Responsibilities
About the Team
The USDS FUSE Intelligence program is an all-hazards team that develops products and services with action-based outcomes to reduce and identify risk to TikTok USDS across multiple disciplines including cyber threat, criminal, protective and influence operations discovery intelligence. As part of FUSE, the Cyber Threat Intelligence (CTI) team tracks and analyzes cyber threats targeting TikTok's networks, platform, and customers. As a Cyber Threat Intelligence Analytic Engineer, the candidate will be responsible for both engineering and analytic duties in support of the Cyber Threat Intelligence team and other FUSE intelligence teams, building, operating, and analytically employing the technology ecosystem that supports analysis, intelligence curation, dissemination, and security operations.
Want more jobs like this?
Get Science and Engineering jobs in Washington, DC delivered to your inbox every week.
In order to enhance collaboration and cross-functional partnerships, among other things, at this time, our organization follows a hybrid work schedule that requires employees to work in the office 3 days a week, or as directed by their manager/department. We regularly review our hybrid work model, and the specific requirements may change at any time.
Responsibilities
- Maintain and tune data flows within a Threat Intelligence Platform (TIP) ; manage data and intelligence source integrations with the TIP; work with detection engineering and SOC team members to build out additional workflows and integrations with their tools and technologies.
- Develop automations to enhance intelligence collection and processing
- Identify and further develop and integrate intelligence sources (OSINT, external, internal data) and reporting processes
-Leverage emerging technologies (AI, LLMs) in the automation and execution of intelligence analytic activities on behalf of CTI and other FUSE teams
- Design and implement solutions providing access to internal data sources to facilitate intelligence analysis of both on and off-platform threats
-Work independently and collaboratively with other FUSE intelligence analysts to manipulate, enrich, and analyze large data sets in support of complex multi-disciplinary and cross-functional intelligence analysis.
Qualifications
Minimum Qualifications
-Prior experience integrating threat intelligence tooling, sources, and processes with security operations centers (SOCs), Hunt teams, Red Teams, and detection engineering teams.
-Proficiency in SQL and/or Python along with an understanding of the threat intelligence technology landscape and familiarity with Threat Intelligence Platforms, SIEMs, AI and LLMs, ticketing systems, as well as threat detection systems.
-Experience with cyber threat intelligence or threat monitoring, in a security or intelligence role within a global enterprise or intelligence vendor
- Understanding of basic CTI team operations in conjunction with a SOC, Incident Response team, Red Team, Threat Hunting, Threat Detection, or other core CTI stakeholders.
- Firm grasp of CTI analytic methodologies, tooling, and approaches to conducting threat actor analysis, TTP assessments, and contributing to detection engineering processes.
- Experience authoring intelligence products, having a clear grasp of the intelligence lifecycle, and ability to integrate intelligence into security workflows.
Preferred Qualifications:
- Excellent communication skills (verbal and written) along with teamwork and collaboration abilities on global and multi-functional teams with different intelligence source groups
- Demonstrates time management and prioritization skills
- Highly motivated to contribute and grow within a complex area of emerging importance in an enterprise environment
This role requires the ability to work with and support systems designed to protect sensitive data and information. As such, this role will be subject to strict national security-related screening.