Senior Cyber Threat Analyst

About BBH

Brown Brothers Harriman (BBH) is a premier global financial services firm, known for premium service, specialist expertise, technology solutions and partnership approach to client management. Across Investor Services and Capital Partners, we work with an enviable roster of sophisticated clients who make BBH their first call when they are tackling their hardest challenges. Delivering for our clients and each other energizes us.

We believe that how we do our work is just as important as what we do. We are relentless problem solvers who know our best ideas come from collective debate and development—so we are never possessive about our ideas. Every day we come together as a diverse community of smart and caring people to deliver exceptional service and expert advice—creating success that lasts. No matter where you sit in the organization, everyone is empowered to contribute their ideas. BBHers can pick up the phone and call any colleague, and they are happy to help. Expanding your impact beyond your daily role is part of how we operate as trusted partners to one another.

We believe stability is a competitive advantage, but being stable means having the knowledge, skill, and discipline to evolve, often—pushing the boundaries of innovation. As a private partnership, every investment we make is in the relationships, technologies, products and development we believe are in the long‑term interests of our clients and our people. Our long‑tenured leaders are experts in their areas and are actively involved in the day‑to‑day business, taking the time to provide guidance and mentoring to build the next generation of BBHers. Because we know, our success begins with yours.

Go to BBH.com to learn more about our rewards and benefits, philanthropy, approach to sustainability or how we support you to thrive personally, physically and financially.

We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, age, genetic information, creed, marital status, sexual orientation, gender identity, disability status, protected veteran status, or any other protected status under federal, state or local law.

Position Overview

At BBH, Partnership is more than a form of ownership—it’s our approach to business and relationships. We know that supporting your professional and personal goals is the best way to help our clients and advance our business. With a 200‑year legacy and a shared passion for what’s next, this is the right place to build a fulfilling career.

As a Senior Cyber Threat Analyst within our Cyber Threat Monitoring Team, you will play a critical role in strengthening the organization’s ability to detect, investigate, and respond to advanced cyber threats. This role emphasizes technical threat hunting, incident response, and advanced SOC investigation support, while leveraging Cyber Threat Intelligence (CTI) to guide detection, response, and proactive defense strategies.

You will serve as a senior escalation resource for complex investigations, proactively hunt for adversary activity across enterprise security telemetry, and work closely with SOC analysts, detection engineers, and security leadership to improve the organization’s detection and response capabilities.

Collaborating with cross‑functional teams and interfacing with organizational leaders, you will contribute to innovative detection and response capabilities that protect our networks, systems, data, employees, and clients. The ideal candidate will have strong hands‑on SOC or incident response experience, an analytical mindset, a passion for continuous learning, and the ability to translate threat intelligence into actionable detection and response improvements.

Duties and Responsibilities

• Lead and support advanced SOC investigations, incident response activities, and Tier‑3 escalations, providing deep technical analysis of security alerts, anomalous behavior, and suspected malicious activity
• Perform proactive threat hunting activities across enterprise security telemetry including SIEM, EDR, identity, network, and cloud logs to identify previously undetected or emerging threats
• Analyze attacker behaviors and intrusion patterns to develop threat hunting hypotheses and detection strategies aligned with the MITRE ATT&CK framework
• Investigate complex security alerts and incidents, performing log analysis, endpoint analysis, and timeline reconstruction to determine root cause, scope, and impact
• Leverage internal telemetry, alerts, and IOC trends to identify threat patterns targeting the organization and opportunities for improved detection coverage
• Enhance threat detection and response capabilities by supporting the development and improvement of SOC detection logic, response procedures, escalation playbooks, and analyst decision trees
• Conduct proactive analysis of alert trends to identify gaps in detection coverage and recommend new or improved monitoring capabilities
• Utilize Cyber Threat Intelligence (CTI) sources to contextualize incidents, inform threat hunting efforts, and prioritize investigations
• Monitor open‑source, closed‑source, and vendor‑provided threat intelligence to stay abreast of emerging threats, vulnerabilities, and adversary tactics relevant to the organization
• Develop and maintain profiles of relevant threat actors, including tactics, techniques, and procedures (TTPs), and incorporate those insights into threat hunting and detection strategies
• Assist in SOC and Incident Response escalations, providing technical expertise and investigative support during security incidents
• Conduct threat, risk, and vulnerability assessments to provide actionable remediation and security control improvement guidance
• Collaborate with the Red Team and Cyber Incident Management to support red team exercises, incident response training, tabletop exercises, and detection validation
• Perform targeted access reviews and anomaly analysis across enterprise systems (Windows, Linux, databases, network infrastructure, cloud platforms) to identify suspicious activity
• Collaborate with DLP and other security teams on insider risk investigations and monitoring initiatives
• Contribute to the development and improvement of SOC procedures, threat hunting methodologies, and intelligence‑driven detection processes
• Collaborate with relevant stakeholders on security awareness messaging and threat awareness related communications

Required Qualifications

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field
• 5+ years of experience in Security Operations, Incident Response, Threat Hunting, Detection Engineering, and/or related cybersecurity roles
• Significant relevant experience (e.g., military cyber operations) may be considered in lieu of a degree
• Strong SOC experience investigating security alerts, performing incident response, and log analysis
• Hands‑on experience working with SIEM, EDR, and other enterprise security monitoring tools
• Familiarity with the MITRE ATT&CK Framework and attacker TTP analysis
• Excellent collaboration and communication skills, particularly in high‑stress situations
• Ability to produce clear technical and operational reporting for both technical teams and leadership
• Strong analytical skills and priority management

Nice to Have

• Master's degree in Cybersecurity, Computer Science, Information Technology, or related field
• Hands‑on experience in two or more of the following areas: Security Operations, Incident Response, Cyber Threat Intelligence, Threat Hunting, Detection Engineering, Security Engineering, Insider Threat Analysis, Digital Forensics, All‑Source Intelligence, Penetration Testing, Red Teaming, Network Security Management, Cyber Risk Management, Cloud Security, Vulnerability Management, Malware Analysis
• Experience in the financial services sector and familiarity with security best practices, regulatory requirements, and industry frameworks (e.g., NYDFS, FFIEC, NIST CSF, ISO 27001, SWIFT CSF)
• Experience developing detection logic and threat hunting queries using Splunk SPL, Microsoft KQL, or similar query languages
• Experience with endpoint, identity, and network monitoring technologies such as EDR, IDS/IPS, firewalls, WAF, DLP, UEBA, email security gateways, and sandboxing technologies
• Experience with Microsoft Sentinel and Defender (MDE, MDI, Defender for Cloud Apps) as well as other Microsoft security ecosystem tools
• Relevant certifications such as CISSP, GCIH, GCFA, GCIA, GSEC, GCTI, CTIA, Security+, Microsoft Security Operations Analyst Associate

Salary Range

NJ: $110,000 to $155,000 base salary + annual bonus target

BBH and its affiliates' compensation program includes base salary, discretionary bonuses, and profit‑sharing. The anticipated base salary range(s) shown above are only for the indicated location(s) and may differ in other locations due to cost of living and labor considerations. Base salaries may vary based on factors such as skill, experience and qualification for the role. BBH's total rewards package recognizes your contributions with more than just a paycheck—providing you with benefits that enhance your experience at BBH from long‑term savings, healthcare, and income protection to professional development opportunities and time off. Our programs support your overall well‑being.

Diversity & Inclusion

We value diverse experiences and transferable skillsets. If your career hasn't followed a traditional path, includes alternative experiences, or doesn't meet every qualification or skill listed in the job description, please go ahead and apply.