The Threat Intelligence Team is responsible for developing actionable intelligence on immerging cyber threats. We collect indicators and intelligence from internal and external sources and use that information to develop defensive measures against threat actor tactics, techniques, and procedures. We then leverage those measures to proactively identify and mitigate malicious activity.
We are seeking a skilled Senior Threat Intelligence Engineer to help further develop our threat intelligence program. The ideal candidate should be familiar with threat intelligence principles and have experience in developing information in furtherance of an intelligence driven strategy. The candidate should be familiar with threat actor Tactics, Techniques and Procedures (TTP), techniques for analyzing large amounts of data, and Open-Source Intelligence concepts. They will formulating new analytic techniques and strategies while working across teams to further enhance our capabilities.
• Actively research emerging security threats and trends to include techniques leveraged by ATP actors, criminal enterprises, and others
• Analyze large datasets for anomalies indicative of malicious activity
• Create inventive security techniques deployable across the enterprise to strengthen our defense-in-depth posture
• Create strategies to address new and emerging threats within a rapidly changing landscape
• Work collectively with other teams within the enterprise to strengthen and evolve our defensive strategy
• Assist with finding the proper balance between business needs and security
• Mentor Associate Threat Intelligence Engineers
• Bachelor's degree or higher in Threat Intelligence, Information Security, Information Technology, Computer Science, Math, or related disciplines. Relevant experience in Threat Intelligence, Information Security, or Information Technology will be considered in combination with or, in lieu of, a degree.
• 5 years of experience in threat intelligence, cyber investigations/intelligence, tracking threat actor behaviors, including investigating, researching, or analyzing online threat actor TTPs (Tactics, Techniques and Procedures)
• Knowledge of Advanced Persistent Threats (APT) tactics, techniques, and procedures
• Understanding of common attack techniques such as reconnaissance, scanning, exploitation, pivoting, and persistence
• Understanding of networking protocols such as ARP, TCP/IP, DNS, HTTP, and TLS
• Familiarity with a variety of operating systems to include Windows, Linux, and MacOS.
• Understanding of process executions within various operating systems
• Outstanding written and oral communication skills and the ability to prioritize work
• Proven ability to translate complex information sets into specific recommendations that can be utilized by the network and security teams to enhance our security posture
• Familiarity with cyber threats, defenses, motivations and techniques
• Experience with intelligence analysis tools, methods and the intelligence lifecycle
• Experience developing raw information into actionable intelligence
• Ability to write analytical information products
• Familiarity with the MITRE ATT&CK Framework
• Experience in Python, PowerShell, or Bash scripting for automation
Jobcode: Reference SBJ-d5jx70-3-238-136-36-42 in your application.