Principal Financial Group Sr. Cyber Threat Intelligence Analyst - #222243 in Des Moines, Iowa

Job Area: ITBusiness Area: Information ServicesLocation: IA - Des MoinesCareer Category: Experienced ProfessionalFull/Part Time: Full-TimeRegular/Temporary: RegularDate Posted: 2018-09-14


Come join a team that is highly motivated, self-driven, and passionate about cyber defense! You will have the opportunity to help us build and mature our threat intelligence research platform and services. The Cyber Threat Intelligence (TI) Analyst will leverage their previous experiences with enterprise network defense to develop a comprehensive set of threat intelligence processes to support operational, tactical, and strategic decision making across the organization. You will work with the threat detection and hunt team, as well as others, to maximize our use of threat intelligence to improve cyber defenses.

Essential duties include:

  • Help define strategy and architecture for threat intelligence and cyber defense services

  • Perform day-to-day TI operations, including:

  • Source collection/management

  • Analysis and production

  • Security control integration

  • Dissemination

  • Sharing

  • Provide intel support during incident response activities, and directly assist with significant incidents as necessary

  • Establish and apply a methodology to consistently identify, classify, prioritize, and report on cyber threats.

  • Develop and maintain TI campaigns to track adversaries targeting our organization and industry

  • Prepare and deliver internal threat intelligence reports and briefings about threat actors, TTPs, and vulnerabilities.

  • Provide awareness to internal teams and leadership on changes to the cyber threat landscape.

  • Collect information on threats to the organization through communication with other partner institutions, mailing lists, open source news, and industry partnerships.

  • Leverage an intrusion framework, such as Kill Chain or Diamond, to develop a rich portfolio of threat actors’ tactics and activity that will support the ongoing improvement of network defenses.


  • Associate's or Bachelor's degree with a preference in a science, technology, engineering, or math related field or equivalent work experience (6 years of experience equates to an Associate’s degree when defining “equivalent work experience”)

  • 7+ years of IT related experience

  • 5+ years of experience working in a cyber defense or threat intelligence role

  • Experience and effective participation in threat intelligence, hunt, computer network defense, or incident response activities

  • Excellent written and oral communication skills

Additional preferred technical experience:

  • Familiar with intelligence enrichment sources and integration processes

  • Experience with common network defense languages/tools (yara, snort, bro, etc.)

  • Ability to communicate/interact with various audiences, including senior executives

  • Experience with threat intelligence management platforms and tooling

  • Intimate knowledge of the Cyber Kill Chain, Diamond Model of Intrusion Analysis, or other relevant network defense and intelligence frameworks

  • Experience with analyzing and interpreting data from multiple sources, documenting the results and providing meaningful analysis reports and briefings

  • Knowledge of the primary methods, procedures, and techniques of gathering information and producing, reporting, and sharing intelligence

  • Demonstrated knowledge of common adversary tactics, techniques, and procedures (TTPs)

  • Malware analysis skills and experience

  • Intelligence community experience

Keys to success in this position:

  • Passion for learning and staying abreast of new threats

  • Excellent written and oral communication skills

  • Anticipates customer needs (for threat intelligence) and proactively provides it

  • Works well in a team environment

  • Can draw accurate conclusions by integrating multiple independent sources of information, and when the details are ambiguous and incomplete

Learn more about our company!

As a member of Principal’s global IT community, you are part of a high-performing culture that promotes employee empowerment, innovation, collaboration, and career development while fostering flexibility between professional and personal responsibilities. The work you do while partnering closely with the business puts our customers’ needs first by shaping the financial security of millions of lives across the globe!

Principal was #29 on Computerworld’s list of 100 Best Places to Work in IT 2018 making it 17 years in a row on the list! Click the link to read all about it.

And, if you have 2 minutes, you'll want to watch this video about our company:

Job Level

Willing to consider applicants at multiple job levels.

Principal Code of Ethics

You may be required to comply with a Code of Ethics which covers personal trading activities for you and members of your household.

Additional Information

What’s next? Innovation at its finest.

We’ll review your application and if you’re selected for an interview, you’ll receive an invite for a pre-recorded interview experience. Haven’t done that before, don’t worry. We’ve got all the tips and tricks available to help you be successful. With a pre-recorded interview, you can add your own flair and personality – at your pace.

Be sure to check your email frequently. We’ll communicate our decisions through the email address used on your online profile. If you receive an email from our Principal Talent Acquisition Team, you’ve been selected to begin your pre-recorded interview experience and have a set time to submit.

Benefits designed with you in mind.

Because each employee is unique, our benefit packages give you lots of choices. We offer comprehensive benefits that helps contribute to the healthy, fulfilling life and gratifying work experience you deserve, at an affordable cost. Click here to see just a few benefits you’ll receive once you join our team.

Not an exact match for this role?

We’ve got a lot of opportunities, so check out some of the others. And creating an email alert on our career site will help you keep you connected and informed of opportunities you’re interested in with a just a few clicks!

Work Authorization/Sponsorship

At this time, we're not able to consider candidates who would need sponsorship now or in the future or those needing work authorization for this role. (This includes students on F1-OPT, F1-CPT, J-1, etc.) However, we’d hope you continue to keep us in mind for other potential opportunities in the future.

Principal is an Affirmative Action and Equal Opportunity Employer.

All qualified applicants will receive consideration for employment without regard to of age, race, color, religion, sex, gender identity, gender expression, pregnancy, national origin, citizenship status, disability, genetic characteristics, sexual orientation, marital status, domestic partner status, military status, protected veteran status, disability status or any other characteristic protected by law.