Security Threat Intelligence Engineer

August 29

Apply Now

Receive Emails with Similar Jobs

Cloud Security Services

WebsiteLinkedInAll Job Openings

Cybersecurity keeps you up at night ? Dont know where to start with zero trust ? Look no further.

Zero Trust • Workforce Identity and Access Management • Customer Identity and Access Management • Data Security (Rest and In Motion) • Perimeter-less Security

2 - 10

Description

• Cloud Security Services seeking a Security Threat Intelligence Engineer Consultant. • Support Threat Management Threat Intelligence team objectives for risk evaluation. • Responsibilities include collecting and analyzing security threat information, and producing intelligence products. • Conduct monitoring, analysis, and communication of cyber threats and incidents. • Continually improve processes and develop new procedures for threat intelligence activities.

Requirements

• Solid understanding of common and advanced threats, penetration/intrusion techniques and attack vectors such as Malware analysis APT/Crimeware ecosystems Exploit kits Cyber Hunting Cyber Threat intelligence Software vulnerabilities & exploitation Data analysis • Knowledge of current hacking techniques, cyber threat actors, attribution concepts, security analysis techniques, recent cyber incidents and vulnerability disclosures. • Understanding of common threat analysis, and threat modeling techniques used in CTI such as diamond model, kill chain, F3EAD, MITRE ATT&CK framework, and the threat intelligence lifecycle. • Competency in using common intelligence datasets obtained from information sharing sources, malware collections, and other internet derived data. • Familiarity with the following tools: Threat Intelligence Platform (TIP), Threat intelligence feeds STIX, MISP and TAXII frameworks, Open Source Intelligence feeds and tools (OSINT), Malware Analysis / Reversal Tools, Security Incident and Event Monitoring (SIEM), Security Orchestration, Automation & Response (SOAR), Network sniffers and packet tracing tools, Threat Intelligence Platforms (TIP), Security Information& Event Management (SIEM), Intrusion Detection& Prevention (IDS/IPS), End Point Detect& Response (EDR), Email and Web filtering technologies link-analysis methods and software (e.g., Maltego, Analyst Notebook) • Familiarity with: Cloud platforms - AWS, Azure, GCP etc., Meraki dashboard and products • Ability to write custom query logic for major Security Incident and Event Monitoring (SIEM) tools. • Ability to write SQL to search data warehouse databases. • A minimum of 10 years of information security experience with at least 7 years of experience with all-source cyber intelligence and analysis; or the equivalent combination of higher education and/or real-world experience. • Have experience working on threat intelligence teams with specific experience in cyber threat intelligence, cybersecurity operations, security monitoring, malware analysis, threat hunting, and/or adversary emulation. • Strong analytical reasoning skills with the ability to recognize and evaluate facts, objectively analyze events, blend and organize threat data from multiple sources. • Experience conducting intelligence research using existing tools, analyze data, making connections for purposes of creating intelligence products. • Possess organizational multitasking and commitment to follow-up. • Ability to develop specific expertise, discern patterns of complex threat actor behavior, and communicate an understanding of current and developing cyber threats. • Ability to communicate intelligence and analysis of cyber threats in various forms (written production; briefings) to varying audiences. • Understand common threat actor tactics, techniques, and procedures (TTPs) and how they are chained together. • Experience in working with a geographically diverse team in multiple time zones around the globe. • Broad experience managing complex projects, particularly projects requiring support and partnership outside your immediate team. • Ability to create and/or re-architect new and existing solutions in a scalable manner. • Are able to work independently and identify areas of need in highly ambiguous and time-sensitive situations. • Demonstrated familiarity and expertise with data analytics tools like Splunk, ELK, Snowflake or other searchable big data solutions. • Excellent analytical skills. • Collaborative team worker – both in person and virtually using WebEx or similar. • Excellent documentation skills; demonstrated proficiency in Microsoft Office including Word, Excel and PowerPoint. • Ability to work as liaison between business and information security / information technology. • Flexibility to accommodate working across different time zones. • Ability to work PST (Pacific Time Zone). • Excellent interpersonal communication skills with strong spoken and written English. • Business outcomes mindset. • Solid balance of strategic thinking with detailed orientation. • Self-starter, ability to take initiative. • Project management and organizational skills with attention to detail.