At a glance

We are looking for an experienced, self-driven Cyber Threat Intelligence Analyst who can operate independently and as part of a high-performing team in the Global Cyber Intelligence Center at ABN AMRO. Do you hold advanced cyber threat intelligence knowledge and do you have a data driven approach? Do you want to improve the analytic capacity of the team you're working in, uplift the skills of others, and contribute to the transformation of internal processes to data driven processes? Then please read further and apply online to this vacancy!

The focus of the Senior Cyber Threat Intelligence Analyst is to defend against cyber threat activity by collecting and producing intelligence to drive active cyber defence efforts. The analyst will use data analysis, cyber intelligence, and information sharing networks to gain an improved information position on trends in the threat landscape. The candidate’s affinity with data science methodology will help to automate the threat intelligence cycle and its processes and make it more efficient. The analyst will also directly support the CISO organisation by applying analytic and technical skills to identify malicious activity, varied threat groups, and in some cases support incident response tasks.

A typical workday in the GCIC team is varied, dynamic and fast-paced. It may involve threat intelligence support to incident analysis, report or brief writing, operational analysis of external threat campaigns, process design to integrate threat intelligence into cyber defensive activities or improving internal intelligence processes to uplift the GCIC capability.

Your job

Your job consists of the following tasks:

• Review all-source intelligence including internal, open source and closed source intelligence to identify emerging threat trends, TTP’s and IOCs;
• Transform these trends and TTP’s into timely, actionable intelligence products to contribute to ABN AMRO’s defensive posture through prevention, detection and Red Team activities;
• Conduct intelligence investigations into malicious cyber activity to provide attribution, identify adversary TTP’s, and provide additional context to threats to the network;
• Produce high-quality written reports, presentations and briefings, both in internal and external forums, to a wide variety of audiences, ranging from highly technical teams to executive management;
• Support time-sensitive and critical cyber incident response activities by providing intelligence including TTP’s and IOCs to shorten the incident response cycle and protect the ABN AMRO network;
• Establish and maintain productive internal working relationships with other critical teams including our Security Operations Center, Supply Chain Security, Red Team and Brand Protection partners;
• Improve the threat intelligence function’s efficiency and effectiveness by applying data science methodology and techniques.
• Contribute to the wider cyber threat intelligence community by establishing critical sharing and interpersonal relationships with industry and government organisations;
• Stay up-to-date on relevant cyber threat trends, defensive cyber practices, tooling and processes to apply industry standard practices to GCIC operations.

Working environment

You will be working within the Global Cyber Intelligence Center (GCIC) team within the ABN AMRO CISO Cyber Defence Grid. The team consists of highly motivated and passionate analysts, and contains a broad range of cyber skills including intelligence analysis, malware analysis and reverse engineering, SOC analysis and forensics, incident response, and Red Team operations. ABN AMRO is an English-language working environment, and supports hybrid working arrangements subject to operational requirements.

Your profile

You are a self-starter with strong initiative and interpersonal skills. You can identify, establish relationships with, and align with key stakeholders. You have a strong understanding of how threat intelligence contributes to cyber defensive processes, and have proven experience in designing and implementing these processes. You can operate under pressure during incident response activities and can independently support incident investigations. You collaborate and communicate well with others, and actively seek opportunities to share threat intelligence to internal and external customers. You have strong research, analytical, and problem-solving skills and have experience in mentoring junior threat intelligence staff. Our ideal candidate can demonstrate the following skills:

• A good understanding of the cyber threat intelligence cycle, and experience in cyber threat intelligence collection, production, and writing;
• Experience implementing common threat analysis models such as the Diamond Model, Cyber Kill Chain, and MITRE ATT&CK TTP framework;
• Strong foundational knowledge of common tactics, techniques and procedures used by threat actors in the wild;
• Experience with designing and implementing data driven processes and the use of LLMs to make the threat intelligence cycle more efficient.
• Experience with implementing processes to integrate threat intelligence into broader defensive activities including detection, prevention, incident response and red team operations;
• A strong understanding of incident response processes and how threat intelligence analysis supports IR activities;
• Experience conducting technical threat intelligence investigations into malicious activity, including conducting attribution and TTP analysis;
• Familiarity with technical engineering requirements associated with the production of intelligence;
• Proven ability to design and tailor briefings to present findings and conclusions clearly and concisely to all levels of staff, management and/or vendors;
• Ability to track industry developments, threat trends and relevant technologies;

We are offering

We believe it is important to be a good employer. Joining us means stepping into a role with impact, supported by excellent employment conditions that foster your job satisfaction, development, and wellbeing. In addition, we offer:

• An attractive gross monthly salary based on a 36‑hour work week, including holiday allowance and a flexible benefit budget.
• An excellent pension scheme, ensuring that you are well prepared for the future.
• Flexibility in working: working from home is possible in consultation with your team and depending on your role. We will provide an ergonomic home office setup for you.
• Plenty of room for relaxation with five weeks of vacation per year, supplemented by two mandatory days off. You can also purchase up to four additional weeks of vacation annually.
• Five “Banking for better days”: extra days off that you can use for personal development or volunteer work.
• Personal development is key: you receive a development budget of €1,000 per year, which can accumulate up to €3,000.
• An annual public transport pass with free public transportation throughout the Netherlands for both business and private use.

You can find more information about our employment conditions and salary scales in our Collective Labour Agreement (CLA), which applies to this vacancy.

Interested?

Does this opportunity sound like something you’d be interested in? Please send us your application as soon as possible. We look forward to meeting you.

Your Future: Inclusive, Innovative, Sustainable

At ABN AMRO, we believe in "Banking for better, for generations to come." Equal opportunities for everyone are a crucial foundation, as we strive for an inclusive culture where all employees feel seen, heard, and valued. Our vision of being a personal bank in the digital age aligns perfectly with the demand for surprising insights and innovative solutions, born from a diverse interplay of cultures and experiences. We focus on customer experience, sustainability, and building a future-proof bank, conducting annual reviews to ensure equal pay for equal work. Join a bank that embraces ingenuity and ambition, and make an impact with us for a better future.

If you want to apply for the B-Able or Reboot program, make sure to mention it both in the title and the content of your resume.

Disclaimer external recruitment agencies

External recruitment agencies need to have a signed agreement with ABN AMRO BANK N.V., executed by a Talent Acquisition Specialist, when submitting a resume to a vacancy. No unsolicited services or offers, please.