Cyber Security Threat Intel Manager

  • Huntington Bank
  • Aug 31, 2019
Full time Intelligence Fraud Investigation

Job Description

The Cyber Security Threat Intel Manager is primarily responsible for providing leadership, as well as operational and tactical direction to diverse teams, including analysts, engineers and architects. The Cyber Security Threat Intel Manager provides strategic direction for advancement of the Threat Intel Domain. The manager leads the team through the information security program by establishing highly effective policies, procedures and collaboration among teams. The Cyber Security Threat Intel Manager possesses a strong technical background and understands risk, mitigation and technical controls. The manager is expected to lead teams that perform technical work as well as possess leadership qualities. This position requires strong written and oral communication skills, as well as the ability to communicate detailed, technical information in a manner comprehensible by individuals at varying degrees of experience and skill level. The role requires the ability to speak confidently in front of large groups and with corporate management, vendors and service providers. The Cyber Security Threat Intel Manager also contributes to the development of the Threat Intel strategy and roadmap.


Detailed Description:

  • Actively recruits and leads by example to create a Huntington culture where employees want to work and feel empowered by the work they do.
  • Mentors Threat Intelligence team and places a heavy emphasis on employee retention – people first.
  • Creates a working environment that is conducive to two-way communication, teamwork and learning.
  • Recognizes the varying strengths, skills and needs of the Threat Intel team and adapts his/her coaching to obtain the best possible results from each individual contributor.
  • Serve as the technical lead accountable for delivery and implementation for Threat Intel for the bank.
  • Lead delivery and implementation of Threat Intel applications and infrastructure, including but not limited to threat intelligence platforms.
  • Ensure that Huntington’s Threat Intel services are designed to be compliant with security and privacy standards, industry standards and the bank Threat Intel program.
  • Leads in the delivery of TVM projects and key milestones.
  • Consult with cross-impacted team when implementing or making changes for Threat Intel tools.
  • Works closely with the incident and threat hunting teams, and various lines of business to mitigate risk.
  • Creates and distributes threat intel products to impacted members at the bank.
  • Generate and publish Threat Intel metrics.
  • Monitor output of Threat Intel technology to ensure effective operation.
  • Coordinate the annual policy and standard review process.
  • Facilitate creating / maintaining domain operational procedures; ensure procedures are executed effectively.
  • Lead in remediation of Findings and Action Plans; partner with 1st, 2nd, and 3rd line Risk.
  • Technical Lead with administrative support and integration support for the Threat Intel tools.
  • Leads in the identification, evaluation, selection, and implementation of Threat Intel technologies.
  • Identify and drive process improvement within Threat Intel program.
  • Actively support security collaboration with internal and external parties.
    • Partner with third party sharing communities (FS-ISAC, NCFTA, Columbus Collaboratory).
    • Actively share threat intel with third party sharing communities.


Basic Qualifications:

  • Bachelor’s degree
  • 6 years of experience in Information Security or in management of a cross functional department


Preferred Qualifications:

  • 6 years of experience gathering requirements and demonstrating successful delivery
  • Extensive knowledge with Threat Intel Domain, Threat Intelligence feeds, and other sources for identification of threat intelligence
  • Experience with STIX, TAXI, OpenIOC, and other threat intelligence schema
  • Expert of threat actors and the TTPs used by known threat actors
  • Advanced experience in automation and scripting of applications and systems
  • Strong understanding of security architecture and tools which can be leveraged for threat mitigation
  • Strong written and verbal communication skills.
  • Strong understanding of cyber threat analysis models
  • Advanced experience with Security Assessment Toolsets (Metasploit, NMAP, Cobalt Strike, Nessus, Burp Suite, etc.)
  • Comprehensive knowledge of the OSI Reference Model
  • Advanced experience with Networking components (routers, switches, load balancers, wireless access points, etc.)
  • Comprehensive knowledge of firewalls, proxies, mail servers and web servers
  • Advanced experience with operational support for operating systems, applications and networks
  • Comprehensive knowledge of client/server relationships
  • Comprehensive knowledge of relational databases and structured query language
  • Comprehensive knowledge of multi-tier environments
  • Desirable Certifications: CISSP, CISM, GCTI, CCIP, CTIA, GSLC or similar certifications


We endeavor to make this site accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact us at .