Threat Intelligence Lead

Job Description

Key Responsibilities: Develop and maintain threat intelligence feeds, playbooks, and integrations with detection platforms (e.g., Wazuh, Elastic, Splunk). Lead incident response efforts to mitigate cyber threats and minimize business impact. Analyze threat actor behaviors and TTPs to proactively design mitigation strategies. Vulnerability Management: Implement and manage comprehensive vulnerability management programs to ensure timely identification, assessment, and remediation. Collaborate with technical teams to prioritize vulnerabilities and track remediation progress. Research and advise on the latest vulnerability trends and their potential impacts. Automation and Orchestration: Design and deploy automation solutions for threat intelligence integration and response workflows. Build scripts and tools (e.g., using Python or PowerShell) to streamline repetitive security tasks and enhance operational efficiency. Leverage orchestration tools to improve the speed and accuracy of incident handling. Data-Driven Decision-Making: Conduct data analysis to identify patterns, improve threat detection mechanisms, and generate actionable insights. Provide strategic recommendations to stakeholders based on trends and findings from intelligence data. Develop detailed reports and metrics to measure the effectiveness of security operations. Qualifications: Education: Master’s or Bachelor’s degree in Cybersecurity, Computer Science, or a related field (or equivalent experience). Experience:3 to 5 years of experience in threat intelligence, incident response, and vulnerability management. Hands-on experience in integrating intelligence into SIEM platforms like OpenSearch, Wazuh, Elastic, or Splunk. Technical Skills: Proficient in threat intelligence frameworks such as MITRE ATT&CK and the Diamond Model. Expertise in automation using scripting languages like Python or PowerShell. Familiarity with vulnerability scanning tools and methodologies. Experience with orchestration tools and platforms for incident management. Knowledge of malware analysis and threat actor profiling. Preferred Certifications: Certified Threat Intelligence Analyst (CTIA), GIAC Cyber Threat Intelligence (GCTI), CEH, or other relevant certifications. Show more Show less