operationalizing the Threat Intelligence Platform (TIP)
tracking priority threats
delivering actionable, detection‑driven intelligence to security teams and leadership
identifying, analyzing, and tracking cyber threats that may impact the organization
collecting intelligence from a wide range of internal and external sources
analyzing and contextualizing threat intelligence
supporting security operations through actionable insights
monitoring and analyzing intelligence from commercial, industry, and OSINT sources
maintaining and using Threat Intelligence Platforms (TIP)
integrating intelligence across security tools
collecting, enriching, and managing actionable IOCs
providing real‑time intelligence context during investigations and incidents
responding to ad hoc and time‑sensitive intelligence requests from stakeholders
producing and delivering intelligence reports and briefings for technical and non‑technical audiences
Requirements
6+ years of experience in Cyber Threat Intelligence, SOC, Incident Response, Threat Hunting, or related cybersecurity roles
Bachelor’s degree in computer science, Information Technology, or a related field, or an equivalent combination of education and experience
Deep experience operating and optimizing industry leading Threat Intelligence Platforms (TIPs)
Proven experience leveraging commercial threat intelligence providers such as Flashpoint, Recorded Future, Intel 471, ZeroFox, or comparable services to support operational intelligence requirements
Strong mastery of the intelligence lifecycle, with demonstrated ability to operationalize intelligence from collection through dissemination and action
Advanced working knowledge of the MITRE ATT&CK framework, with experience applying it to threat analysis, detection engineering, and reporting
Demonstrated experience managing and enriching IOCs, with a focus on translating intelligence into measurable detection, blocking, and mitigation outcomes
Solid understanding of SIEM, SOAR, EDR, and case management platforms, and how intelligence integrates into and enhances investigative workflows
Experience analyzing vulnerability and exploit intelligence to assess real‑world risk, likelihood of exploitation, and potential business impact