Covenant HealthRemote
Principal Cyber Threat Intelligence Engineer IS, Remote
United States of America
Full-time
2 weeks ago
H1B Sponsor
Key skills
Cyber Threat IntelligenceCISSPMITRE ATT&CKHealthcare CybersecurityMalware AnalysisSecurity Controls DesignSoft SkillsAIMachine Learning
About this role
Covenant Health is a comprehensive healthcare organization that focuses on patient-centered care. They are seeking a Principal Cyber Threat Intelligence Engineer to lead efforts in identifying and neutralizing cyber threats while supporting the Global Security Operations Center and informing risk strategies.
Responsibilities:
- Conduct in-depth analysis and research on cyber threats, including identifying threat actors, their motivations, tactics, techniques, and procedures (TTPs), and providing insights on their potential impact on the organization
- Prepare and deliver well researched, impactful analytic findings that combine self-driven research and findings from team threat hunting efforts to convey cyber threat risk and impact, tailored appropriately to technical and non-technical stakeholders, including executives
- Serve as a mentor to teammates for leveraging advanced analytic toolsets such as Structured Analytic Techniques
- Ability to classify, categorize, and analyze malware and threats. Translate this into actionable detections using frameworks such as MITRE ATT&CK
- Maintain strong breadth and depth of knowledge about the healthcare industry threat landscape, including threat actors, malware, hacking techniques, emerging threats, and trends that may impact the organization
- Collaborate with internal teams to provide timely and actionable intelligence, aligned with operational needs, that support CTI, CIRT, Attack Surface Management, and other cybersecurity initiatives
- Develop and maintain threat profiles with tactical intelligence to enhance detection engineering and threat hunting operations
- Perform root cause analysis and provide recommendations for proactive measures to help prevent cyber intrusions
- Continuously update and refine existing threat intelligence processes and methodologies to ensure the organization remains at the forefront of cyber defense
- Stay informed about the latest trends, tools, and techniques in the field of threat intelligence and incorporate best practices into daily operations
- Monitor and assess emerging technologies, such as AI and machine learning capabilities to augment and enhance threat detection, triage, and analysis
Requirements:
- Bachelor's Degree in Computer Engineering, Computer Science, Mathematics, Engineering -OR- a combination of equivalent education / experience
- Upon Hire: CISSP, CEH, or an equivalent certification
- 8 or more years of related experience
- Experience designing security controls and countermeasures for operating systems, databases, applications, Web services, user devices, and wireless networks
- Master's Degree in Computer Engineering, Computer Science, Mathematics, Engineering
- Experience in a Healthcare environment
- 8 or more years of cyber threat intelligence analysis experience
- Experience conducting in-depth analysis and research on cyber threats, including identifying threat actors' motivations, intent, and TTPs
- Skilled in correlating intelligence from multiple sources to assess potential organizational impact
- Familiarity with reverse engineering and categorizing malware
- Strong knowledge of healthcare cybersecurity risks, including ransomware, phishing, and supply chain vulnerabilities
- Demonstrated experience applying frameworks such as MITRE ATT&CK, Cyber Kill Chain, Diamond Model of Intrusion Analysis, others
- Experience working cross-functionally with CIRT/IR teams, vulnerability management, and SOC operations teams
- Experience working with insider threat teams a plus
- Capability to develop threat profiles and integrate tactical intelligence into detection rules
- Ability to influence risk-based decision-making with clear, concise reporting