Role Description
What You Will Do:
• Adversary Attribution & Mapping:
Collect, pivot, and analyze multi-source telemetry—including OSINT, commercial feeds, deep/dark web forums, and internal technical logs—to profile threat actors, track localized and global cyber campaigns, and map adversary TTPs directly to the MITRE ATT&CK framework.
• Detection Engineering & TIP Optimization:
Manage, tune, and optimize the Threat Intelligence Platform (TIP) to ingest, score, and deduplicate IOCs, collaborating with SIEM/SOAR and Detection Engineering teams to translate threat trends into actionable YARA, Sigma, and SIEM rules.
• Proactive Hypothesis-Based Hunting:
Partner with security teams to design and execute hypothesis-based threat hunting scopes and conduct retroactive hunts across data lakes and internal security platforms utilizing newly identified indicators and zero-day vulnerability intelligence.
• Incident Response Fusion & Advisory:
Provide real-time, context-driven intelligence support during active security incidents, delivering critical briefings on attacker infrastructure, capabilities, and intent to the Incident Response (IR), SOC, and DevSecOps teams.
• Strategic & Operational Intelligence Synthesis:
Synthesize complex, abstract technical data into high-impact threat assessments, flash reports, and threat actor profiles ("baseball cards"), contextualizing technical risks into actionable operational insights for both technical stakeholders and executive leadership.
Qualifications
• High School diploma equivalency with 2 years of cumulative experience OR Associate's degree/Bachelor's degree OR 4 years of applicable cumulative job specific experience required.
• Advanced proficiency in developing automation scripts (e.g., Python, PowerShell) to streamline CTI workflows, automated enrichment, data parsing, and tool/API integration.
• Hands-on experience with specialized external threat landscape and enrichment tools (e.g., DomainTools, Intel 471, Maltego, or VirusTotal Enterprise).
• Active advanced security or threat intelligence certifications, such as GIAC Cyber Threat Intelligence (GCTI), Certified Threat Intelligence Analyst (CTIA), or GIAC Certified Forensic Analyst (GCFA).
Benefits
• Paid time off (PTO)
• Various health insurance options & wellness plans
• Retirement benefits including employer match plans
• Long-term & short-term disability
• Employee assistance programs (EAP)
• Parental leave & adoption assistance
• Tuition reimbursement
• Ways to give back to your community