Threat Intelligence Engineer
TENEX.AI · Overland Park, KS · 2 wk ago
HybridInformation TechnologyFull-time
What You'll Do
- General Cybersecurity Knowledge: Strong understanding of core cybersecurity principles, including network protocols, operating systems, security architectures, and common attack vectors.
- Familiarity with basic malware analysis concepts.
- Threat Intelligence Collection: Assist in the proactive research, identification, and collection of threat intelligence from various sources, including open-source intelligence (OSINT), commercial feeds, and internal security data.
- Analysis and Correlation Support: Analyze raw threat data to identify potential patterns and connections. Assist in correlating threat intelligence with internal security events and vulnerabilities.
- Reporting and Dissemination: Draft clear and concise threat intelligence reports, briefings, and alerts for internal security teams (Security Operations, Incident Response).
- Adversary and TTP Tracking: Assist in tracking and maintaining information on threat actors, including their motivations, capabilities, and tactics, techniques, and procedures (TTPs).
- IOA/IOC Development Support: Support the development of technical indicators of attack (IOAs) and indicators of compromise (IOCs) based on observed adversary behaviors. Assist in integrating these indicators into security tools.
- Vulnerability Intelligence: Monitor and analyze vulnerability disclosures and exploit trends to provide initial insights into potential risks.
- Knowledge Sharing: Stay up-to-date with current cyber security threats, vulnerabilities, and industry best practices. Share findings with the security operations and detection engineering teams.
- Stakeholder Engagement: Assist in building relationships with internal teams. Help prepare regular threat landscape updates for technical stakeholders.
Qualifications
- 2-4+ years of experience in cybersecurity, with at least 1-2 years specifically focused on threat intelligence or a closely related field (e.g., Security Operations Center (SOC) analysis).
- Solid foundational understanding of the threat landscape, including common threat actors and their objectives.
- Familiarity with threat intelligence frameworks and methodologies (e.g., MITRE ATT&CK, STIX/TAXII).
- Experience with or exposure to threat intelligence platforms (TIPs) and security information and event management (SIEM) systems.
- Strong analytical and problem-solving skills.
- Good written and verbal communication skills, with the ability to articulate technical findings clearly.
- A keen desire to learn and grow within the threat intelligence discipline.
- Ability to work independently and collaboratively in a team environment.
Preferred Skills
- Experience with scripting languages (e.g., Python) for simple data manipulation or automation is a plus.
- Familiarity with foundational concepts of malware analysis.