Threat Intelligence Integration Engineer

Summary

Join phia as a Threat Intelligence Engineer and focus on integrating Threat Intelligence Platforms (TIPs) with other security tools to enhance threat detection and response. This remote position requires U.S. citizenship and the ability to obtain Public Trust clearance. You will assist in integrating TIPs with various security tools, validate data, utilize automation, ensure seamless integration with existing infrastructure, and develop ConOps documents. Responsibilities also include planning, designing, and implementing security architectures, performing vulnerability testing, and conducting security reviews. The ideal candidate will have 5+ years of experience with SIEM systems, MITRE ATT&CK Framework, and endpoint security.

Requirements

• 5+ years of experience with SIEM systems, MITRE ATT&CK Framework, Endpoint Security Services, and the onboarding and implementation of various security tools
• Proven experience in analyzing alerts from Cloud, SIEM, and EDR tools, and in the alerts tuning process
• Familiarity with cybersecurity operation center functions and experience configuring and re-configuring security tools
• Experience with security frameworks and the ability to interpret use cases into actionable monitoring solutions
• U.S. Citizenship required
• Ability to obtain Public Trust (or higher) government clearance

Responsibilities

• Assist with integrating Analyst1 and other Threat Intelligence Platforms (TIPs) with different security and operation tools, such as ServiceNow, Armis, Sentinel One, SIEM, EDR, IDS/IPS, and other network security tools, to enhance threat detection and response capabilities
• Validate data is received from multiple tools including but not limited to ServiceNow, Armis, and Sentinel One
• Utilize automation opportunities to streamline threat intelligence workflows and improve incident response times
• Ensure seamless integration with existing security infrastructure, including endpoint security, firewalls, and SOAR platforms
• Develop and maintain detailed System Security Concept of Operations (ConOps) documents that outline the operational procedures and guidelines for the security architecture
• Align the security architecture with the organization's overall business and technology strategy, ensuring it balances business requirements with information and cybersecurity needs
• Plan, design, build, tested, and implement robust security architectures for all IT projects
• Perform vulnerability testing, risk analyses, and security assessments to ensure the efficacy of the security designs
• Test, evaluate, and verify hardware and software to ensure systems and architecture are consistent with cybersecurity architecture guidelines and requirements
• Identify critical system capabilities and business functions that require enhanced security measures and prioritize them based on risk and impact on the organization
• Conduct regular security reviews to identify gaps in the security architecture and determine the effectiveness of the current security design
• Recommend changes or enhancements as necessary based on security reviews
• Assist in configuring and re-configuring security tools to ensure they align with the overall security architecture
• Use threat intelligence to optimize the configuration of these tools and improve their effectiveness

Preferred Qualifications

• Bachelor’s Degree in an engineering or cyber discipline
• CompTIA Net+, A+, Security+
• Certified Testing Engineer (CPTE)
• Certified Ethical Hacker (CEH)
• Certified Information System Security Professional (CISSP)

Benefits

• Comprehensive medical insurance to include dental and vision
• Short Term & Long-Term Disability
• 401k Retirement Savings Plan with Company Match
• Tuition and Professional Development Assistance
• Flex Spending Accounts (FSA)