Role : Cyber Threat Intelligence Analyst
Location : Richardson,TX 5 days onsite
Only W2
Job Description
Cyber Threat Intelligence team reduces cyber risk by identifying the latest threats through research, information sharing within similar business organizations, vendors, and threat actor behavioral learning. The team monitors external threat actors to enable various TC security groups to take preventive measures against future threats that are likely to attack – and prioritize the risk mitigation efforts across the TC security infrastructure. We work with multiple cyber defense areas to accomplish this, providing an opportunity to learn new skills.
In addition to core CTI analysis, this role designs and operates LLM/RAG-based pipelines that ingest content from hundreds of external sources to produce timely, citation-backed briefs and enriched CTI artifacts (IOCs, TTPs, ATT&CK mappings). The role enforces Texas Capital’s Responsible GenAI principles — secure, approved tool usage; data minimization; audit logging; human-in-the-loop oversight; and transparent citations—to safely accelerate threat awareness and detection.
Responsibilities:
• Manage internal and external sources of intelligence, review threat reports/feeds, and distill threat information into actionable cyber threat intelligence reporting
• Write and provide cyber threat reports and briefings to executive, managerial, and front-line audiences, and respond to requests for information [RFIs] as needed
• Maintain and develop priority intelligence requirements [PIRs] in conjunction with strategic stakeholders
• Optimize threat models and MITRE ATT&CK mapping to ensure effective threat countermeasures are in place
• Research and document TTPs and share related knowledge with other members of the team to assist with threat hunting, detection writing and incident response
• Maintain awareness of cybercrime issues affecting financial institutions and related industries
• Operationalize LLM-powered intel summarization at scale. Design pipelines that aggregate and normalize content from hundreds of OSINT sites, ISACs, vendor portals, blogs, and social sources; generate daily/weekly executive and analyst briefs with citations to original sources.
• Use NLP/LLM models to extract and validate indicators, entities, and TTPs from raw reports; auto-tag with ATT&CK techniques to accelerate detection writing and threat hunting.
• Orchestrate summarization and enrichment jobs with existing CTI tooling (ticketing/SOAR/SIEM); publish structured outputs (STIX/TAXII, JSON) for downstream detection and IR teams.
• Partner with Security, Risk, and the AI Working Group to apply Firmwide AI usage policies, including human oversight, auditability, and data protection; operate only on approved GenAI platforms.
Basic Qualifications:
• Bachelor’s degree in computer science or a related field, or equivalent work experience
• Excellent verbal and written communication skills
• At least 3 years of information security experience
• At least 2 years of experience working in cyber threat intelligence or all-source intelligence applying intelligence lifecycle principles to cyber threat analysis
• Experience operationalizing LLM/RAG workflows to summarize cyber events from large, diverse sources; ability to produce analyst and executive briefs with verifiable citations.
• Understanding of Responsible AI principles (secure tool configuration, data minimization, audit logging, human oversight, transparency/citations) and how they apply in a regulated financial institutions
Preferred Qualifications:
• One or more of the following certifications (CISSP, CTIA, CRTIA, CTIS-II, GCTI, GCFA, GCIH, Security+)
• Experience working in the financial sector
• Knowledge of CTI tooling integrations (SIEM/SOAR, case management) and automation frameworks for scheduled summarization/enrichment jobs.
Never miss an opportunity! Create an alert based on the job you applied for.
