Threat Engineer

Responsibilities

• Conduct in-depth analysis and research to attribute cyber threats and attacks, including identifying threat actors, their motivations, tactics, techniques, and procedures (TTPs), and providing insights on their potential impact on the organization.
• Ability to classify, categorize, and analyze malware and threats.
• Monitor and assess the global threat landscape, including threat actors, malware, hacking techniques, and geopolitical events that may impact the organization.
• Provide metrics on overall threat activity within and outside of Client
• Collaborate with internal teams to provide timely and actionable intelligence to support incident response, vulnerability management, and other cybersecurity initiatives.
• Design, implement and administer enterprise solutions that proactively search for and identify malicious activity within their environments.
• Correlate threat environment from SIEM threat feeds to the latest risk analysis report
• Develop and maintain threat profiles, indicators of compromise (IOCs), and tactical reports to enhance detection and response capabilities.
• Perform root cause analysis and provide recommendations for proactive measures to help prevent cyber-attacks.
• Continuously update and refine existing threat intelligence processes and methodologies to ensure the organization remains at the forefront of cyber defense.
• Stay informed about the latest trends, tools, and techniques in the field of threat intelligence and incorporate best practices into daily operations.
• Support threat assessment initiatives such as security assessments and penetration testing.
• Present findings and insights to technical and non-technical stakeholders, including executives, to enhance overall cyber risk awareness.
• Actively search for the evidence of hidden threats within environments that bypass both preventative and detective controls using delivery methodology and threat hunting tools and techniques.

• Bachelor’s degree in computer science, computer engineering, software engineering, information technology, computer information systems, MIS, or engineering is preferred.
• A combination of associate degree, military or professional cybersecurity experience and cybersecurity certification (CISSP, GAIC, MCSE, CEH, GICSP, CSSA, CISM) will be considered.
• 2+ years Cybersecurity experience

• Understanding of cyber threats, attack vectors, and common exploitation techniques.
• Experience with Threat Hunting techniques on both the endpoint and network data
• Proficiency in using threat intelligence platforms, open-source tools, and security information and event management (SIEM) systems.
• Ability to identify attacker Tactics, Techniques and procedures (TTPs)
• Understanding of enterprise architectures and large IT environments
• Excellent communication and interpersonal skills.