Security Threat Intelligence EngineerCloud Security Services • US
Security Threat Intelligence Engineer
Cloud Security Services • US
30+ days ago
Job type
- Full-time
- Quick Apply
Job descriptionCollecting, processing, and analyzing information regarding security threats provides indication and warnings of impending attacks. Producing and disseminating intelligence products, advisories or tailored reports. Analyze and report on unique attack vectors, emerging cyber threats, and current trends used by malicious actors. Daily threat intelligence monitoring through open and closed sources. Continually improve how the threat intelligence team works, including creation of run books, procedures, automation or other efficiencies. Maintain, develop and continually analyze threat data / intelligence sources, both technical and non-technical. Identify, evaluate and communicate new and ongoing cyber security threats through regular and ad-hoc reporting; produce intelligence briefings, attribution reports, and position papers. Produce concise tactical warning bulletins and other analytic reports that detail daily findings, events, and activities. Conduct collection and support attribution and analysis from incident response and threat hunting functions case findings. Collection and analysis of All-Source intelligence, research data from multiple intelligence providers in order to analyze findings and produce quality Intelligence Products. Support threat hunts and purple teaming endeavors to identify threat actor groups and their techniques, tools, and processes utilizing threat intelligence. Analysis of anomalous log data, and results of collaborative team sessions to detect, and eradicate threat actors on the network. Analyze and support security incidents for further enrichment of detection and alerting capabilities. Continuously improve processes for use across detection sets for more efficient operations. Generate reporting of trending metrics. Acquire threat intelligence and technical indicators from external sources; develop tactical intelligence and technical indicators internally and collaborate with the incident response often. Evaluate data sources for consideration in the improvement and expansion of the threat intelligence program. Required Skills Solid understanding of common and advanced threats, penetration / intrusion techniques and attack vectors such as Malware analysis APT / Crimeware ecosystems Exploit kits Cyber Hunting Cyber Threat intelligence Software vulnerabilities & exploitation Data analysis Knowledge of current hacking techniques, cyber threat actors, attribution concepts, security analysis techniques, recent cyber incidents and vulnerability disclosures. Understanding of common threat analysis, and threat modeling techniques used in CTI such as diamond model, kill chain, F3EAD, MITRE ATT&CK framework, and the threat intelligence lifecycle. Competency in using common intelligence datasets obtained from information sharing sources, malware collections, and other internet derived data. Threat Intelligence Platform (TIP) Threat intelligence feeds STIX, MISP and TAXII frameworks Open Source Intelligence feeds and tools (OSINT) Malware Analysis / Reversal Tools Security Incident and Event Monitoring (SIEM) Security Orchestration, Automation & Response (SOAR) Network sniffers and packet tracing tools. Threat Intelligence Platforms (TIP) Security Information& Event Management (SIEM) Intrusion Detection& Prevention (IDS / IPS) End Point Detect& Response (EDR) Email and Web filtering technologies link-analysis methods and software (e.g., Maltego, Analyst Notebook) Familiarity with : Cloud platforms - AWS, Azure, GCP etc. Meraki dashboard and products Ability to write custom query logic for major Security Incident and Event Monitoring (SIEM) tools. Ability to write SQL to search data warehouse databases. A minimum of 10 years of information security experience with at least 7 years of experience with all-source cyber intelligence and analysis; or the equivalent combination of higher education and / or real-world experience. Have experience working on threat intelligence teams with specific experience in cyber threat intelligence, cybersecurity operations, security monitoring, malware analysis, threat hunting, and / or adversary emulation. Strong analytical reasoning skills with the ability to recognize and evaluate facts, objectively analyze events, blend and organize threat data from multiple sources. Experience conducting intelligence research using existing tools, analyze data, making connections for purposes of creating intelligence products. Possess organizational multitasking and commitment to follow-up. Ability to develop specific expertise, discern patterns of complex threat actor behavior, and communicate an understanding of current and developing cyber threats. Ability to communicate intelligence and analysis of cyber threats in various forms (written production; briefings) to varying audiences. Understand common threat actor tactics, techniques, and procedures (TTPs) and how they are chained together. Experience in working with a geographically diverse team in multiple time zones around the globe. Broad experience managing complex projects, particularly projects requiring support and partnership outside your immediate team. Ability to create and / or re-architect new and existing solutions in a scalable manner. Are able to work independently and identify areas of need in highly ambiguous and time-sensitive situations. Demonstrated familiarity and expertise with data analytics tools like Splunk, ELK, Snowflake or other searchable big data solutions. Excellent analytical skills. Collaborative team worker – both in person and virtually using WebEx or similar. Excellent documentation skills; demonstrated proficiency in Microsoft Office including Word, Excel and PowerPoint. Ability to work as liaison between business and information security / information technology. Flexibility to accommodate working across different time zones. Ability to work PST (Pacific Time Zone). Excellent interpersonal communication skills with strong spoken and written English. Business outcomes mindset. Solid balance of strategic thinking with detailed orientation. Self-starter, ability to take initiative. Project management and organizational skills with attention to detail. Digital Forensics, Incident Response, Threat Detection, Application Security, Cloud Security, Offensive Security. Networking experience with LAN / WAN routing and high availability (OSPF, BGP4 / iBGP, EIGRP, and NSRP) routing protocols and technologies. Considerable working knowledge in one or more of the following topics APT, Cybercriminals, financially motivated cyber groups, Hacktivism, DDoS attack methods, malware variants, Mobile and Emerging Threats, Social Engineering, Insider Threats. Broad network and technology awareness, with the ability to convey complex or technical topics in a clear and concise manner. Required Education Bachelor's degree (BA / BS) in Computer Science from four-year college or university; or equivalent training, education, and work experience. Cybersecurity certifications such as CISSP, CISM, etc. Preferred Education Cybersecurity certifications such as CISSP, CISM, etc. Powered by JazzHR
About the opportunity :
- Cloud Security Services is seeking a Security Threat Intelligence Engineer Consultant to support their Threat Management Threat Intelligence team objectives to ensure cyber threats are continuously evaluated for risk and impact to client, customers, third parties, infrastructure, and wider ecosystem for all environments.
- This is a 6-month remote opportunity.
Responsibilities :
Familiarity with the following tools :
Preferred Skills Relevant industry security certifications such as CISSP, SANS GIAC (e.g. GCTI, GCIH, GNFA, GCFE, GCFA, GREM), AWS certifications (SAA, SAP, or SCS), etc. Experience developing and presenting cybersecurity topics in written products and presentations, including conference presentations, webinars, and blog posts. Familiarity with other security verticals such as :
Create a job alert for this search
Security Engineer • US
Related jobs
Senior Purview Specialist Location : .Remote US Citizenship / Authorization : Must be authorized to work in the US (US Citizenship Preferred) BlueVoyant is currently seeking an experienced Senior Purvi...Show more
Role Overview Mercor is partnering with a frontier AI lab to support the evaluation of AI-generated videos.We are seeking detail-oriented video rating experts to assess whether visual outputs from ...Show more
Brush Creek Solutions (BCS) is seeking experienced Background Investigators (preferably DCSA and DHS credentialed) to join our nationwide professional team as independent contractors (1099).Top rea...Show more Role Overview : • • Mercor is partnering with a leading AI lab to improve their models’ video understanding.Experts will watch videos and clip segments with visual and audio information that accords t...Show more 
Our employees are unified in a shared dedication to our customers’ mission and quest for professional growth.Fundamental to our culture is an unwavering focus on values, dedication to our communiti...Show more
Mastercard powers economies and empowers people in 200+ countries and territories worldwide.Together with our customers, we’re helping build a sustainable economy where everyone can prosper.We supp...Show more
At Palo Alto Networks® everything starts and ends with our mission : .Being the cybersecurity partner of choice, protecting our digital way of life.
Our vision is a world where each day is safer and m...Show more
Mercor is recruiting • •Training and Development Specialists • • as independent contractors working on a research project • •for one of the world’s top AI companies.
This project involves using your pro...Show more
At Boeing, we innovate and collaborate to make the world a better place.We’re committed to fostering an environment for every teammate that’s welcoming, respectful and inclusive, with great opportu...Show more
Title : Senior Manager Product Security.Testing and reviewing web applications / services written in Java, C / C++, and mobile languages.
Securing AWS and GCP environments using IaC.Engage in and improve...Show more
We’re looking for a seasoned Cloud Security Engineer with deep expertise in digital forensics, cloud infrastructure, and automation.
This role blends investigative rigor with modern cloud security p...Show more
Build the machines that build the future — hands-on electrical work, global travel, and innovation await!.This Jobot Job is hosted by : Jamie Beene.
Are you a fit? Easy Apply now by clicking the "App...Show more
This position will be fully remote and can be hired anywhere in the continental U.Additionally this position requires a CJIS Background Check and Fingerprinting as part of the onboarding process.Ne...Show more Cloud Security Services is seeking a Security Project Manager Consultant to support their Threat Management team and objectives by leading, coordinating, and delivering security project milestones ...Show more 
Job Description- PROVEN TRACK RECORD AS A CYBERSECURITY LEAD Firewall experience - Fortinet VPN Tunnels ...Show more
Customs and Border Protection (CBP) offers those interested in a career in law enforcement an exceptional opportunity to work with an elite team of highly trained professionals whose camaraderie, p...Show more At Boeing, we innovate and collaborate to make the world a better place.We’re committed to fostering an environment for every teammate that’s welcoming, respectful and inclusive, with great opportu...Show more Role Overview • • Mercor is collaborating with a leading AI research lab on a project to advance frontier physics problem-solving.
We are looking for physics experts who hold a • •PhD or Master’s degre...Show more
Senior Purview Specialist
BlueVoyant • (Multiple States), US
Full-time
Quick Apply
Last updated: 8 days ago
Video Filtering Expert
Mercor • NULL, NULL, US
Remote
Full-time
Last updated: 13 days ago • Promoted
Background Investigator (1099)
Brush Creek Solutions • USA
Full-time
Quick Apply
Last updated: 30+ days ago
Audio Clipping Expert
Mercor • NULL, NULL, US
Remote
Full-time
Last updated: 13 days ago • Promoted
Cyber Intelligence, Security Systems
L3Harris Technologies • US
Full-time
Last updated: 4 hours ago • Promoted • New!
Applications Cyber Security Lead Architect
Mastercard • US
Full-time +1
Last updated: 4 hours ago • Promoted • New!
Consulting Director, Cloud Security, Proactive Services (Unit 42) - Remote
Palo Alto Networks • United States
Remote
Full-time
Last updated: 18 days ago • Promoted
Training and Development Specialists
Obsidian • NULL, NULL, US
Remote
Full-time
Last updated: 1 day ago • Promoted
Associate or Mid-Level Software Security Engineer
Boeing • US
Permanent +1
Last updated: 4 hours ago • Promoted • New!
Senior Manager Product Security
Two95 International Inc. • US
Remote
Full-time
Quick Apply
Last updated: 30+ days ago
Remote Cloud Security Engineer
Insight Global • United States
Remote
Full-time
Last updated: 5 hours ago • Promoted • New!
Sales Engineer – Security Integration
Jobot • US
Full-time
Last updated: 9 hours ago • Promoted • New!
Sr. Network Security Engineer | Remote, USA
Optiv • United States
Remote
Full-time
Last updated: 2 days ago • Promoted
Security Project Manager
Cloud Security Services • US
Full-time
Quick Apply
Last updated: 30+ days ago
Cybersecurity Engineer
VSG Business Solutions LLC • United States
Quick Apply
Last updated: 3 hours ago • New!
Border Patrol Agent
U.S. Customs and Border Protection • Nowata, Oklahoma, US
Permanent
Last updated: 30+ days ago • Promoted
Product Security Engineer
Boeing • US
Permanent
Last updated: 1 hour ago • Promoted • New!
Physics Expert (PhD, Master's, or Olympiad Participants)
Mercor • NULL, NULL, US
Remote
Full-time
Last updated: 13 days ago • Promoted