Startup Jobs
Post a Job
NuHarbor Security

Threat Intelligence Lead

Remote

AI overview

Lead proactive threat intelligence initiatives to identify and mitigate cybersecurity threats while collaborating with clients and refining detection strategies.

The Company

Every day, NuHarbor Security improves the cybersecurity of our clients by making it stronger and easier to understand.  Our comprehensive suite of security services, from strategic advising to 24-hour monitoring and management, provide an organizational view of security that is focused on results and recommendations that are valuable for both business and technical leaders.  We’re growing quickly because our clients, and the general market, are looking for these outcomes and for the data it gives them to explain, promote, and justify, their security investment and mission.

The Role

The Threat Intelligence Lead is critical in proactively searching for indicators of compromise (IOCs) and indicators of attack (IOAs) and actively hunting for threats not yet formally categorized by a threat actor.  This position Operator is expected to collaborate with Detection Engineering teams to refine detection capabilities, identifying emerging threats and developing and implementing detection strategies and methodologies. The Operator also holds the critical role in directly working with Clients to provide feedback, recommendations, and provide remediation guidance as needed.

What you’ll do

  • Live by the NuHarbor corporate values: Help Clients Win, Always Improve, Protect the House.
  • Conduct client directed proactive investigations to identify cyber threats, advanced persistent threats, and anomalous activity within enterprise networks and endpoints.
  • With a focus on client environments and desired outcomes, research new and existing threat actors and associated tactics, techniques, and procedures (TTPs); developing a detailed understanding of their potential impact on the client.
  • Perform deep-dive analysis of suspected security incidents to determine impact, risk, and response actions.
  • Lead and manage threat research initiatives to assess emerging threats and vulnerabilities, and correlate adversary activities, attack chains, and artifacts to provide threat intelligence that supports the timely detection of active threats.
  • Identify and propose automated detections for new and previously unknown threats. Collaborate with NuHarbor internal and external Cyber organizations to mitigate risk by testing, deploying, and developing investigative playbooks.
  • Produce and disseminate timely, actionable, and relevant threat intelligence to detection engineering to inform NHS’ detection package based on relevant threats to NuHarbor’s client base.
  • Develop and deliver finalized threat intelligence to the SOC that directs intelligence-driven threat hunting efforts and convert results into actionable intelligence that can inform the adjustment of existing detections and the creation of new detections.
  • Lead threat intelligence requirement development and intelligence delivery (tactical, operational, and strategic) across all applicable NuHarbor stakeholders.
  • Lead the management, maintenance, and general administration of NuHarbor’s threat intelligence tooling, infrastructure, Threat Intel Platform (TIP), threat feeds, and threat information sharing efforts.
  • Work with Managed Services and Client Success to deliver high priority situational awareness/intelligence to the NuHarbor client based in response to emergent threats while collaborating with detection engineering to provide timely solutions.
  • Act as a centralized point for threat hunters and red team to collaborate with when researching emerging threats that provide opportunities to address detection gaps.

Your foundation.  The requirements for this role:

  • Bachelor’s Degree and five (5) years of experience. Experience should be in a cybersecurity field and should include relevant industry certifications.
    • In lieu of a degree, two (2) years of experience in a related technology field and relevant industry certifications are required.
  • Two (2) or more years of experience in a threat analyst role.
  • A minimum of two (2) years of experience with OSINT and threat hunting.
  • A minimum of one (1) year of experience using Splunk and or other SIEM technologies.
  • Demonstrated expertise in intelligence tradecraft, the intelligence lifecycle, common threat modeling frameworks:
    • MITRE ATT&CK
    • Diamond Model
    • PEAK
    • Cyber Kill Chain
    • D3F3ND
  • Experience using Threat Intelligence tools and processes necessary to collect information about adversary groups and cybercriminals that may target the NuHarbor Security client base.
    • OpenCTI
    • Shodan
    • AbuseIPDB
  • Ability to communicate complex security concepts to audiences of varied technical understanding, including business stakeholders, sales, engineering, and customers.
  • Demonstrated understanding of networking concepts and architecture.
  • Experience giving security recommendations and meeting with clients.
  • Familiarity with network, system, and application layer attacks and mitigations.
  • Maintain at least one (1) industry certification required to support the managed services (MS) Catalog.
    • Security+
    • Network+
    • CeH
    • CYSA+
  • Must be a citizen of the United States.

Additional capabilities that will differentiate you for this role:

  • Three (3) or more years of experience in a threat analyst role and/or with OSINT and threat hunting.
  • Five (5) or more years of experience in a security analyst role.
  • Two (2) years of Experience performing threat hunting across client accounts via Splunk, Microsoft Sentinel, or other SIEM
  • Demonstrated experience with security controls and frameworks and the technologies that supply these controls:
    • NIST Risk Management Framework/NIST Cyber Security Framework
    • CIA Triad
    • Identity and Access Management
    • Encryption
    • Incident Response Lifecycle
  • Experience drafting threat intelligence portions of bi-weekly and quarterly reports.
  • Maintains multiple industry certifications required to support the managed services (MS) Catalog.
    • Security+
    • Network+
    • CeH
    • CYSA+
  • Threat Intelligence Certifications:
    • The GIAC Cyber Threat Intelligence (GCTI)
    • The GIAC Defending Advanced Threats (GDAT)
    • The GIAC Enterprise Incident Response (GEIR)
  • Experience in engineering event detection & response tuning.
  • Proven ability to implement simple, scalable, testable, and maintainable detections and code.
  • Experience working in an Agile development process.
  • Experience in Security Operations Center (SOC) content development and automation implementations.

Base Salary for this role is targeted at $120,000 - $147,000 annually. *Salary based on Burlington, VT salary data. Offer is based on candidate geography. Additionally, this role is eligible for the company bonus plan at a 10% target.

NuHarbor Security hires in the following states: AZ, CO, FL, GA, ID, IL, IN, IA, MA, MD, ME, MI, MN, MO, MT, NC, NE, NH, NJ, NY, OH, OR, PA, SC, TX, UT, VT, VA, WA

The Rewards

What you can expect:

  • The engagement and support of company leadership who recognize the challenge of marketing a complex cybersecurity service in a chaotic market.
  • An organization that recognizes and rewards employee commitment and contribution to our customers’ satisfaction and success
  • Growth in your career and capabilities as you help to chart a path to improving customer interactivity and service adoption.
  • A collaborative and driven working environment in a rapidly growing company and market
  • A fun and social working environment where you are encouraged to be your true self.

 

You can also expect competitive salary and benefits, including paid time to give back in your community and generous PTO.

We are purpose driven. We, as an organization, above anything else protect the house first and then help our customers win.  If this sounds like the kind of organization you’d like to be a part of, we‘d like to hear from you.

 

AAP/EEO Statement

The Equal Employment Opportunity Policy of NuHarbor Security is to provide a fair and equal employment opportunity for all associates and job applicants regardless of race, color, religion, national origin, gender, sexual orientation, age, marital status or disability. NuHarbor Security hires and promotes individuals solely based on their qualifications for the job to be filled.

NuHarbor Security believes that employees should be provided with a working environment which enables each associate to be productive and to work to the best of his or her ability. We do not condone or tolerate an atmosphere of intimidation or harassment based on race, color, religion, national origin, gender, sexual orientation, age, marital status, or disability.  We expect and require the cooperation of all employees in maintaining a discrimination and harassment-free atmosphere.

 

NuHarbor Security
Website LinkedIn
View all jobs
Salary
$120,000 – $147,000 per year
Report this job
Apply for this job