Staff Threat Intelligence Engineer

Get AI-powered advice on this job and more exclusive features.

• Experienced Threat Detection Engineer: Proven expertise in detecting, analyzing, and responding to advanced threats using Akamai, Imperva, Noname, Microsoft Security tools, CrowdStrike, and other edge security tools.
• Detection Engineering Specialist: Proficient in developing and tuning detection rules, leveraging SIEM platforms like Sentinel and Google Chronicle to identify malicious activity accurately. Experienced in using KQL (Kusto Query Language) for Microsoft Sentinel and writing custom detection logic.
• Offensive Security Knowledge: Hands-on experience in penetration testing to assess security vulnerabilities across networks, applications, and systems. Familiar with tools like Kali Linux, Metasploit, and scripting with Python, PowerShell, or Bash. Ability to emulate adversary tactics based on the MITRE ATT&CK framework.
• Purple Team Advocate: Proven track record of collaborating with blue teams to design and conduct purple team exercises that enhance detection and response capabilities. Skilled in translating offensive security findings into actionable defense strategies.
• Threat Intelligence Integrator: Experienced in integrating threat intelligence into detection strategies to prioritize and mitigate threats effectively. Ability to adapt detection logic based on emerging adversary tactics and techniques.
• Incident Response Collaborator: Demonstrated ability to support incident response teams by providing insights into adversary tactics and enhancing detection capabilities during active investigations.
• Compliance Knowledgeable: Familiar with regulatory and compliance requirements such as PCI-DSS, HIPAA, NIST, and ISO 27001.
• Innovator: Passionate about advancing detection capabilities and integrating offensive security practices into a comprehensive threat management strategy.
  
  

Contract

100% Remote

Job Description

• Experienced Threat Detection Engineer: Proven expertise in detecting, analyzing, and responding to advanced threats using Akamai, Imperva, Noname, Microsoft Security tools, CrowdStrike, and other edge security tools.
• Detection Engineering Specialist: Proficient in developing and tuning detection rules, leveraging SIEM platforms like Sentinel and Google Chronicle to identify malicious activity accurately. Experienced in using KQL (Kusto Query Language) for Microsoft Sentinel and writing custom detection logic.
• Offensive Security Knowledge: Hands-on experience in penetration testing to assess security vulnerabilities across networks, applications, and systems. Familiar with tools like Kali Linux, Metasploit, and scripting with Python, PowerShell, or Bash. Ability to emulate adversary tactics based on the MITRE ATT&CK framework.
• Purple Team Advocate: Proven track record of collaborating with blue teams to design and conduct purple team exercises that enhance detection and response capabilities. Skilled in translating offensive security findings into actionable defense strategies.
• Threat Intelligence Integrator: Experienced in integrating threat intelligence into detection strategies to prioritize and mitigate threats effectively. Ability to adapt detection logic based on emerging adversary tactics and techniques.
• Incident Response Collaborator: Demonstrated ability to support incident response teams by providing insights into adversary tactics and enhancing detection capabilities during active investigations.
• Compliance Knowledgeable: Familiar with regulatory and compliance requirements such as PCI-DSS, HIPAA, NIST, and ISO 27001.
• Innovator: Passionate about advancing detection capabilities and integrating offensive security practices into a comprehensive threat management strategy.
  
  

Role Responsibilities

Detection Engineering & Threat Hunting

• Develop, deploy, and optimize detection rules across SIEM platforms such as Microsoft Sentinel, Splunk, and Google Chronicle.
• Conduct threat hunting activities using Microsoft Defender, CrowdStrike, and other SOC tools to identify and respond to advanced threats.
• Leverage KQL and SPL (Search Processing Language) to create custom detections and automate responses.
• Continuously refine detection capabilities based on emerging threats and intelligence.
  
  

Penetration Testing & Adversary Emulation

• Assist with internal and external penetration tests to identify vulnerabilities.
• Design and execute adversary emulation scenarios to assess detection and response effectiveness.
• Utilize penetration testing tools and custom scripts to simulate real-world attack scenarios.
• Produce detailed reports with findings and actionable recommendations.
  
  

Purple Team Operations

• Work closely with blue teams to conduct purple team exercises, bridging offensive and defensive security efforts.
• Provide actionable insights to improve monitoring, alerting, and incident response based on adversary tactics.
• Facilitate knowledge-sharing sessions to upskill internal teams on TTPs (Tactics, Techniques, and Procedures).
  
  

Threat Intelligence Integration

• Integrate threat intelligence into detection strategies to prioritize threats and adapt detection rules.
• Analyze threat intelligence feeds and translate them into actionable detection and response measures.
  
  

Incident Response Support

• Collaborate with the incident response team during investigations by providing adversary tactics insights.
• Assist in developing threat-hunting use cases and refining detection capabilities.
  
  

Security Strategy & Risk Management

• Contribute to the development of a comprehensive detection strategy aligned with risk management goals.
• Provide leadership with reports on security gaps, risks, and detection effectiveness.
  
  

Required Qualifications

• 7+ years of experience in threat detection, hunting, penetration testing, and/or offensive security.
• 5+ years of experience in Microsoft Security tools (Defender for Endpoint, Sentinel), CrowdStrike, Splunk, and Google Chronicle.
• 3+ years of experience with KQL, SPL, Python, PowerShell, or Bash scripting for automation and detection logic.
• Experience with CDN Akamai
  
  

Preferred Qualifications

• Relevant certifications such as OSCP, GCIH, GCIA, CISSP, CEH, or Microsoft Azure Certification.
• Experience in managing or participating in purple team exercises.
• Familiarity with compliance standards like PCI-DSS, HIPAA, or ISO 27001.
• Strong understanding of the MITRE ATT&CK framework and security standards (NIST, CIS).
• Strong communication skills to convey complex security issues to non-technical stakeholders.
  
  

Education

• Bachelor’s degree or equivalent experience (High School Diploma and 4 years relevant experience)

• Seniority level
  Mid-Senior level

• Employment type
  Contract

• Job function
  Information Technology
• Industries
  IT Services and IT Consulting

Referrals increase your chances of interviewing at Global Business Ser. 4u by 2x

Get notified about new Threat Intelligence Engineer jobs in United States.

United States $144,500.00-$170,000.00 15 hours ago

California, United States $72,200.00-$114,500.00 2 weeks ago

San Francisco, CA $139,100.00-$206,000.00 2 weeks ago

United States $100,000.00-$120,000.00 17 hours ago

New York City Metropolitan Area $150,000.00-$170,000.00 2 months ago

United States $220,000.00-$250,000.00 1 day ago

United States $90,000.00-$110,000.00 3 months ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.