Talent.com
Security Threat Intelligence Engineer
Security Threat Intelligence EngineerCloud Security Services • US
Security Threat Intelligence Engineer

Security Threat Intelligence Engineer

Cloud Security Services • US
30+ days ago
Job type
  • Full-time
  • Quick Apply
Job description

About the opportunity :

  • Cloud Security Services is seeking a Security Threat Intelligence Engineer Consultant to support their Threat Management Threat Intelligence team objectives to ensure cyber threats are continuously evaluated for risk and impact to client, customers, third parties, infrastructure, and wider ecosystem for all environments.
  • This is a 6-month remote opportunity.

Responsibilities :

  • Collecting, processing, and analyzing information regarding security threats provides indication and warnings of impending attacks.
  • Producing and disseminating intelligence products, advisories or tailored reports.
  • Analyze and report on unique attack vectors, emerging cyber threats, and current trends used by malicious actors.
  • Daily threat intelligence monitoring through open and closed sources.
  • Continually improve how the threat intelligence team works, including creation of run books, procedures, automation or other efficiencies.
  • Maintain, develop and continually analyze threat data / intelligence sources, both technical and non-technical.
  • Identify, evaluate and communicate new and ongoing cyber security threats through regular and ad-hoc reporting; produce intelligence briefings, attribution reports, and position papers.
  • Produce concise tactical warning bulletins and other analytic reports that detail daily findings, events, and activities.   Conduct collection and support attribution and analysis from incident response and threat hunting functions case findings.
  • Collection and analysis of All-Source intelligence, research data from multiple intelligence providers in order to analyze findings and produce quality Intelligence Products.  Support threat hunts and purple teaming endeavors to identify threat actor groups and their techniques, tools, and processes utilizing threat intelligence.
  • Analysis of anomalous log data, and results of collaborative team sessions to detect, and eradicate threat actors on the network.  Analyze and support security incidents for further enrichment of detection and alerting capabilities.
  • Continuously improve processes for use across detection sets for more efficient operations.  Generate reporting of trending metrics.
  • Acquire threat intelligence and technical indicators from external sources; develop tactical intelligence and technical indicators internally and collaborate with the incident response often.
  • Evaluate data sources for consideration in the improvement and expansion of the threat intelligence program.
  • Required Skills                                                                   Solid understanding of common and advanced threats, penetration / intrusion techniques and attack vectors such as Malware analysis APT / Crimeware ecosystems Exploit kits Cyber Hunting  Cyber Threat intelligence  Software vulnerabilities & exploitation  Data analysis  Knowledge of current hacking techniques, cyber threat actors, attribution concepts, security analysis techniques, recent cyber incidents and vulnerability disclosures.  Understanding of common threat analysis, and threat modeling techniques used in CTI such as diamond model, kill chain, F3EAD, MITRE ATT&CK framework, and the threat intelligence lifecycle.
  • Competency in using common intelligence datasets obtained from information sharing sources, malware collections, and other internet derived data.

    • Familiarity with the following tools :

  • Threat Intelligence Platform (TIP)  Threat intelligence feeds  STIX, MISP and TAXII frameworks  Open Source Intelligence feeds and tools (OSINT)  Malware Analysis / Reversal Tools  Security Incident and Event Monitoring (SIEM)  Security Orchestration, Automation & Response (SOAR)  Network sniffers and packet tracing tools.  Threat Intelligence Platforms (TIP)  Security Information& Event Management (SIEM)  Intrusion Detection& Prevention (IDS / IPS)  End Point Detect& Response (EDR) Email and Web filtering technologies  link-analysis methods and software (e.g., Maltego, Analyst Notebook)  Familiarity with :     Cloud platforms - AWS, Azure, GCP etc.   Meraki dashboard and products   Ability to write custom query logic for major Security Incident and Event Monitoring (SIEM) tools.
  • Ability to write SQL to search data warehouse databases.
  • A minimum of 10 years of information security experience with at least 7 years of experience with all-source cyber intelligence and analysis; or the equivalent combination of higher education and / or real-world experience.   Have experience working on threat intelligence teams with specific experience in cyber threat intelligence, cybersecurity operations, security monitoring, malware analysis, threat hunting, and / or adversary emulation.
  • Strong analytical reasoning skills with the ability to recognize and evaluate facts, objectively analyze events, blend and organize threat data from multiple sources.
  • Experience conducting intelligence research using existing tools, analyze data, making connections for purposes of creating intelligence products.  Possess organizational multitasking and commitment to follow-up.
  • Ability to develop specific expertise, discern patterns of complex threat actor behavior, and communicate an understanding of current and developing cyber threats.   Ability to communicate intelligence and analysis of cyber threats in various forms (written production; briefings) to varying audiences.  Understand common threat actor tactics, techniques, and procedures (TTPs) and how they are chained together.
  • Experience in working with a geographically diverse team in multiple time zones around the globe.  Broad experience managing complex projects, particularly projects requiring support and partnership outside your immediate team.   Ability to create and / or re-architect new and existing solutions in a scalable manner.  Are able to work independently and identify areas of need in highly ambiguous and time-sensitive situations.
  • Demonstrated familiarity and expertise with data analytics tools like Splunk, ELK, Snowflake or other searchable big data solutions.  Excellent analytical skills.
  • Collaborative team worker – both in person and virtually using WebEx or similar.  Excellent documentation skills; demonstrated proficiency in Microsoft Office including Word, Excel and PowerPoint.  Ability to work as liaison between business and information security / information technology.  Flexibility to accommodate working across different time zones.  Ability to work PST (Pacific Time Zone).  Excellent interpersonal communication skills with strong spoken and written English.  Business outcomes mindset.
  • Solid balance of strategic thinking with detailed orientation.
  • Self-starter, ability to take initiative.
  • Project management and organizational skills with attention to detail.

    • Preferred Skills                                             Relevant industry security certifications such as CISSP, SANS GIAC (e.g. GCTI, GCIH, GNFA, GCFE, GCFA, GREM), AWS certifications (SAA, SAP, or SCS), etc.    Experience developing and presenting cybersecurity topics in written products and presentations, including conference presentations, webinars, and blog posts.  Familiarity with other security verticals such as :

  • Digital Forensics, Incident Response, Threat Detection, Application Security, Cloud Security, Offensive Security.
  • Networking experience with LAN / WAN routing and high availability (OSPF, BGP4 / iBGP, EIGRP, and NSRP) routing protocols and technologies.
  • Considerable working knowledge in one or more of the following topics APT, Cybercriminals, financially motivated cyber groups, Hacktivism, DDoS attack methods, malware variants, Mobile and Emerging Threats, Social Engineering, Insider Threats.  Broad network and technology awareness, with the ability to convey complex or technical topics in a clear and concise manner.   Required Education  Bachelor's degree (BA / BS) in Computer Science from four-year college or university; or equivalent training, education, and work experience.
  • Cybersecurity certifications such as CISSP, CISM, etc.
  • Preferred Education Cybersecurity certifications such as CISSP, CISM, etc.   Powered by JazzHR
    • Create a job alert for this search

    Security Engineer • US

    Related jobs
    Security Engineer

    Security Engineer

    MetroSys • (Multiple States), US
    Full-time
    Quick Apply
    Overview We are seeking a Security Engineer who can quickly secure and harden our environment.This role requires someone flexible, hands-on, and able to thrive in a small shop environment.The ideal...Show more
    Last updated: 30+ days ago
    Azure Security Engineer - Architect

    Azure Security Engineer - Architect

    Cloud Security Services • US
    Full-time
    Quick Apply
    Cloud Security Services is currently looking for an experienced Azure Security Consultant for our client.Our client requires an experienced consultant with experience in Azure Security with excelle...Show more
    Last updated: 30+ days ago
    Associate, Senior Technology Security Consultant (Remote)

    Associate, Senior Technology Security Consultant (Remote)

    Tylin • United States
    Remote
    Full-time
    Driven to unlock the potential in every system.Across five countries are 1,100 engineers, designers, and consultants collaborating to elevate the human experience, create more resilient communities...Show more
    Last updated: 30+ days ago • Promoted
    Lead Security Engineer (Remote - US)

    Lead Security Engineer (Remote - US)

    Jobgether • US
    Remote
    Full-time
    Quick Apply
    This position is posted by Jobgether on behalf of a partner company.We are currently looking for a.The Lead Security Engineer will guide and enhance enterprise security initiatives to ensure a mode...Show more
    Last updated: 30+ days ago
    Senior Architect, Artificial Intelligence Security - Databricks / Azure - Remote

    Senior Architect, Artificial Intelligence Security - Databricks / Azure - Remote

    Molina Healthcare • United States
    Remote
    Full-time
    We are seeking an experienced and forward-thinking Senior AI Security Architect to join our newly formed AI Security Architecture team. In this critical role, you will be responsible for designing a...Show more
    Last updated: 21 days ago • Promoted
    Application Security Engineer (Remote - US)

    Application Security Engineer (Remote - US)

    Jobgether • US
    Remote
    Full-time
    Quick Apply
    This position is posted by Jobgether on behalf of a partner company.We are currently looking for an.In this role, you will be responsible for safeguarding applications and services by implementing ...Show more
    Last updated: 30+ days ago
    Security Engineer

    Security Engineer

    Airitos • US
    Full-time
    Quick Apply
    This role is responsible for the support of comprehensive identity governance & access management solutions.It requires hand-on engineering and operational responsibilities supporting Sail...Show more
    Last updated: 30+ days ago
    Security Engineer, Infosec Operations

    Security Engineer, Infosec Operations

    Thrive • US
    Full-time
    Quick Apply
    About Us Thrive is a rapidly growing technology solutions provider focusing upon Cloud, Cyber Security, Networking, Disaster Recovery and Managed Services. Our corporate culture, engineering talent,...Show more
    Last updated: 30+ days ago
    Fully Remote Security Engineer

    Fully Remote Security Engineer

    Actalent • United States
    Remote
    Full-time
    Actalent is hiring a fully remote Security Engineer.As a Security Engineer, you will monitor, investigate, and respond to security threats across systems and networks. This role requires you to grow...Show more
    Last updated: 17 days ago • Promoted
    Security CIAM Okta Universal Directory Engineer

    Security CIAM Okta Universal Directory Engineer

    Cloud Security Services • US
    Full-time
    Quick Apply
    Cloud Security Services is currently looking for a Security Customer Identity and Access Management (CIAM) Okta Universal Directory Engineer for our client. Our client requires a Security Custo...Show more
    Last updated: 30+ days ago
    Security Engineer, Operational Technology- Remote (Anywhere in the U.S.)

    Security Engineer, Operational Technology- Remote (Anywhere in the U.S.)

    Jobgether • US
    Remote
    Full-time
    Quick Apply
    This position is posted by Jobgether on behalf of a partner company.We are currently looking for a.Security Engineer, Operational Technology – Remote. This role provides a unique opportunity to work...Show more
    Last updated: 23 days ago
    Threat Intelligence / OSINT Analyst

    Threat Intelligence / OSINT Analyst

    Jobgether • US
    Remote
    Full-time
    Quick Apply
    This position is posted by Jobgether on behalf of a partner company.We are currently looking for a.Threat Intelligence / OSINT Analyst. This role focuses on uncovering, analyzing, and producing acti...Show more
    Last updated: 14 days ago
    Application Security Software Engineer

    Application Security Software Engineer

    Cloudflare • Remote, Remote, United States
    Full-time
    At Cloudflare, we are on a mission to help build a better Internet.Today the company runs one of the world’s largest networks that powers millions of websites and other Internet properties for cust...Show more
    Last updated: 20 days ago • Promoted
    Security Threat Detection Engineer Consultant

    Security Threat Detection Engineer Consultant

    Cloud Security Services • US
    Full-time
    Quick Apply
    Cloud Security Services, a New Era Company, is seeking a Security Threat Detection Engineer Consultant to support client’s Threat Management objectives to build, maintain and improve thr...Show more
    Last updated: 30+ days ago
    IS Security GRC Platform Engineer - Remote

    IS Security GRC Platform Engineer - Remote

    Ochsner Health • United States
    Remote
    Full-time
    We've made a lot of progress since opening the doors in 1942, but one thing has never changed - our commitment to serve, heal, lead, educate,. At Ochsner, whether you work with patients.Come make a ...Show more
    Last updated: 8 days ago • Promoted
    Sr. Network Security Engineer | Remote, USA

    Sr. Network Security Engineer | Remote, USA

    Optiv • United States
    Remote
    Full-time
    This position will be fully remote and can be hired anywhere in the continental U.Additionally this position requires a CJIS Background Check and Fingerprinting as part of the onboarding process.Ne...Show more
    Last updated: 2 days ago • Promoted
    Principal Security Engineer, Application Security

    Principal Security Engineer, Application Security

    Trail of Bits • US
    Remote
    Full-time
    Quick Apply
    Founded in 2012 by 3 expert hackers with no investment capital, Trail of Bits is the premier place for security experts to boldly advance security and address technology’s newest and most challengi...Show more
    Last updated: 30+ days ago
    Security Engineer

    Security Engineer

    Raintree Systems, Inc • US
    Full-time
    Quick Apply
    Security Engineer Location : .Remote - (Designated States) This position is fully remote and may be performed from one of the following U. AL, AZ, FL, GA, IN, KS, MA, MI, MS, NC, NV, OR, PA, SC...Show more
    Last updated: 30+ days ago