BrooksourceRemote
Senior Security Engineer
United States of America
Contract
1 hour ago
H1B Sponsor Likely
Key skills
Cyber Threat IntelligenceThreat Intelligence PlatformsMITRE ATT&CKDiamond ModelKill ChainSIEM platformsSplunkMicrosoft SentinelSPL query languageKQL query languageSOAR platformsPython scriptingThreat huntingThreat modelingPurple team operationsPythonCommunication
About this role
Brooksource is seeking a highly skilled Senior Cybersecurity Engineer to join a cybersecurity organization focused on protecting and strengthening network resilience through advanced Cyber Threat Intelligence (CTI) capabilities. This role involves transforming raw threat data into actionable intelligence to improve detection, response, and proactive defense against adversaries.
Responsibilities:
- Research, analyze, and produce intelligence on advanced persistent threats (APTs), nation-state actors, cybercriminal groups, and emerging attack vectors
- Collect, process, and enrich threat data from OSINT, dark web sources, ISACs, government feeds, and internal telemetry
- Build and maintain threat actor profiles, TTP mappings (MITRE ATT&CK), and intelligence reports for technical and executive audiences
- Collaborate with SOC, Incident Response, Red Team, and Vulnerability Management teams to operationalize intelligence findings
- Integrate CTI feeds into SIEM, SOAR, and TIP platforms to enhance detection and reduce analyst workload
- Lead threat modeling exercises and support intelligence-driven purple team operations
- Participate in threat hunting activities to proactively identify adversary presence
- Mentor junior analysts and contribute to the maturity of CTI processes, tools, and frameworks
Requirements:
- 5+ years of experience in cybersecurity, including 2+ years in threat intelligence, threat hunting, or related disciplines
- Strong understanding of the threat landscape, including APT groups, ransomware ecosystems, and nation-state tactics
- Experience with Threat Intelligence Platforms (TIPs) such as MISP, ThreatConnect, Anomali, or similar
- Working knowledge of frameworks like MITRE ATT&CK, Diamond Model, and Kill Chain
- SIEM platforms (e.g., Splunk or similar)
- Microsoft Sentinel
- Query languages such as SPL and KQL
- SOAR platforms and automation tools
- Scripting experience (e.g., Python) for automation and enrichment
- Strong analytical and problem-solving skills
- Excellent communication skills, with the ability to translate technical insights for varied audiences