CVS HealthRemote
Staff Threat Researcher and Intelligence Engineer
United States of America
Full Time
2 weeks ago
$130,000 - $261,000 USD
H1B Sponsor Likely
Key skills
PythonGoPowerShellMachine LearningAnalyticsLeadershipCollaboration
About this role
CVS Health is a leading healthcare company dedicated to delivering a compassionate health experience. They are seeking a Staff Threat Researcher and Intelligence Engineer to lead advanced research initiatives in cyber threat intelligence, focusing on identifying and mitigating sophisticated cyber threats through innovative solutions and collaboration with the intelligence community.
Responsibilities:
- Lead the design and development of advanced threat research platforms and prototypes, focusing on automation and scalable intelligence workflows
- Architect and code solutions for collecting, processing, and analyzing diverse threat data sources, including telemetry, commercial feeds, and OSINT
- Conduct in-depth research on emerging threat actors, tactics, techniques, and procedures (TTPs), including dark net intelligence gathering, and produce actionable reports for stakeholders
- Engineer and automate the intelligence cycle, continuously improving processes for detection, alerting, and incident enrichment using SIEM, SOAR, and EDR technologies
- Mentor and guide team members in advanced coding practices, threat research methodologies, and engineering best practices
- Develop and present technical briefings, research papers, and position documents to executive leadership and external partners
Requirements:
- 7+ years of experience in threat intelligence research, including advanced collection and analysis methodologies, threat actor profiling, and MITRE ATT&CK techniques
- 7+ years of experience in SIEM, SOAR, and EDR tools, both open source and commercial
- 6+ years of experience in scripting and programming languages (e.g., Python, PowerShell, Go) for automating threat intelligence workflows and building research tools
- 5+ years of experience architecting and coding threat intelligence platforms and research environments
- 5+ years of experience in engineering solutions for large-scale data analysis, including security logs, product telemetry, and open-source intelligence
- 3+ years of experience in producing and presenting high-impact threat research reports and technical briefings to diverse audiences
- Experience leading the development and automation of threat intelligence and research platforms at scale
- Subject matter expertise in retail and healthcare threat intelligence, with a focus on coding and research innovation
- Advanced experience in dark net intelligence collection, threat actor research, and prototype development for new detection capabilities
- Demonstrated ability to produce and present high-impact threat research reports and technical briefings to diverse audiences
- Deep familiarity with SIEM, SOAR, and EDR tools, both open source and commercial
- Proficiency in applying machine learning techniques to threat research, including experience with model development, feature engineering, and deployment for security analytics and anomaly detection