Cyber Threat Intelligence Analytic Engineer - USDS

In order to enhance collaboration and cross-functional partnerships, among other things, at this time, our organization follows a hybrid work schedule that requires employees to work in the office 3 days a week, or as directed by their manager/department. We regularly review our hybrid work model, and the specific requirements may change at any time.

Responsibilities
- Maintain and tune data flows within a Threat Intelligence Platform (TIP) ; manage data and intelligence source integrations with the TIP; work with detection engineering and SOC team members to build out additional workflows and integrations with their tools and technologies.
- Develop automations to enhance intelligence collection and processing
- Identify and further develop and integrate intelligence sources (OSINT, external, internal data) and reporting processes
-Leverage emerging technologies (AI, LLMs) in the automation and execution of intelligence analytic activities on behalf of CTI and other FUSE teams
- Design and implement solutions providing access to internal data sources to facilitate intelligence analysis of both on and off-platform threats
-Work independently and collaboratively with other FUSE intelligence analysts to manipulate, enrich, and analyze large data sets in support of complex multi-disciplinary and cross-functional intelligence analysis.

Qualifications

Minimum Qualifications
-Prior experience integrating threat intelligence tooling, sources, and processes with security operations centers (SOCs), Hunt teams, Red Teams, and detection engineering teams.
-Proficiency in SQL and/or Python along with an understanding of the threat intelligence technology landscape and familiarity with Threat Intelligence Platforms, SIEMs, AI and LLMs, ticketing systems, as well as threat detection systems.
-Experience with cyber threat intelligence or threat monitoring, in a security or intelligence role within a global enterprise or intelligence vendor
- Understanding of basic CTI team operations in conjunction with a SOC, Incident Response team, Red Team, Threat Hunting, Threat Detection, or other core CTI stakeholders.
- Firm grasp of CTI analytic methodologies, tooling, and approaches to conducting threat actor analysis, TTP assessments, and contributing to detection engineering processes.
- Experience authoring intelligence products, having a clear grasp of the intelligence lifecycle, and ability to integrate intelligence into security workflows.

Preferred Qualifications:
- Excellent communication skills (verbal and written) along with teamwork and collaboration abilities on global and multi-functional teams with different intelligence source groups
- Demonstrates time management and prioritization skills
- Highly motivated to contribute and grow within a complex area of emerging importance in an enterprise environment

This role requires the ability to work with and support systems designed to protect sensitive data and information. As such, this role will be subject to strict national security-related screening.

Job Information

[For Pay Transparency] Compensation Description (annually)

The base salary range for this position in the selected city is $98800 - $175400 annually.

Compensation may vary outside of this range depending on a number of factors, including a candidate's qualifications, skills, competencies and experience, and location. Base pay is one part of the Total Package that is provided to compensate and recognize employees for their work, and this role may be eligible for additional discretionary bonuses/incentives, and restricted stock units.

Benefits may vary depending on the nature of employment and the country work location. Employees have day one access to medical, dental, and vision insurance, a 401(k) savings plan with company match, paid parental leave, short-term and long-term disability coverage, life insurance, wellbeing benefits, among others. Employees also receive 10 paid holidays per year, 10 paid sick days per year and 17 days of Paid Personal Time (prorated upon hire with increasing accruals by tenure).

The Company reserves the right to modify or change these benefits programs at any time, with or without notice.

For Los Angeles County (unincorporated) Candidates:

Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state, and local laws including the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act. Our company believes that criminal history may have a direct, adverse and negative relationship on the following job duties, potentially resulting in the withdrawal of the conditional offer of employment:

1. Interacting and occasionally having unsupervised contact with internal/external clients and/or colleagues;

2. Appropriately handling and managing confidential information including proprietary and trade secret information and access to information technology systems; and

3. Exercising sound judgment.