At BBH, Partnership is more than a form of ownership—it’s our approach to business and relationships. We know that supporting your professional and personal goals is the best way to help our clients and advance our business. We take that responsibility seriously. With a 200-year legacy and a shared passion for what’s next, this is the right place to build a fulfilling career.
As a Senior Cyber Threat Analyst within our Threat Detection Team, you will make a significant impact in enhancing our ability to anticipate, detect, analyze, and respond to cyber threats and proactively mitigating cyber risks effectively. With a focus on Cyber Threat Intelligence (CTI) and Threat Hunting, you will lead efforts to strengthen our security posture through proactive threat analysis, intelligence production, and alignment with industry frameworks and best practice guidance. Collaborating with cross-functional teams and interfacing with organizational leaders, you will contribute to innovative detection and response capabilities that protect our networks, systems, data, employees, and clients. The ideal candidate will have a strong background in cybersecurity with an analytical mindset, a passion for continuous learning and growth, and expertise in enhancing detection capabilities and delivering strategic threat insights.
Duties and Responsibilities:
- Perform strategic and operational CTI functions, including producing and disseminating weekly, monthly, and quarterly emails, products, reports, and briefings on the evolving threat landscape to internal stakeholders and senior leaders
- Monitor open-source, closed-source, and vendor-provided threat intelligence and current events to stay abreast of emerging cyber risks, threats, vulnerabilities, trends, and best practices, and make recommendations for proactive defense strategies and continuous process improvements
- Enhance threat detection and response capabilities by supporting the development of SOC and incident response (IR) procedures, escalation playbooks, and analyst decision trees
- Analyze and identify the likely threats targeting the organization through analysis of alert and IOC trends and use this information to build threat intelligence reporting as well as develop threat hunting strategies
- Develop and maintain threat profiles of relevant threat actors likely to or actively targeting the organization, including a catalog of their tactics, techniques, and procedures (TTPs) aligned with the MITRE ATT&CK framework
- Assist in SOC and IR escalations and investigations, providing expert guidance and context to ensure IR-related actions are threat-informed, effective, and timely
- Conduct threat, risk, and vulnerability assessments to provide actionable and prioritized remediation and control enhancement guidance to relevant control and system owners
- Work with Vulnerability Management to assist with developing and implementing threat-informed patch prioritization efforts, including through direct engagement with systems owners
- Collaborate with the Red Team and Cyber Incident Management to develop relevant red team assessments, penetration tests, incident response trainings, and tabletop exercises
- Using a threat-informed approach, plan and perform threat hunting activities by proactively searching across various logs within the Security Incident and Event Management (SIEM) solution and other security tools to identify previously undetected and unknown anomalous and malicious activity and indicators
- Conduct proactive analysis of alert trends to support intelligence reporting and to identify and prioritize missing or ineffective detection capabilities
- Perform privileged and general user access reviews across various platforms (Windows, Unix/Linux, RHEL, databases, network components, applications, cloud infrastructure) to identify anomalies and escalate appropriately
- Collaborate with DLP and other security teams on insider risk initiatives, collaborating and coordinating efforts to identify and mitigate potential threats from within
- Develop and uphold procedures, standards, and policies for CTI and threat hunting processes
- Collaborate with relevant stakeholders on security awareness messaging and training
Required Qualifications:
- Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field
- 5+ years of experience in Cyber Threat Intelligence, Security Operations, Incident Response, Threat Hunting, and/or related roles
- Significant relevant experience (e.g., military) in one or more of the above roles may be considered in lieu of a degree
- Familiarity with the Intelligence Cycle, Threat Intelligence Platforms, and the MITRE ATT&CK Framework
- Excellent collaboration and communication skills, particularly in high-stress situations
- Ability to produce products at the tactical, operational, and strategic level and to articulate findings and assessments effectively
- A desire to understand and maintain awareness of changes to the cyber threat and risk landscape, including related geopolitical risks that may impact our overall security posture
- Strong analytical skills and priority management
Nice to Have:
- Master’s degree in Cybersecurity, Computer Science, Information Technology, or related field
- Hands-on experience in three or more of the following areas: Security Operations, Incident Response, Cyber Threat Intelligence, Threat Hunting, Detection Engineering, Security Engineering, Insider Threat Analysis, Digital Forensics, All-Source Intelligence, Penetration Testing, Red Teaming, Network Security Management, Cyber Risk Management, Cloud Security, Vulnerability Management
- Experience in the financial services industry and familiarity with security best practices and frameworks (e.g., FFIEC, NIST CSF, ISO 27001, SWIFT, NYDFS, OWASP)
- Experience with threat hunting and developing custom detection rules using query languages in a SIEM (e.g., Splunk SPL) and/or other log sources (e.g., Microsoft Advanced Hunting KQL)
- Experience with perimeter, host, and identity defense and monitoring technologies such as EDR/AV, IDS/IPS, Firewalls, WAF, DLP, UEBA, email gateway, sandboxing, and other security tools and terminology
- Familiarity with risk scoring, threat analysis, threat hunting, and threat modeling techniques.
- Experience with Microsoft Defender (MDE, MDI, Defender for Cloud Apps) and Purview Insider Risk Management
- Relevant certifications such as CISSP, GCIH, GSEC, GCTI, CTIA, CEH, Security+
- Experience with programming or scripting (Python, SQL, Powershell)
Salary Range
$95,000-$155,000
BBH’s compensation program includes base salary, discretionary bonuses, and profit-sharing. The anticipated base salary range(s) shown above are only for the indicated location(s) and may differ in other locations due to cost of living and labor considerations. Base salaries may vary based on factors such as skill, experience and qualification for the role. BBH’s total rewards package recognizes your contributions with more than just a paycheck—providing you with benefits that enhance your experience at BBH from long-term savings, healthcare, and income protection to professional development opportunities and time off, our programs support your overall well-being.
We value diverse experiences. We value diverse experiences and transferrable skillsets. If your career hasn’t followed a traditional path, includes alternative experiences, or doesn’t meet every qualification or skill listed in the job description, please do go ahead and apply.
About BBH:
Brown Brothers Harriman (BBH) is a premier global financial services firm, known for premium service, specialist expertise, technology solutions and partnership approach to client management. Across Investor Services and Capital Partners, we work with an enviable roster of sophisticated clients who make BBH their first call when they are tackling their hardest challenges. Delivering for our clients and each other energizes us.
We believe that how we do our work is just as important as what we do. We are relentless problem solvers who know our best ideas come from collective debate and development—so we are never possessive about our ideas. Every day we come together as a diverse community of smart and caring people to deliver exceptional service and expert advice—creating success that lasts. No matter where you sit in the organization, everyone is empowered to contribute their ideas. BBHers can pick up the phone and call any colleague, and they are happy to help. Expanding your impact beyond your daily role is part of how we operate as trusted partners to one another.
We believe stability is a competitive advantage, but being stable means having the knowledge, skill, and discipline to evolve, often—pushing the boundaries of innovation. As a private partnership, every investment we make is in the relationships, technologies, products and development we believe are in the long-term interests of our clients and our people. Our long-tenured leaders are experts in their areas and are actively involved in the day-to day business, taking the time to provide guidance and mentoring to build the next generation of BBHers. Because we know, our success begins with yours.
Go to BBH.com to learn more about our rewards and benefits, philanthropy, approach to sustainability or how we support you to thrive personally, physically and financially.
We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, age, genetic information, creed, marital status, sexual orientation, gender identity, disability status, protected veteran status, or any other protected status under federal, state or local law.