As a Cyber Security Sr. Analyst on the Threat Intelligence team in our Information Security Risk (ISR) area, you will help us build and mature our threat intelligence capabilities! You will also develop and maintain a comprehensive set of threat intelligence processes to support operational, tactical, and strategic decision making. You will communicate across lines of business, as well as to executives and the board of directors.

Here are some of the other things you will do:

• Perform highly specialized review and evaluation of incoming cyber security information to resolve its usefulness for intelligence. Analyze threat information from various sources and synthesize and places intelligence information in context; draw insights about possible implications.
• Prepare formal/informal analysis and briefings to define threats to the organization. Lead efforts for appropriate mitigation.
• Provide collection and analysis of cyber security information that may be used to develop intelligence. Performs activities to gather TTP on cyber threat actors to mitigate possible or real-time threats, protect against espionage or insider threats, or to support other intelligence activities.
• Conduct operational-level planning across the full range of cyber defense operations.
• Investigate cyber security events or crimes related to information technology (IT) systems, networks, and digital evidence. Collect, processes, preserve, analyze, and present computer-related evidence in support of network vulnerability and threat mitigation and/or criminal, fraud, or law enforcement investigations.
• Identify, analyze, and mitigate threats to internal information IT systems and/or networks. Conduct assessments of threats and vulnerabilities; resolves deviations from acceptable configurations, enterprise or local policy; assesses the level of risk; and develops and/or recommends appropriate mitigation countermeasures, evaluate and recommend defensive measures to protect information, information systems, and networks from threats.
• Advise business partners and influence decisions on future technical trends to meet business strategy initiatives. This may include development of solution architecture and impact assessments. Ensure risk appropriate solutions are considered and included.

• Bachelor’s degree in a related field or equivalent experience required
• Must have demonstrable experience as an IT security professional
• Solid grasp and experience applying common frameworks used to describe cyber threat actors, actions, and capabilities (Diamond, Veris, MITRE ATT&CK, etc.) and share threat intelligence (STIX/TAXII)
• In-depth knowledge in the following fields is required: cybersecurity principles used to mange risks related to the use, processing, storage, and transmission of information or data; common information technology (IT) security controls (e.g.: firewalls, demilitarized zones, encryption); new and emerging information technology (IT) and cybersecurity technologies and risks; information technology (IT) supply chain and vulnerability risk best practices
• Advanced planning/ organizational, problem-solving, analytical, consulting, time management and decision-making skills required
• Ability to effectively communicate technical security plans, strategies, and designs to all levels of the company
• Must be detail oriented and able to maintain a high degree of accuracy
• Ability to maintain confidentiality crucial
• Working conditions: ability to move 25 pounds as a physical requirement of the position

Location

Willing to consider remote candidates.

How we hire:

Once you apply, your application is hand reviewed by our talent team. Generally within a few weeks, the team makes interview selection decisions and communicates those via email.  If selected, you’ll receive an email from Principal Talent Team to complete a pre-recorded interview on your own time.  Be sure to check your email frequently and follow the steps shared to submit timely.

Learn more about our hiring steps and find answers to frequently asked questions.

Work Authorization/Sponsorship

At this time, we're not considering candidates that need any type of immigration sponsorship now or in the future or those needing work authorization for this role. (This includes, but is not limited to students on F1-OPT, F1-CPT, J-1, etc.)

Investment Code of Ethics

For Principal Global Investors positions, you’ll need to follow an Investment Code of Ethics related to personal and business conduct as well as personal trading activities for you and members of your household. These same requirements may also apply to other positions across the organization.

Experience Principal

While our expertise spans the globe, we're bound by one common purpose: to foster a world where financial security is accessible to all. And our success depends on the unique experiences, backgrounds, and talents of our employees – individually and all of us together. Explore our core values, benefits and why we’re an exceptional place to grow your career.

Principal is an Equal Opportunity Employer

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.