Principal Cyber Threat Analyst

Make banking a Fifth Third better®

We connect great people to great opportunities. Are you ready to take the next step? Discover a career in banking at Fifth Third Bank.

GENERAL FUNCTION:

As a member of  the Information Security discipline, this role is responsible for assisting in the evaluation and development of systems security across the enterprise with an emphasis on detecting, responding and preventing cyber incidents.  They will will actively monitor, analyze and correlate network traffic utilizing the latest in security technology, evaluate security incidents, perform research and provide in-depth incident analysis. Additionally, they will review threat data from various sources and assess cyber intelligence to support in-depth analysis of various threats.  This position requires technical expertise and knowledge of security practices, procedures, and capabilities in order to perform non-repetitive, analytical work.

Responsible and accountable for risk by openly exchanging ideas and opinions, elevating concerns, and personally following policies and procedures as defined. Accountable for always doing the right thing for customers and colleagues, and ensures that actions and behaviors drive a positive customer experience. While operating within the Bank’s risk appetite, achieves results by consistently identifying, assessing, managing, monitoring, and reporting risks of all types.

ESSENTIAL DUTIES AND RESPONSIBILITIES:

• Mentorship & Leadership: Guide analysts through investigations and response activities; act as Incident Commander during active incidents and post-action events.
• Technical Oversight: Review alerts, refine triage techniques, coach on detection logic, and lead incident handling and documentation.
• Detection Building: Design playbooks, workflows, and detection content; participate in threat hunting and deep research analysis.
• Collaboration: Work with product owners and vendors to translate business priorities into security initiatives; assist in root cause analysis and remediation.
• Security Strategy: Ensure efforts support threat coverage, automation, and data quality; identify gaps in tooling and recommend solutions.
• Hiring & Training: Participate in interview panels, shape onboarding materials, and mentor junior analysts.
• Continuous Learning: Pursue certifications and training; share insights with the team and foster a learning culture.
• Incident Response: Monitor system logs, respond to incidents, and preserve forensic evidence; escalate issues with appropriate severity and action items.
• Risk Management: Promote information security awareness; manage and report risks; ensure actions drive positive customer experiences.
• SME Role: Maintain knowledge of security technologies; assist lines of business in developing secure solutions.
• Technical Assistance: Assess, implement, and manage security systems; provide technical assistance in detection and resolution of security problems.
• Project Oversight: Provide expertise and oversight for strategic Cyber projects to enhance capabilities and maturity.
• On-Call Rotation: Participate in on-call rotation to ensure timely response to incidents.

MINIMUM KNOWLEDGE, SKILLS AND ABILITIES REQUIRED:

• Bachelor’s Degree in Computer Science, Information Systems, or other related field, or other relevant experience.
• 6 to 8 years of experience with the analysis/investigation and containment of potential data breaches or cyber security incidents.
• Scripting/Coding experience  - Python, Regex, Yara as examples
• Knowledge of current hacking techniques, vulnerability disclosures, data breach incidents, and security analysis techniques
• Knowledge of malware families, botnets, threats by sector, and various attack campaigns and attacker methods, tools/techniques/practices
• Knowledge of cloud technologies including O365
• Common security controls is required including; authentication, encryption, IDS, WAFs, firewalls, HIPS, EDR, EPP, etc.
• Proficient in both Linux and Windows operating systems.
• Understanding of application protocols
• Strong analytical, tactical and critical thinking ability.
• Ability to handle multiple competing priorities in a fast-paced environment.
• Ability to communicate effectively across multiple levels
• Preferred CISSP, GIAC, or other relevant certification

Fifth Third Bank, National Association is proud to have an engaged and inclusive culture and to promote and ensure equal employment opportunity in all employment decisions regardless of race, color, gender, national origin, religion, age, disability, sexual orientation, gender identity, military status, veteran status or any other legally protected status.