Location: 4910 Tiedeman Road, Brooklyn OhioOur Cyber Threat Management team rolls up into Key's broader Cyber Defense function within Corporate Information Security. Cyber Defense's mission is simple: We aim to Deter, Detect, Deny, and Disrupt adversaries through proactive threat-centric defense.The Insider Threat and Threat Hunting Senior Analyst is a key member of the Cyber Threat Management (CTM) team and has responsibilities in both areas. In this role, you will focus on both technical insider threats and threat hunting. This role includes hands-on technical functions, along with helping both programs mature by evaluating the current state and recommending program and capability improvements.You will develop and maintain a deep understanding of the insider threat and cyber threat landscapes, by utilizing threat intelligence related to insider threats, along with threat actor Tactics, Techniques and Procedures (TTPs), and their associated threats, to support mitigation efforts while leveraging frameworks such as MITRE ATT&CK.This position requires strong threat hunting and insider threat investigation skills, and advanced knowledge of cybersecurity fundamentals and concepts. Success in this role demands an independent, thorough, and adaptable individual who can deliver accurate and complete intelligence outputs. Key Responsibilities - Hands-on experience in designing and executing proactive, hypothesis-driven threat hunts across endpoints, networks, and cloud environments, leveraging threat intelligence and behavioral indicators to uncover hidden threats.- Apply deep knowledge of attacker tactics, techniques, and procedures (TTPs) to build proactive detections and alerts for potential adversary activities, leveraging threat intelligence and analytical insights.- Skilled in using security platforms such as Extended Detection and Response (XDR) and Security Information and Event Management (SIEM), along with the ability to analyze logs from diverse sources including Windows, Linux, cloud environments, and network devices.- Hands-on experience in Insider Threat, including conducting sensitive investigations, use case development, detection development and Insider Threat platforms such as User and Entity Behavior Analytics (UEBA), User Activity Monitoring (UAM), or similar technologies.- Conduct comprehensive monitoring and analysis of insider threat indicators. Preserve evidence, prepare detailed reports, and present findings to key stakeholders, including HR and Legal.- Drive the evolution of the Insider Threat and Threat Hunt programs by advising on best practices, maintaining thorough documentation, enhancing metrics, and implementing improvements to increase organizational resilience.- Good knowledge of the cyber threat landscape (preferably in the financial sector) and the ability to communicate those threats to senior leadership, technical and non-technical audiences.- Apply frameworks (Ex. MITRE ATT&CK) to enhance detection and response.- Skilled in automation, including intelligence gathering and processing using scripts or platforms (e.g., python, APIs, STIX/TAXII).- Produce written reports, threat assessments, and briefings for technical and non-technical stakeholders.- Collaborate closely within and outside of the CTM team.- Participate, as needed, in technical incident response activities.- Actively participate in tabletop exercises and red/blue/purple team activities.- Interface with stakeholders within Cyber Defense, the broader security organization, and those outside of security such as technology, fraud, HR and other lines of business partners.- Provide mentorship and technical guidance to junior analysts and cross-functional partners.- Lead by example in fostering a culture of curiosity, rigor, and continuous learning within these functions.- Demonstrated presentation development; tailors the message as needed; comfortable presenting to all levels; strong writing skills;
