Cybersecurity Analyst

First Republic is an ultra-high-touch bank that provides extraordinary client service. We believe that one-on-one interactions build lasting relationships. We move quickly to serve our clients’ needs so that their financial transactions are handled with ease and efficiency. Client trust and security are paramount in our line of business. Ultimately, our goal is unsurpassed client satisfaction which will lead to personal referrals – our number one source of new business. We recognize that our competitive advantage starts with our people and our culture. At First Republic, we work hard and move quickly as a very coordinated team. If you are looking for an opportunity to grow and contribute in a fun, fast-paced environment, First Republic is the place for you. We have exceptional people focused on providing extraordinary service.

As a member of the Information Security team, the Cybersecurity Analyst’s role is to protect the Bank from intrusions such as targeted threat actors, advanced/novel malware, hacking attempts, and other forms of cyber-attacks. Primary responsibilities will be developing threat intelligence, analyzing the Bank’s intrusion resistance, and leading efforts to automate, integrate, and aggregate the data and systems needed to make that analysis quickly and accurately.

Broad expertise in Information Security, strong analytical and interpersonal skills, and the ability to learn and grow in a rapidly evolving environment is required.

The Cybersecurity Analyst independently studies Internet traffic data from intelligence databases and ancillary sources in support of the Bank’s security goals, concerns and strategies. The Cybersecurity Analyst will use their understanding of Internet architecture and protocols, malware, packet structure and network vulnerabilities to proactively profile Internet activity, detect patterns and trends in intrusion techniques and practices, and identify the sources of intrusions.

Cybersecurity Analyst prepares descriptive and predictive analyses and communicates the results, meaning and significance in the form of oral or written reports. They may participate in the evaluation of tools and creation of customized methodologies and applications.

• Assesses and tracks changes to the global threat landscape and assesses the impact and exposure to the Bank and its' customers.
• Recommends corrective measures based upon actionable intelligence.
• Provides timely and actionable communications, via written reports and/or oral presentations, to management to understand and address cybersecurity threats and trends. 
• Researches and assesses external intelligence sources and makes recommendations to improve and augment intelligence gathering efforts.
• Acts as a subject matter expert to various internal groups on emerging threats.
• Assists in post event analysis for indicators of compromise makes recommendations for preventative measures.
• Perform duties & responsibilities specific to department functions & activities or as assigned by supervisor.
• Responsibilities include the following: 1) adhering to and complying with all applicable, federal and state laws, regulations and guidance, including those related to Anti-Money Laundering (i.e. Bank Secrecy Act, USA PATRIOT Act, etc.), 2) adhering to Bank policies and procedures, 3) completing required training, 4) identifying and reporting potential suspicious activity to the BSA/AML Officer, and 5) knowing and verifying the identity of any customer(s) that enters into a relationship with the Bank.

• Bachelor's degree or equivalent experience required.
• Proven analytical skills with an acute attention to detail and persistence.
• Excellent communication skills (verbally and written).
  Responses in email concerning incidents.
• Documentation of event or incident reports, vulnerabilities, and other technical information.
• Notifications and/or guidelines that are provided to the constituency.
• Internal development of Computer Security Incident Response Team (CSIRT) policies and procedures.
• Other external communications to staff, management, or other relevant parties.
• Strong networking knowledge.
• CCNA/CCNP certification desired; or equivalent of 5+ years of network engineering experience.
• Ability to understand network traffic (e.g. PCAP output)
• Understanding of Information Security practices and methodologies.
• Problem Solving
• Determine the relevance of the data provided.
• Identify what information is important, missing, or might be misleading or incorrect.
• Decide on how to handle that data.
• Knowing who else in the team they might contact or approach for additional information, creative ideas, or added technical insight.
• Recognizing and seeking additional information from other resources. (e.g., literature searches, past incidents that may involve similar activities, similarities in attack techniques or tools, other sources of information)
• Verifying information through alternative approaches.
  synthesizing information to determine relationships or to correlate with other incident data
• Relevant information security certifications (e.g. CISSP, CISM, GREM) recommended.
• Able to collaborate with peers to proactively determine indicators of compromise.
• Work independently; make decisions and multi-task effectively in a fast paced dynamic environment.
• Good understanding of current malicious code practices and techniques.
• Keeps current with contemporary standards, practices, procedures and methods Team player.
• Provides extraordinary service.
• Furthers the First Republic Bank culture and values.

Mental/Physical Requirements:

• The ability to learn and comprehend basic instructions; understand the meanings of words and respond effectively; and perform basic arithmetic accurately and quickly.
• Vision must be sufficient to read data reports, manuals and computer screens.
• Hearing must be sufficient to understand a conversation at a normal volume, including telephone calls and in person.
• Speech must be coherent to clearly convey or exchange information, including the giving and receiving of assignments and/or directions.
• Position involves sitting most of the time, but may involve walking or standing for brief periods of time.
• Must be able to travel in a limited capacity.