the Joint Hub in Singapore which is responsible for providing both technical and strategic assessment of the threat landscape to key leaders and stakeholders. The Hub will play a key role in fostering engagement and partnerships with regional government and private sector peers. Members of the Hub will actively participate in information-sharing initiatives to increase the Threat Intelligence Teams profile among local peers and contribute to develop the Teams understanding of the regional threat landscape.
Strategic analysts are responsible for tracking threat actors who fall within their respective area of responsibility (AOR) and updating the Threat Register accordingly, collaborating with technical analysts to research and identify shifts and trends in threat actors intent, targeting and capabilities. In this capacity, strategic analysts contribute to threat briefings and deep-dive analyses delivered to operational teams and senior leadership.
Monitor intelligence sources for actionable indicators/information, including:
Vendors and Private Sources
Internal Sources (Situational Awareness/Identifying Patterns/Trends/Holistic Approach)
Draft Daily Updates and Cyber Daily Briefs, Weekly INTSUM, Bi-weekly Intel Briefings;
Provide strategic assistance to joint AORs;
Respond to Requests For Information (RFIs);
Perform analysis/assessment on actionable threat information pertaining to tracked threats;
Collect, assess, and catalogue threat indicators and add context to convey urgency, severity, and credibility;
Maintain and curate Threat Register entries in line with defined Areas of Responsibility (AORs);
Monitor OSINT for emerging threats/trends;
Engage Technical Analysts for collaborative threat assessments
Share information collected with appropriate internal teams and external partners
Actively participate in external engagements with financial sector peers and government partners to provide representation for Morgan Stanley
Experience & Skills Required (essential)
2+ years of professional analytical experience, preferably within an intelligence function in the financial sector
Familiarity with intelligence cycle
Understanding of key concepts relating to intelligence analysis and Intelligence Requirements (IRs) collection
General understanding of the Tactics, Techniques, and Procedures of cyber threat actors
Experience with Open Source Intelligence (OSINT) products and sources
Understanding of geo-political dynamics and how they affect the wider cyber threat landscape
Experience working with the Kill Chain, Diamond Model of Intrusion and similar frameworks and concepts
Excellent writing and presentation skills to communicate findings and recommendations to different audiences and stakeholders
Bachelor Degree in International Studies, Information Technology, or Criminal Justice/Intelligence fields.
Experience & Skills Preferred
International experience or experience working for a global organization
Regional expertise as applied to threat actors
Familiarity with alternative analysis techniques and predictive analysis methodology
Experience with conducting intelligence investigations and familiarity with investigative tools, including Maltego, DomainTools, and VirusTotal
Familiarity with Threat Rating Methodology
Experience using Threat Intelligence Platforms (TIPs)
Active memberships with associations across the security and intelligence community