Job Summary:

We are seeking an experienced and technically proficient Staff Threat Intelligence Engineer to lead and advance our cyber threat intelligence operations. The successful candidate will be responsible for identifying, analyzing, and disseminating actionable intelligence on cyber threats to inform and enhance our security posture. This role requires both a deep understanding of threat actor behaviors and the ability to integrate intelligence into security operations and strategic decision-making.

Key Responsibilities:

• Lead the collection, analysis, and operationalization of cyber threat intelligence from internal telemetry, open-source intelligence (OSINT), commercial feeds, and trusted partners

• Track advanced persistent threats (APTs), cybercriminal campaigns, and emerging tactics, techniques, and procedures (TTPs)

• Correlate indicators of compromise (IOCs) with internal data sources to detect threats and enhance incident response

• Create and maintain detailed threat actor profiles and threat assessments tailored to the organization’s risk landscape

• Integrate threat intelligence with SIEM, SOAR, and detection engineering processes

• Develop and maintain detection rules and signatures using YARA, Sigma, and Suricata

• Provide timely and accurate tactical, operational, and strategic threat reports for technical teams and executive leadership

• Collaborate with security operations, incident response, vulnerability management, and cloud security teams to improve detection and response capabilities

• Mentor and guide junior threat intelligence analysts and contribute to internal threat research and tooling initiatives

• Automate and streamline threat intelligence workflows using scripting and programming languages

Professional Skills:

• Extensive knowledge of cyber threat intelligence frameworks and methodologies, including MITRE ATT&CK, Diamond Model, and Cyber Kill Chain

• Proficiency in scripting and programming languages such as Python, PowerShell, and Bash to automate intelligence collection and analysis

• Experience with threat intelligence platforms (e.g., MISP, Anomali, ThreatConnect), SIEM tools (e.g., Splunk, Sentinel, QRadar), and log/network analysis

• Strong background in malware analysis, network forensics, IOC correlation, and reverse engineering fundamentals

• Familiarity with cloud security threats and environments, including AWS, Azure, and Google Cloud Platform

• Expertise in STIX/TAXII standards, IOC lifecycle management, and creation of detection content such as YARA and Sigma rules

• Excellent analytical and problem-solving abilities focused on generating actionable intelligence

• Strong verbal and written communication skills, capable of presenting complex technical information to both technical and executive stakeholders

• Demonstrated leadership and mentoring skills, with experience guiding junior analysts and collaborating across security teams

• Ability to prioritize and manage multiple tasks effectively in high-pressure environments

• Strategic thinker with a comprehensive understanding of evolving cyber threat landscapes and organizational risk management