[Remote] Threat Intelligence Lead

Note: The job is a remote job and is open to candidates in USA. NuHarbor Security is focused on enhancing cybersecurity for its clients through a range of services. The Threat Intelligence Lead plays a vital role in identifying and analyzing cyber threats, collaborating with teams to refine detection strategies, and providing actionable intelligence to clients and internal stakeholders.

Responsibilities

• Conduct client directed proactive investigations to identify cyber threats, advanced persistent threats, and anomalous activity within enterprise networks and endpoints
• With a focus on client environments and desired outcomes, research new and existing threat actors and associated tactics, techniques, and procedures (TTPs); developing a detailed understanding of their potential impact on the client
• Perform deep-dive analysis of suspected security incidents to determine impact, risk, and response actions
• Lead and manage threat research initiatives to assess emerging threats and vulnerabilities, and correlate adversary activities, attack chains, and artifacts to provide threat intelligence that supports the timely detection of active threats
• Identify and propose automated detections for new and previously unknown threats. Collaborate with NuHarbor internal and external Cyber organizations to mitigate risk by testing, deploying, and developing investigative playbooks
• Produce and disseminate timely, actionable, and relevant threat intelligence to detection engineering to inform NHS’ detection package based on relevant threats to NuHarbor’s client base
• Develop and deliver finalized threat intelligence to the SOC that directs intelligence-driven threat hunting efforts and convert results into actionable intelligence that can inform the adjustment of existing detections and the creation of new detections
• Lead threat intelligence requirement development and intelligence delivery (tactical, operational, and strategic) across all applicable NuHarbor stakeholders
• Lead the management, maintenance, and general administration of NuHarbor’s threat intelligence tooling, infrastructure, Threat Intel Platform (TIP), threat feeds, and threat information sharing efforts
• Work with Managed Services and Client Success to deliver high priority situational awareness/intelligence to the NuHarbor client based in response to emergent threats while collaborating with detection engineering to provide timely solutions
• Act as a centralized point for threat hunters and red team to collaborate with when researching emerging threats that provide opportunities to address detection gaps

Skills

• Bachelor's Degree and five (5) years of experience. Experience should be in a cybersecurity field and should include relevant industry certifications
• In lieu of a degree, two (2) years of experience in a related technology field and relevant industry certifications are required
• Two (2) or more years of experience in a threat analyst role
• A minimum of two (2) years of experience with OSINT and threat hunting
• A minimum of one (1) year of experience using Splunk and or other SIEM technologies
• Demonstrated expertise in intelligence tradecraft, the intelligence lifecycle, common threat modeling frameworks: MITRE ATT&CK, Diamond Model, PEAK, Cyber Kill Chain, D3F3ND
• Experience using Threat Intelligence tools and processes necessary to collect information about adversary groups and cybercriminals that may target the NuHarbor Security client base: OpenCTI, Shodan, AbuseIPDB
• Ability to communicate complex security concepts to audiences of varied technical understanding, including business stakeholders, sales, engineering, and customers
• Demonstrated understanding of networking concepts and architecture
• Experience giving security recommendations and meeting with clients
• Familiarity with network, system, and application layer attacks and mitigations
• Maintain at least one (1) industry certification required to support the managed services (MS) Catalog: Security+, Network+, CeH, CYSA+
• Must be a citizen of the United States
• Three (3) or more years of experience in a threat analyst role and/or with OSINT and threat hunting
• Five (5) or more years of experience in a security analyst role
• Two (2) years of Experience performing threat hunting across client accounts via Splunk, Microsoft Sentinel, or other SIEM
• Demonstrated experience with security controls and frameworks and the technologies that supply these controls: NIST Risk Management Framework/NIST Cyber Security Framework, CIA Triad, Identity and Access Management, Encryption, Incident Response Lifecycle
• Experience drafting threat intelligence portions of bi-weekly and quarterly reports
• Maintains multiple industry certifications required to support the managed services (MS) Catalog
• Threat Intelligence Certifications: The GIAC Cyber Threat Intelligence (GCTI), The GIAC Defending Advanced Threats (GDAT), The GIAC Enterprise Incident Response (GEIR)
• Experience in engineering event detection & response tuning
• Proven ability to implement simple, scalable, testable, and maintainable detections and code
• Experience working in an Agile development process
• Experience in Security Operations Center (SOC) content development and automation implementations

Benefits

• Eligible for the company bonus plan at a 10% target
• Paid time to give back in your community
• Generous PTO

Company Overview

• NuHarbor Security is an end-to-end cybersecurity services company with a focus on best of breed security technologies. It was founded in 2014, and is headquartered in Essex Junction, Vermont, USA, with a workforce of 51-200 employees. Its website is https://www.nuharborsecurity.com.

Apply tot his job Apply To this Job