The Manager of Threat Research will drive the normalization, correlation and integration of internal and external threat intelligence sources. Your team will be primarily responsible for applying the analysis of threat actors, threatcampaigns, and the cooresponding TTPs (tactics, techniques, and procedures) to contextually enrich alerting across the Palo Alto security platform.
A strong focus on automation, adversary and targeting analysis, and countermeasure creation is desired.
- Lead team to produce durable signatures and indicators of compromise sets based on internal and externally sourced data and information.
- Translate complex information sets into concise labels which may be leveraged by customers to improve their incident response efficacy.
- Collect open source information for aggregation into our intelligence repository.
- Analyze malware and attacker tools to assess their functionality, origin and purpose.
- Develop tools to assist with automation of collection and processing of data.
- Present new research at conferences and at customer meetings as desired.
- Respond to Requests for Information (RFIs) from our consumer organizations within Palo Alto Networks.
- Strong leadership skills with experience leading highly motivated subject matter experts, research teams and projects
- Strong collaboration skills for a distributed R&D organization, adaptability in a fast-paced environment
- Strong creative thinker and problem solver
- Excellent written and verbal communication skills and experience leading threat research teams, onsite and remote.
- Demonstrated experience leading complex projects and initiatives across multiple teams.
- Demonstrated capability as a threat team or SOC lead growing a small team rapidly, while prioritizing analysis and development efforts.
- Strong understanding of computer science fundamentals, specifically networking, databases and tool development.
- Strong understanding of security operations: perimeter defense, forensics, incident response, kill chain analysis, risk assessment and security metrics.
- Understanding of malware construction, usage and detection techniques.
- Experience developing profiles of actors and groups based on data.
- Experience performing OSINT research.