Specialist, Cyber Defense & Response

Job Classification:

Technology - Information Security

Are you interested in building capabilities that enable the organization with innovation, speed, agility, scalability, and efficiency? The Global Technology Operations team takes great pride in our culture where digital transformation is built into our DNA! When you join our organization at Prudential, you’ll unlock an exciting and impactful career – all while growing your skills and advancing your profession at one of the world’s leading financial services institutions.
 

Your Team & Role
As a Cyber Threat Intelligence (CTI) liaison supporting our Security teams, you will be instrumental in turning intelligence insights into actionable defense strategies. Your responsibilities include analyzing internal telemetry and external intelligence sources to identify indicators and trends. You will provide clear guidance on which patterns and telemetry security teams should monitor, and brief stakeholders on emerging threats. Additionally, you will enhance and automate processes to improve efficiency and integration, ensuring intelligence is seamlessly operationalized. This role is pivotal in equipping our first line of defense teams with the intelligence needed to anticipate and respond effectively to evolving threats.
 

Here is What You Can Expect on a Typical Day
• Act as the CTI point of contact for security operations teams, ensuring intelligence requirements are understood and fulfilled.
• Collect, analyze, and disseminate finished intelligence that supports tactical and operational decision-making.
• Perform ongoing evaluation of internal telemetry and external intelligence sources to identify relevant indicators, discern patterns, and track adversary behaviors and trends.
• Translate intelligence into actionable detection guidance for security operations teams, specifying which indicators and telemetry should be monitored to identify potential malicious activity.
• Deliver intelligence briefs to technical and business stakeholders, providing clear insights into threat activity and risk implications.
• Enhance and document CTI processes, ensuring continuous improvement and alignment with operational needs.
• Gather feedback from stakeholders and implement improvements to intelligence workflows and deliverables.
• Integrate threat intelligence into Security Information and Event Management (SIEM) and other security tools to enrich detection and response capabilities.
• Apply structured analytical frameworks (e.g., Diamond Model, MITRE ATT&CK) to assess threat campaigns and adversary behaviors.
• Translate telemetry and detection results from adversary emulation into clear guidance for security operations, helping them understand what signals to monitor if those tactics are used in actual attacks.
• Collaborate with internal teams and external partners to share intelligence and best practices.

The Skills & Expertise You Bring
• Experience with analysis of security events from multiple sources including but not limited to events from Security Information and Event Management (SIEM), XDR/EDR, network and host-based intrusion detection systems, firewall logs, and system logs (Unix and Windows).
• Understanding of SaaS and Cloud Service Providers.
• Complete understanding of the intelligence cycle including analytical methodologies such as Analysis of Competing Hypotheses and the Diamond model.
• Deep understanding of MITRE frameworks and the ability to apply them effectively, including ATT&CK for mapping adversary behaviors, ATLAS for addressing AI-related threats, D3FEND for identifying defensive techniques, and the Cyber Resiliency Engineering Framework (CREF) for integrating resiliency principles into security strategies.
• Experience defining Priority Intelligence Requirements.
• Experience with agile development methodologies.
• Ability to learn new skills and knowledge on an on-going basis through self-initiative and tackling challenges.
• Collaborative mindset with experience engaging external partners and industry groups.

Applied experience with several of the following:
• Cyber Threat Intelligence
• Digital Forensics
• Cyber Security Operations
• Cyber Incident Response
• Threat Hunting and Adversary Emulation
• Automation and Engineering
Preferred qualifications:
• GIAC certifications (GCTI, GMON, GSOC, GREM, GCFA, GNFA).
• Cloud security certifications (AWS Security, AZ-500).
• Experience with Python and PowerShell for automation.
• Familiarity with adversary emulation and threat hunting methodologies.

You’ll Love Working Here Because You Can
Join a team and culture where your voice matters; where every day, your work transforms our experiences to make lives better. As you put your skills to use, we’ll help you make an even bigger impact with learning experiences that can grow your technical AND leadership capabilities. You’ll be surprised by what this rock-solid organization has in store for you.

#hybrid

What we offer you:

Prudential is required by state specific laws to include the salary range for this role when hiring a resident in applicable locations. The salary range for this role is from $96,200.00 to $158,800.00. Specific pricing for the role may vary within the above range based on many factors including geographic location, candidate experience, and skills.

• Market competitive base salaries, with a yearly bonus potential at every level. 

• Medical, dental, vision, life insurance, disability insurance, Paid Time Off (PTO), and leave of absences, such as parental and military leave. 

• 401(k) plan with company match (up to 4%). 

• Company-funded pension plan. 

• Wellness Programs including up to $1,600 a year for reimbursement of items purchased to support personal wellbeing needs. 

• Work/Life Resources to help support topics such as parenting, housing, senior care, finances, pets, legal matters, education, emotional and mental health, and career development.  

• Education Benefit to help finance traditional college enrollment toward obtaining an approved degree and many accredited certificate programs.  

• Employee Stock Purchase Plan: Shares can be purchased at 85% of the lower of two prices (Beginning or End of the purchase period), after one year of service. 

Eligibility to participate in a discretionary annual incentive program is subject to the rules governing the program, whereby an award, if any, depends on various factors including, without limitation, individual and organizational performance. To find out more about our Total Rewards package, visit Work Life Balance | Prudential Careers. Some of the above benefits may not apply to part-time employees scheduled to work less than 20 hours per week.