Principal Cyber Threat Analyst

🔥 7 minutes ago

🏈 Ohio – Remote

🏈 Ohio – Remote

💵 $96.5k - $207.5k / year

⏰ Full Time

🔴 Lead

🕵️ Threat Intelligence Specialist

🦅 H1B Visa Sponsor

This company has sponsored H1B visas in the past.

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Fifth Third Bank

WebsiteLinkedInAll Job Openings

10,000+ employees

Founded 1858

🏦 Banking

Banking

Fifth Third Bank is a diversified financial services company offering a wide range of banking and financial products and services. It provides personal banking solutions such as checking and savings accounts, credit and debit cards, and identity theft protection. Borrowers can access various loans and mortgage options, while investors benefit from investment products like ETFs, mutual funds, and stocks. The bank also provides a robust set of services for businesses and commercial clients, including cash management, treasury management, and specialized lending solutions. Additionally, Fifth Third offers wealth management services with private banking, trust, and estate services. Customers can benefit from Fifth Third's online and mobile banking platforms, enabling them to bank anywhere at any time. Fifth Third Bank is focused on delivering seamless banking experiences with a strong emphasis on customer convenience and security.

📋 Description

• Analyze alerts, investigate incidents, and lead response activities across enterprise systems • Act as Incident Commander and escalation point for high-severity incidents and post-incident reviews • Perform threat hunting, retro hunting, and deep-dive analysis to identify advanced attack techniques • Continuously improve detection and response workflows, playbooks, and automation • Serve as the SME for AI detection and response, including threats such as prompt injection, model abuse, and data leakage • Partner with business units to understand AI usage and provide guidance on secure implementation and monitoring • Identify and onboard new telemetry sources for AI platforms and agentic workflows • Translate emerging AI threats and industry trends into actionable detections and controls • Provide hands-on mentorship and guidance to analysts during investigations and response efforts • Set the technical standard for alert review, triage, detection quality, and investigation depth • Lead by example in incident handling, documentation, and decision-making under pressure • Support hiring, onboarding, and ongoing development of team members • Design and maintain detection logic, playbooks, and workflows aligned to threat coverage and business risk • Ensure detection capabilities support key objectives such as visibility, automation, and data quality • Identify gaps in tooling, telemetry, and processes; recommend and drive long-term improvements • Align detection and response strategies with frameworks such as MITRE ATT&CK and emerging AI threat models • Partner with product owners, engineering teams, and vendors to translate business priorities into security solutions • Organize and drive cross-functional initiatives to enhance detection and response capabilities and improve overall security maturity • Support root cause analysis and remediation efforts across technical and business domains • Communicate risk, threats, and security recommendations effectively to technical and non-technical stakeholders • Contribute to strategic initiatives and influence security decisions across the organization • Contribute to detection, analysis, and response for threats targeting CI/CD pipelines and software supply chains • Improve visibility, telemetry, and detection coverage across the software development lifecycle • Identify attack patterns and strengthen controls related to build systems, dependencies, and deployment workflows • Stay current on attacker TTPs, tools, and frameworks, including AI, cloud, and supply chain threats • Share insights through documentation, training sessions, and team knowledge transfer • Foster a culture of experimentation, continuous improvement, and technical excellence

🎯 Requirements

• Bachelor’s Degree in Computer Science or related field, or other relevant experience • 6 to 8 years of experience with the analysis/investigation and containment of potential data breaches or cyber security incidents • Scripting/Coding experience - Python, Regex, Yara as examples • Knowledge of current hacking techniques, vulnerability disclosures, data breach incidents, and security analysis techniques • Knowledge of malware families, botnets, threats by sector, and various attack campaigns and attacker methods, tools/techniques/practices • Knowledge of cloud technologies including O365 • Common security controls is required including; authentication, encryption, IDS, WAFs, firewalls, HIPS, EDR, EPP, etc. • Proficient in both Linux and Windows operating systems • Understanding of application protocols • Strong analytical, tactical and critical thinking ability. • Ability to handle multiple competing priorities in a fast-paced environment. • Ability to communicate effectively across multiple levels. • Preferred CISSP, GIAC, or other relevant certification.

🏖️ Benefits

• Comprehensive benefits • Differentiated compensation offerings • Employee wellness programs