Threat Intelligence and Detection Engineer

Insane Cyber

$90K — $120K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • 3-5 years of experience in cybersecurity
  • Bachelor's or Master's degree in a related field or equivalent experience
  • Experience in digital forensics, incident response, or threat hunting is a plus
  • Industrial sector experience, especially in Operational Technology (OT) or Industrial Control Systems (ICS) is a plus
  • Startup experience or familiarity with rapidly growing services organizations is beneficial
  • Knowledge of threat detection engines (Suricata, Yara, etc.)
  • Experience with both host and network data analysis and familiarity with major threats

Responsibilities

  • Provide expert consultancy services to clients on cybersecurity risks
  • Develop detection methods for threats in flagship products using host and network data
  • Collaborate with cross-functional teams to deliver security capabilities
  • Analyze events to detect security incidents
  • Engage in incident response throughout the IR life cycle
  • Enhance observability of client environments for security events
  • Act as a trusted advisor, building strong client relationships

Benefits

  • Competitive base salary
  • Equity opportunities pending board approval
  • Comprehensive medical, dental, vision, and life insurance
  • Retirement plan with employer matching
  • Flexible working hours with a generous time-off policy
Full Job Description
As we grow, we are seeking a Threat Intelligence and Detection Engineer to join our team. This role is crucial for the continued development and enhancement of our flagship products, Valkyrie and Cygnet. You will be a key player in our professional services team, bringing your expertise and innovative thinking to advance our technology and maintain our competitive edge in the market.

Responsibilities
  • Provide expert proactive and reactive consultancy services to clients, helping them understand and mitigate cybersecurity risks. Typical services include, but are not limited to threat hunting, incident response, digital forensics, and architecture reviews
  • Keep up with current and emerging threats and develop innovative ways to implement detection of threats in Valkyrie and Cygnet with both host and network data
  • Collaborate with engineering, professional services, external customers and other internal and external groups to identify, architect, develop and deliver capabilities to end users
  • Perform analysis and investigations, correlating events and data to detect security incidents
  • Participate in incident response efforts throughout the IR life cycle.
  • Develop and maintain security incident response plans
  • Operationalize, monitor, and optimize security and network monitoring solutions
  • Improve observability and monitoring of the customer environments, collaborating with internal and customer teams to enhance visibility into security events and incidents
  • Apply working experience with protocol dissection and proprietary protocol analysis-preferably
    in the industrial space
  • Work with a cross-functional team to develop new detections specifically for industrial environments
  • Deliver solutions to and manage cybersecurity projects, ensuring alignment with client needs and best industry practices
  • Build and maintain strong relationships with clients, acting as a trusted advisor in cybersecurity matters
  • Ensure the quality and timeliness of service delivery, adhering to project deadlines and client expectations
  • Stay updated on the latest cybersecurity trends and technologies, applying this knowledge to improve service quality


Qualifications
  • Minimum 3-5 years of full-time experience in cybersecurity
  • Bachelor's or Master's degree in Information Technology, Cybersecurity, or a related field, or equivalent experience
  • Experience in digital forensics, incident response, or threat hunting is a plus
  • Experience in industrial sectors, Operational Technology (OT), Industrial Control Systems (ICS) and/or critical operations assurance is a plus
  • Experience in a startup or rapidly growing professional services organization is a plus
  • Working knowledge of proprietary and open-source threat detection engines and rulesets (Suricata, Yara, Sigma, Zeek, etc.)
  • Working experience with host and network data analysis across packet capture files, host logs, registry, memory and/or disk artifacts
  • Working knowledge of major nation state and criminal level threats and experience building host and network detections to identify those threats
  • Deep working knowledge of MITRE ATT&CK, D3FEND, or other threat modeling frameworks
  • [Nice to Have] Proficiency in backend languages and frameworks, such as Python, JavaScript, C, Go, Rust, or similar technologies
  • Proven track record of successful delivery in a consulting environment
  • Excellent client relationship management skills and the ability to explain complex technical concepts clearly
  • Strong communication skills, collaboration mindset, and an ability to learn quickly required


Benefits
  • Competitive Base Salary
  • Equity offering subject to board approval
  • Comprehensive medical/dental/vision/life insurance plan
  • Retirement plan with employer match
  • Flexible working hours and generous time-off policy

Similar Jobs

More Jobs at Insane Cyber

More Information Technology Jobs

Find similar Threat Intelligence and Detection Engineer jobs: