Subscribe to the latest remote jobs:

Threat Intelligence and Detection Engineer

🇺🇸 United States

Manufacturing

Consulting

Management

Python

JavaScript

Rust

Backend

Cybersecurity

Threat Intelligence and Detection Engineer

from 🇺🇸 United States

At InsaneCyber,we’re focused on advancing cybersecurity for the better.We’ve developed innovative tools backed by expert support to change how organizations perform deep levelproactive and reactive analysis. We partner with our customers to providecutting-edge solutions and services to help protect our critical infrastructure and critical operations from threats – from the power grid to manufacturing. 

 

Our flagship Valkyrie and Cygnet products provide host and network analysis automation beyond the capabilities of other products on the market. Our Corvus and Aesir product lines deliver managed and professional services to help assess and fill gaps and weaknesses in the security posture of clients' security programs. 

 

It’s an exciting time for us as we continue to grow our products and services, and we needa great team in place! 

 

As we grow, we are seeking a Threat Intelligence and Detection Engineer to join our team. This role is crucial for the continued development and enhancement of our flagship products,Valkyrie and Cygnet. You will be a key player in ourprofessional services team, bringing yourexpertise and innovative thinking to advance our technology andmaintain our competitive edge in the market. 

  

Responsibilities  

  • Provide expertproactive and reactive consultancy services to clients, helping them understand and mitigate cybersecurity risks. Typical services include, but are not limitedto threat hunting, incident response, digital forensics, and architecturereviews 
  • Keep up with current and emerging threatsand develop innovative ways to implement detection of threats in Valkyrie and Cygnet with both host and networkdata 
  • Collaborate with engineering, professional services, externalcustomers and other internal and external groups toidentify, architect, develop and deliver capabilities to endusers 
  • Perform analysis and investigations, correlating events and data to detect securityincidents 
  • Participate in incident response efforts throughout the IR life cycle.  
  • Develop andmaintain security incident responseplans
  • Operationalize, monitor, and optimize security and network monitoring solutions 
  • Improve observability and monitoring of the customer environments, collaborating with internal and customer teams to enhance visibility into security events andincidents 
  • Apply working experience with protocol dissection and proprietary protocol analysis—preferably
    in the industrialspace 
  • Work with a cross-functional team to develop new detections specifically forindustrialenvironments 
  • Deliver solutions to and manage cybersecurity projects, ensuring alignment with client needs and best industrypractices 
  • Build andmaintain strong relationships with clients, acting as a trusted advisor in cybersecuritymatters 
  • Ensure the quality and timeliness ofservice delivery, adhering to project deadlines and clientexpectations 
  • Stay updated on the latest cybersecurity trends and technologies, applying this knowledge to improve servicequality


Qualifications 

  • Minimum3-5years offull-timeexperience in cybersecurity 
  • Bachelor’s orMaster’s degree in Information Technology, Cybersecurity, or a related field, or equivalent experience 
  • Experience in digital forensics, incident response, or threat hunting is aplus 
  • Experience in industrial sectors, Operational Technology (OT), Industrial Control Systems (ICS) and/or critical operations assurance is aplus  
  • Experience in a startup or rapidly growing professional services organization is aplus 
  • Working knowledge of proprietary andopen-source threat detection engines and rulesets (Suricata, Yara, Sigma, Zeek,etc.) 
  • Working experience with host and network data analysis across packet capture files, host logs, registry,memory and/or disk artifacts 
  • Working knowledge of major nation state and criminal level threats andexperience building host and network detections toidentify those threats 
  • Deep working knowledge of MITRE ATT&CK, D3FEND,or other threat modeling frameworks 
  • [Nice to Have]Proficiency in backend languages and frameworks, such as Python, JavaScript, C, Go, Rust, or similar technologies 
  • Proventrack record of successful delivery in a consulting environment 
  • Excellent client relationship management skills and the ability to explain complex technical conceptsclearly 
  • Strong communication skills, collaboration mindset, and an ability to learn quicklyrequired 

  

Benefits  

  • Competitive Base Salary
  • Equity offering subject to board approval 
  • Comprehensive medical/dental/vision/life insurance plan 
  • Retirement plan with employer match  
  • Flexible working hours and generous time-off policy  

  

InsaneCyber is proud to be an equal-opportunity employer. We celebrate diversity and strive to foster an inclusive environment for all employees. Ifyou're a visionary with a passion for pushing the boundaries of industrial cybersecurity,we'd love to hear from you.

by @maxrusakovic