Principal Consultant

Summary

Join Palo Alto Networks® as a Principal Consultant, Threat Intelligence Advisory and contribute to the company's mission of protecting our digital way of life. This senior-level consulting position within the Unit 42 Proactive Services team involves working alongside the Consulting Director to provide threat intelligence insights to clients. You will lead threat intelligence advisory engagements, provide intelligence input for risk management consulting engagements, leverage internal Unit 42 datasets and OSINT, and work with client security teams to operationalize threat intelligence. The role also includes amplifying Unit 42's presence through thought leadership. This position requires a hands-on mentality, ability to work independently on complex engagements, and flexibility to be involved in various work streams. You will be a self-starter who can complete high-level tasking and meet goals and deadlines.

Requirements

• 7+ years of demonstrated experience in a threat intelligence function, whether in consulting or in-house
• Excellent English written and verbal communications skills
• Strong familiarity with the Mitre ATT&CK framework
• Passionate about cyber threat intelligence and its tradecraft, attention to details
• Ability to travel up to 30% of the time
• Demonstrable experience in directly improving CTI processes and procedures of large enterprises, whether in house or as a consultant
• Deep understanding of cybercriminal and state-sponsored groups, their TTPs and high level mitigations

Responsibilities

• Assist Unit 42 Consulting Director of Threat Intelligence Advisory in developing and delivering threat-informed services to international clients
• Lead Threat Intelligence Advisory engagements such as threat assessments, threat intelligence maturity assessments, threat intelligence capability building, threat-led offensive security testing
• Provide intelligence input for risk management consulting engagements (e.g. SOC Assessments)
• Leverage internal Unit 42 datasets and finished intelligence, as well as OSINT, to identify relevant threats to organisations across sectors and geographies
• Work with security teams at clients (i.e. TI, CISO, SOC, threat hunting, red team) to help them operationalise threat intelligence into measurable outcomes
• Amplify Unit 42s’ presence and credibility in the marketplace through thought leadership, including via speaking engagements, and blog articles on threat intelligence topics

Preferred Qualifications

• Experience in intelligence led-red team exercises like CBEST, TIBER, iCAST, Corie
• Knowledge of threat actors hunting tools and techniques (e.g. VT, Passive DNS)
• Experience in incident response, digital forensic, or security operations
• Experience in risk management consulting advising clients on appropriate security controls
• Additional language skills to interface with regional clients (i.e. Arabic, German, Spanish)
• Proficiency in scripting languages or AI prompt engineering to automate tasks
• Cybersecurity industry certifications such as CRTIA, CCTIM, GCTI are a plus but not essential

Benefits

• FLEXBenefits wellbeing spending account with over 1,000 eligible items selected by employees
• Mental and financial health resources
• Personalized learning opportunities