Threat Intelligence Engineer

About The Position

Requirements

• 2-4+ years of experience in cybersecurity, with at least 1-2 years specifically focused on threat intelligence or a closely related field (e.g., Security Operations Center (SOC) analysis).
• Strong understanding of core cybersecurity principles, including network protocols, operating systems, security architectures, and common attack vectors. Familiarity with basic malware analysis concepts.
• Solid foundational understanding of the threat landscape, including common threat actors and their objectives.
• Familiarity with threat intelligence frameworks and methodologies (e.g., MITRE ATT&CK, STIX/TAXII).
• Experience with or exposure to threat intelligence platforms (TIPs) and security information and event management (SIEM) systems.
• Strong analytical and problem-solving skills.
• Good written and verbal communication skills, with the ability to articulate technical findings clearly.
• A keen desire to learn and grow within the threat intelligence discipline.
• Ability to work independently and collaboratively in a team environment.

Nice To Haves

• Experience with scripting languages (e.g., Python) for simple data manipulation or automation is a plus.
• Familiarity with foundational concepts of malware analysis.
• Relevant cybersecurity certifications (e.g., CompTIA Security+, GCTI, etc.).
• Experience in a regulated industry environment.

Responsibilities

• Assist in the proactive research, identification, and collection of threat intelligence from various sources, including open-source intelligence (OSINT), commercial feeds, and internal security data.
• Analyze raw threat data to identify potential patterns and connections. Assist in correlating threat intelligence with internal security events and vulnerabilities. Focus on translating data into actionable technical indicators of compromise (IOCs) and contributing to the identification of adversary techniques.
• Draft clear and concise threat intelligence reports, briefings, and alerts for internal security teams (Security Operations, Incident Response).
• Assist in tracking and maintaining information on threat actors, including their motivations, capabilities, and tactics, techniques, and procedures (TTPs).
• Support the development of technical indicators of attack (IOAs) and indicators of compromise (IOCs) based on observed adversary behaviors. Assist in integrating these indicators into security tools.
• Monitor and analyze vulnerability disclosures and exploit trends to provide initial insights into potential risks.
• Stay up-to-date with current cyber security threats, vulnerabilities, and industry best practices. Share findings with the security operations and detection engineering teams.
• Assist in building relationships with internal teams. Help prepare regular threat landscape updates for technical stakeholders.

Benefits

• Opportunity to work with cutting-edge AI-driven cybersecurity technologies and Google SecOps solutions.
• Collaborate with a talented and innovative team focused on continuously improving security operations.
• Competitive salary and benefits package.
• A culture of growth and development, with opportunities to expand your knowledge in AI, cybersecurity, and emerging technologies.