Threat Intel Integration Specialist (REMOTE)
Cyware is a venture-backed organization, headquartered in New York City. The firm was founded by innovative practitioners to solve the massive-scale cybersecurity challenges they saw daily while working for leading global banks and technology organizations.
Cyware is disrupting the cybersecurity operations market with innovation that gives the firm claim to being the far-and-away ONLY company capable of delivering technology to build cyber fusion centers for customers in large enterprises and the mid-market.
Cyware is in hyper-growth mode. Your next opportunity starts here!!
More on Cyware: (www.cyware.com)
Built on innovation designed by SecOps practitioners and cybersecurity leaders, Cyware offers multiple technologies within its next-generation platform, including advanced threat intelligence solutions (TIP) for large and small security teams, vendor-agnostic security automation (SOAR), and security case management. As a result, organizations are able to increase speed and accuracy while reducing costs and analyst burnout. Cyware's Virtual Cyber Fusion solutions make secure collaboration, information sharing, and enhanced threat visibility a reality for enterprises, sharing communities (ISAC/ISAO), MSSPs, and government agencies of all sizes and needs.
- You can lead on strategic and tactical initiatives
- You are hungry, inquisitive, proactive, energetic, and driven
- You have a growth mindset and are committed to delivering results
- You thrive in a fast-paced, collaborative environment
Why We Are Hiring:
The Threat Intel Specialist will function as the threat SME, working with technology partners on common use cases and integrations, serving on multiple MITRE and industry alliance committees, fielding inquiries, interacting and collaborating with other industry experts in knowledge sharing groups and initiatives, and innovating to improve processes and deliverables.
Come join an exciting cybersecurity product startup!
What You Will Do:
- Collect, process, catalog, and document threat information using a Multi-Source approach and various technical and human means
- Regularly interact with various commercial threat intel feed partners for integration with Cyware products
- Work with Technical Alliance Partnership to establish new value add relationships to build integrations
- Work with the Product team as a subject matter expert for cyber threat intelligence
- Provide Cyber Threat Intelligence and related integration knowledge to internal stakeholders.
- Develop actionable information in the form of technical indicators, reports, lists, rules, signatures, or indicators and warnings
- Critically analyze threat intelligence feeds and help internal teams for better integration
- Expertise in Threat hunting tools and capabilities
- Work with Malware sandbox providers for better integration with Cyware products
- Work with the product team and help them map the various threat intel feeds formats and structures to standard structures like STIX/TAXII
- Work with the product team for providing any expert advice on new features for Cyware's threat intel products
- Work with the research team and external partners for threat intelligence-related projects when required.
- Effectively analyze threat data and create easy-to-understand takeaway reports/presentations
- Establish and maintain a repository of a threat intelligence feed providers and enrichment providers
- Work effectively with all teams that operate across numerous geographies
- Quickly obtain knowledge of our current existing process, and identify success factors, strengths, weaknesses, and opportunities.
- Demonstrate analytics and provide intel briefing to Cyware executive leadership
- Provide advisory on all Threat Intel related activities
Who You Are
- US Citizenship is a requirement of this position in accordance with 8 U.S.C 1324b(a)(2)(C)
- 5+ years of work experience as a Threat Intel Analyst with relevant hands-on experience with large-scale enterprise cybersecurity products.
- The candidate should have experience with the management of information security tools such as Threat Intel Platform, Threat Intel Feeds, etc.
- Sound knowledge of STIX / TAXII, MITRE ATT&CK framework and related use cases
- Knowledge of handling the IOC, TTP and Threat actors in conjunction with SOC/Incident Response and Threat Hunting operations
- The candidate must have experience working with large threat intel feeds like Crowdstrike, Mandiant, Recorded Future, Flashpoint, etc.
- Bachelor's degree in Computer Science, Computer Engineering or other similar domains
- Experience in deploying large-scale security products and conducting product demos and webinars for customers
- Good understanding of designing and implementing security automation
- Good understanding of SOC / Security Management Workflows in enterprise environments
- Strong Application / Operating System / Networking troubleshooting skills
- Knowledge of current hacking techniques, vulnerability disclosures, data breach incidents, and security analysis techniques
- Ability to translate business risks to cyber risks and corresponding direction for intelligence collection activities and advising clients on threat mitigation strategies
- Ability to translate technical information for diverse audiences including C-suite and technical management team members
- Fluent English language skills (spoken and written)
- Good analytical & development skills (Python development skills would be preferred)
- Relevant Technical Security Certifications (GIAC, CISSP, SSCP, EC-Council, Offensive Security, etc.) is a plus
- An individual who can manage projects and ensure task deadlines are met
- Expertise working with SIEM, EDR and other premium feed sources
- Demonstrated ability to work successfully with colleagues across different time zones and geographies
We're a lean team, so your impact will be felt immediately. If this all sounds like a good fit for you, why not join us?
You’ll love working at Cyware because
- We value balance. We are committed to providing an environment in which you can balance great work with a great life. You’ll have a competitive PTO structure and holidays covered.
- We’re not just employees. We’re people. We offer 401(k) match, insurance coverage (health, vision, and dental), and reimbursements for your home office.
- We’ll invest in your career. Our company’s growing quickly, and we’ll give you the opportunity to do the same. You’ll have access to a number of professional development opportunities so that you can keep up with the company’s evolving needs.
- We offer competitive compensation packages. We deeply value the talent our team brings to the table and believe that fair and equitable total compensation packages are part of our commitment to everyone who works here.
- And so much more…
Cyware is dedicated to hiring a diverse workplace that celebrates an inclusive culture and a sense of belonging. As an equal opportunity employer, we do not discriminate based on race, color, religion, sex (including pregnancy, gender identity, gender expression, and sexual orientation), national origin, age, veteran status, genetic information or disability.
How to Apply
Apply right here. You've found the application!