Sr Engineer-Captive Operations

About The Company

Job Summary

Key Responsibilities

• Administer and maintain the Unified Threat Intelligence Platform (e.g., MISP, Anomali, ThreatConnect, EclecticIQ, TIP from commercial vendors). Should have worked on any of the TI platform. Experience in Recorded future preferred.
• Aggregate, normalize, and enrich threat intel feeds from internal, commercial, and open-source sources (OSINT).
• Map Indicators of Compromise (IOCs), TTPs, and threat actor profiles using frameworks such as MITRE ATT&CK and STIX/TAXII.
• Integrate UIP with SIEM, SOAR, and EDR platforms to enable automated threat correlation and alert enrichment.
• Analyze and prioritize threat intelligence based on relevance, risk level, and business impact.
• Coordinate with threat-hunting and SOC teams to enable actionable use of threat intelligence.
• Create and manage threat intelligence dashboards, reports, and alerts.
• Continuously improve threat ingestion, enrichment pipelines, and integration workflows.
  

Required Skills And Qualifications

• Solid understanding of Threat Intelligence lifecycle: collection, processing, analysis, dissemination.
• Experience with commercial or open-source TIP/UIP tools (e.g., MISP, ThreatConnect, Anomali, EclecticIQ).
• Strong knowledge of STIX/TAXII, OpenIOC, YARA, Sigma rules.
• Experience integrating threat intel into SIEM (e.g., Splunk, QRadar, Sentinel) and SOAR platforms.
• Familiarity with threat actor behavior, campaigns, malware families, and IOC tracking.
• Working knowledge of scripting (Python preferred) for automation and data transformation.
• Ability to analyze complex data and present threat intelligence in clear, actionable formats.
  

Education Requirements

Certification

• CEH/CSA/ NBAD certification