126 to 150 of 296 Permanent Threat Intelligence Jobs

Job Title: Cyber Security Engineer - Senior Insider Threat Analyst Job Location: Hybrid in: Hillsboro, OR 2. Austin, TX 3. Charlotte, NC Onsite Requirements: 5+ years in Cyber Security Threat detection Security monitoring tools, SIEM platforms, and Data analysis techniques Job Description: Key Responsibilities: Monitoring and Detection: Utilize advanced monitoring tools and techniques to detect suspicious activities, anomalies, or … conducting interviews, and collaborating with relevant stakeholders. Perform in-depth analysis of security incidents to determine root causes, motives, and potential impact on the organization's operations and assets. Threat Hunting: Experience performing threat hunting in a corporate environment. Experience working with large data sets and log analysis tools. Ability to apply Cyber Threat Intelligence through … data, and operations. Develop and implement proactive strategies, policies, and controls to mitigate insider threats and minimize security risks. Reporting and Communication: Prepare detailed reports and presentations on insider threat incidents, trends, and mitigation strategies for executive management and relevant stakeholders. Communicate effectively with cross-functional teams, including IT, HR, legal, and compliance, to ensure alignment and coordination in More ❯

cFocus Software seeks a Cyber Threat Hunter (Senior) to join our program supporting US Courts in Washington, DC. This position has remote capabilities. This position requires an active Public Trust clearance and must meet 8570 requirements. Required Qualifications include: 5 years of experience performing threat hunts & incident response activities for cloud-based and non-cloud-based environments, such … as: Microsoft Azure, Microsoft O365, Microsoft Active Directory, and Zscaler 5 years of experience performing hypothesis-based threat hunt & incident response utilizing Splunk Enterprise Security. 5 years of experience collecting and analyzing data from compromised systems using EDR agents (e.g. CrowdStrike) and custom scripts (e.g. Sysmon & Auditd) 5 years of experience with the following threat hunting tools: Microsoft … Sentinel for threat hunting within Microsoft Azure; Tenable Nessus and SYN/ACK for vulnerability management; NetScout for analyzing network traffic flow; SPUR.us enrichment of addresses Mandiant Threat intel feeds Must be able to work 80% (Monday thru Thursday) onsite at AOUSC office in Washington, DC Desired Qualifications include: One of the following certifications: GIAC Certified Intrusion Analyst More ❯

cloud security, particularly Azure services and tools.* Familiarity with security frameworks such as ISO 27001, NIST, or CIS.* Knowledge of security technologies (firewalls, remote access, ZTNA).* Exposure to threat modelling and cyber threat intelligence is advantageous.Core Skills* Excellent communication and stakeholder engagement abilities.* Analytical mindset with strong problem-solving skills.* Ability to balance security priorities with … strictest confidence and we would always speak to you before discussing your CV with any potential employer. Keywords: Cyber Security, Azure Security, Cloud Security, ISO 27001, NIST, CIS, ZTNA, Threat Modelling, CISSP, CISM, CEH, Risk Management, Security Consultant, Information Security More ❯

cloud security, particularly Azure services and tools. * Familiarity with security frameworks such as ISO 27001, NIST, or CIS. * Knowledge of security technologies (firewalls, remote access, ZTNA). * Exposure to threat modelling and cyber threat intelligence is advantageous. Core Skills * Excellent communication and stakeholder engagement abilities. * Analytical mindset with strong problem-solving skills. * Ability to balance security priorities … strictest confidence and we would always speak to you before discussing your CV with any potential employer. Keywords: Cyber Security, Azure Security, Cloud Security, ISO 27001, NIST, CIS, ZTNA, Threat Modelling, CISSP, CISM, CEH, Risk Management, Security Consultant, Information Security More ❯

s team! The successful candidate will play a vital part in protecting national security infrastructure by identifying, analyzing, and responding to complex cyber threats. They will lead efforts in threat detection, packet analysis, and incident response, while mentoring junior analysts and supporting advanced defense strategies in partnership with federal stakeholders. Requirements: Active Top Secret clearance required Bachelor s degree … or related engineering field preferred; equivalent military or professional experience may be considered in lieu of degree Minimum 5+ years of hands-on experience in a SOC or cyber threat analysis role 5+ years of overall experience in cybersecurity or information systems environments DoD 8570 IAT II Certification required (Sec+, CISSP, GCIH, CYSA+) required Proficiency in packet analysis tools … with EDR/XDR tools, IDS/IPS, and log analysis Understanding of TAP implementations and encrypted traffic analysis In-depth understanding of cyber kill chain, attacker TTPs, and threat landscape Comfortable with Windows, Linux, and cloud security monitoring environments Preferred: One of more additional certification is preferred: GIAC Certified Intrusion Analyst (GCIA), GIAC Certified Incident Handler (GCIH), GIAC More ❯

Sphinx support a multitude of mission areas on behalf of our public and private sector clients. This may include supporting national security missions to identify, neutralize, and exploit foreign intelligence cyber actors or detecting and defending critical infrastructure from cyber criminals and ransomware campaigns. The roles and responsibilities of the Cyber Analyst can vary depending upon the mission they … are supporting and the objectives of our customers. Common responsibilities include the identification, aggregation, and dissemination of Indicators of Compromise (IoCs) associated with specific Advanced Persistent Threat actors, All-Source intelligence analysis to support cyber threat intelligence production, analysis of network traffic and/or log data to document adversary actions on the objectives, and a …/SCI security clearance and be able to obtain a CI polygraph after hire Years of Experience: Must have at least 10+ years of experience providing performing All-Source Intelligence and/or Cyber analysis. Other forms of technical analysis experience will be individually evaluated Technical Certification: Possess industry recognized technical certifications relevant to the field of Cyber Analysis More ❯

Principal Incident Response Consultant – Cybersecurity/DFIR/Threat Hunting Location: UK wide – Remote Salary - £85,000 - £110,000 + excellent benefits Clearance - DV clearance required We’re seeking a Principal Incident Response Consultant to join our client’s elite cybersecurity and digital forensics team. This is a client-facing role where you’ll lead DFIR (Digital Forensics & Incident … Response) investigations, guide executives through cyber incidents, and help organisations strengthen their threat detection, response, and resilience. If you’re an expert in incident response, threat hunting, and forensic analysis and thrive under pressure, this is your opportunity to work on some of the UK’s most significant cyber cases. Key Responsibilities Incident Response Leadership: Take charge of … from breach triage and containment to full recovery. Client Engagement: Act as a trusted advisor to CISOs, boards, and regulators, providing executive-level briefings during and after incidents. Forensics & Threat Hunting: Conduct advanced forensic investigations across endpoints, servers, networks, cloud platforms, and SaaS. Adversary Analysis: Use threat intelligence and MITRE ATT&CK to attribute attacks and inform More ❯

each fiscal year. The operation of existing applications and new application initiatives are critical to the success of the FBI mission. Additionally, thousands of personnel in the law enforcement, intelligence, legal, and administrative communities use these services daily to perform mission-critical work. These applications require responsive, effective, and specialized technical expertise to limit disruption to FBI operations. THIS … Security documentation and reporting Experience with security monitoring and incident response Understanding of network security principles Senior-Level Advanced proficiency with: Advanced security certifications (CISSP, GIAC, or equivalent) preferred Threat hunting methodologies Advanced persistent threat (APT) detection Complex security incident investigation Advanced digital forensics Security architecture assessment Penetration testing techniques Security automation and orchestration Threat intelligence More ❯

Security policies and directives. Develop and implement cybersecurity strategies, frameworks, and policies to enhance the security posture of critical systems. Oversee security risk assessments, vulnerability management, incident response, and threat intelligence activities. Provide guidance and mentorship to cybersecurity engineers and analysts. Lead security architecture reviews and technical assessments to identify and mitigate risks. Collaborate with stakeholders to ensure More ❯

and triage escalated security incidents; conduct in-depth investigations. Respond to and contain security incidents, ensuring proper escalation when necessary. Perform root cause analysis and recommend mitigation strategies. Support threat hunting activities and proactive identification of risks. Develop and tune correlation rules, alerts, and dashboards. Document incidents, investigations, and recommendations in ticketing systems. Collaborate with IT, engineering, and business … units to ensure security best practices. Mentor and assist Tier 1 analysts with complex investigations. Serve as a subject matter expert by investigating and presenting intelligence on the latest cyber threats, vulnerabilities, and industry best practices weekly or bi-weekly Required Skills & Experience 5+ years of experience in a Security Operations Center or similar security role. Strong analytical and … platforms: Cloud Security: Wiz, Azure Defender for Cloud, AWS Security Hub, related cloud native security tools Vulnerability Management: Tenable SIEM & Monitoring: Splunk, Microsoft Sentinel, Amazon CloudWatch, AWS CloudTrail EDR & Threat Protection: Microsoft Defender for Cloud, Microsoft Defender for Endpoint, Cisco AMP Identity & Access: Microsoft Defender for Identity, Azure Active Directory Data Loss Prevention: Code42, O365 DLP Familiarity with Microsoft More ❯

and play a pivotal role in enhancing cyber defence capabilities. This position offers the opportunity to work on cutting-edge security operations, with a strong focus on IBM QRadar , threat modelling, and automation. What You’ll Do Deploy, configure, and maintain IBM QRadar SIEM solutions. Onboard and normalise log sources across both cloud and on-premise environments. Develop and … optimise analytical rules for advanced threat detection and behavioural analysis. Design and implement incident response playbooks and integrate them with SOAR platforms to automate triage and response. Conduct threat modelling exercises (MITRE ATT&CK, STRIDE, Cyber Kill Chain) and translate them into actionable use cases. Perform in-depth investigations, coordinate incident response, and collaborate with threat intelligence … in SOC/NOC Environments Strong experience with SIEM - IBM QRadar . Experience with log parsing, KQL/SPL/AQL, and scripting (Python, PowerShell). Solid understanding of threat detection, incident response, vulnerability management, and penetration testing . Familiarity with frameworks such as MITRE ATT&CK, NIST, and CIS . Strong communication and presentation skills, with the ability More ❯

About Our Client Join Our Client , a fast-growing fintech innovator securing next-gen payment platforms for leading banks and startups. With a focus on AI-driven threat detection and zero-trust architecture, Our Client has been named one of Europe’s Top 50 Cybersecurity Scale-ups. Role Snapshot As an Associate Cybersecurity Analyst , you’ll be the eye … alongside world-class security engineers, hone your skills on cutting-edge tools, and shape the future of digital payments security. Your Day-to-Day Alert Triage: Analyze SIEM and threat-intelligence feeds to spot anomalies. Threat Hunting: Use forensic tools to track indicators of compromise across networks. Vulnerability Management: Run scans, prioritize remediation tasks, and validate fixes. … and DevOps teams to contain breaches. Report & Recommend: Draft concise, actionable incident summaries for executive stakeholders. Continuous Learning: Attend weekly knowledge-shares, capture insights, and contribute to our internal threat library. What You Bring Must-Haves Bachelor’s degree in Cybersecurity, Computer Science, or related field. Practical experience with at least one SIEM platform (e.g., Splunk, QRadar). Understanding More ❯

Security policies and directives. Develop and implement cybersecurity strategies, frameworks, and policies to enhance the security posture of critical systems. Oversee security risk assessments, vulnerability management, incident response, and threat intelligence activities. Provide guidance and mentorship to cybersecurity engineers and analysts. Lead security architecture reviews and technical assessments to identify and mitigate risks. Collaborate with stakeholders to ensure More ❯

product development framework (SSDF) & standards, and best practices, such as ISO 27001, NIST Cybersecurity Framework, DFARS, CMMC and GDPR. Extensive experience in independently leading security operations, including incident response, threat intelligence, vulnerability management, and security monitoring. Proficiency in security architecture design, Product security, responding to vendor questionnaire and cyber security forms, network security, cloud security, identity and access More ❯

Antonio Texas (in the office 2-days week or more) Clearance: Top Secret/SCI Position Description Purpose: The Air Force ISR Digital Infrastructure Transformation paves the way for intelligence analysts to securely harness the latest technological advancements. It is orchestrated through Data and Analytics, Sense Making/Automation, Augmentation and AI (AAA), Networks, Hybrid and Multi-Cloud, Enterprise … Services, and cybersecurity capabilities. This structure allows integration, synchronization, and coordination with the Intelligence IC, Department of Defense (DoD), and commercial partners. The AF IC's ability to advance its digital infrastructure transformation and deliver intelligence at the speed of relevance hinges on people, processes, and technology. Proactively informing and developing our digitally savvy Airmen on capability portfolio … the organization to help prepare the organization to manage its security and privacy risks using NIST 800-37 (Risk Management Framework for Information Systems and Organizations), CNSS instructions (CNSSI), Intelligence Community Directives (ICD), DIA guidance and DoD Secure Technical Implementation Guidance (STIG). • Experienced in identifying, analyzing, and mitigating systemic vulnerabilities for Information systems and organizations, utilizing NIST More ❯

environmental conditions or hazards. Office environment. Little physical effort required. Requirements Associate degree or higher in any field and must hold one of the following certifications: a. Open Source Intelligence (OSINT) certification b. GIAC Open Source Intelligence (GOSI) c. Certified Threat Intelligence Analyst (CTIA) d. Certified Ethical Hacker (CEH) e. EC Council Certified Network Defender (CND More ❯

Palo Alto Cortex XDR and SOAR platforms. Candidate will be responsible for designing, developing, and maintaining xSOAR playbooks, automating security workflows, and administering the xSOAR environment to enhance our threat detection and response capabilities. Required: Bachelor's degree in computer science, Cybersecurity, or a related field (or equivalent experience). 3+ years of experience in cybersecurity, with a focus … on automation and orchestration. Proven experience with Palo Alto XSOAR administration and playbook development. Hands-on experience with Palo Alto Cortex XDR for threat detection and response. Strong scripting and programming skills in Python, PowerShell, or JavaScript. Familiarity with integrating XSOAR with APIs and third-party security tools (e.g., SIEM, ticketing systems, threat intelligence platforms). Understanding … of cybersecurity concepts, including incident response, threat hunting, and security operations. Excellent problem-solving skills and ability to work in a fast-paced environment. Strong communication skills to collaborate with technical and non-technical stakeholders. Qualified candidates should APPLY NOW for immediate consideration! Please hit APPLY to provide the required information, and we will be back in touch as More ❯

occurred. Responsibilities • Support SOC team in operating and performing duties in a Security Operations Center (SOC) to provide a secure environment that facilitates monitoring, incident response, malware analysis, and threat hunting activities. • Develop and utilize analytics on the security information and event management (SIEM) platform to monitor for security alerts and coordinate vulnerability assessments and artifact collection across servers …/S, DNS, SSH, SMTP, SMB), and experience with tools like Palo Alto, Elastic SIEM, Cribl, Splunk, VMware, Security Center. • Capable of attack reconstruction based on network traffic, integrating Threat Intelligence, and familiar with MITRE ATT&CK framework, with the ability to collaborate effectively across multiple locations. Desired Skill sets • Knowledge of Operational Technology (OT) or Industrial Control More ❯

occurred. Responsibilities • Support SOC team in operating and performing duties in a Security Operations Center (SOC) to provide a secure environment that facilitates monitoring, incident response, malware analysis, and threat hunting activities. • Develop and utilize analytics on the security information and event management (SIEM) platform to monitor for security alerts and coordinate vulnerability assessments and artifact collection across servers …/S, DNS, SSH, SMTP, SMB), and experience with tools like Palo Alto, Elastic SIEM, Cribl, Splunk, VMware, Security Center. • Capable of attack reconstruction based on network traffic, integrating Threat Intelligence, and familiar with MITRE ATT&CK framework, with the ability to collaborate effectively across multiple locations. Desired Skill sets • Knowledge of Operational Technology (OT) or Industrial Control More ❯

occurred. Responsibilities • Support SOC team in operating and performing duties in a Security Operations Center (SOC) to provide a secure environment that facilitates monitoring, incident response, malware analysis, and threat hunting activities. • Develop and utilize analytics on the security information and event management (SIEM) platform to monitor for security alerts and coordinate vulnerability assessments and artifact collection across servers …/S, DNS, SSH, SMTP, SMB), and experience with tools like Palo Alto, Elastic SIEM, Cribl, Splunk, VMware, Security Center. • Capable of attack reconstruction based on network traffic, integrating Threat Intelligence, and familiar with MITRE ATT&CK framework, with the ability to collaborate effectively across multiple locations. Desired Skill sets • Knowledge of Operational Technology (OT) or Industrial Control More ❯

Experience with online course platforms and virtual learning environments is a plus. Technical Proficiency: Proficient in cybersecurity tools and technologies such as firewalls, IDS/IPS, network monitoring tools, threat intelligence platforms, and security protocols. Skills and Expectations: Technical Expertise In-depth knowledge of cybersecurity frameworks, tools, and protocols. Practical experience with penetration testing, vulnerability assessments, and security More ❯

Job overview: This is an opportunity to lead global Security Operations focused on safeguarding Arm's digital environment through exemplary threat detection, incident response, and vulnerability management capabilities. This senior role, reporting directly into the CISO is accountable for driving the strategic direction of Arm's Detect & Response function, delivering outstanding performance and ensuring we are resilient against an … evolving threat landscape! In addition to operations, you will lead cyber crisis management, C-Suite level stress testing, team development, and top-level cybersecurity thought leadership. Responsibilities: Own and deliver the strategic roadmap for cyber incident and vulnerability detection & response in line with Arm's threat profile and business objectives. You will guide and develop a high-performing … team, driven with context of emerging threats and strategic objectives. Ensure Threat Intelligence, Proactive Security Testing and Security Analytics functions develop under your leadership to deliver maximum context into the operational team, as well as enabling real time risk validation and actionable security insights. Continue delivering automation and detection as code for security operations, enabling increased scalability and More ❯

at Two Circles, you play a key role in keeping our systems, people and data safe from external and internal threats by focusing on incident detection, response and remediation; threat hunting; security monitoring; continual improvement and providing technical assurance for solution design and changes. This will include maintaining and improving our security posture in tandem with GRC practices and … their alignment with our security approach and requirements. Internally, you will be responsible for our Security Operations activities with our operational team and external partners, including Incident Response and Threat Intelligence, to ensure these are executed consistently to our standards, as well as supporting Continual Security Improvement and being the Tech Ops representative in the GRC working group. … key part in aligning on best practice, and delivering improvements in our security posture. Key Responsibilities Assuring day-to-day execution of operational security tasks across multiple areas including threat and vulnerability management, anti-virus management, security monitoring etc. Helping design and deliver improved security tooling across all areas of cyber security (DR design and testing, End user tooling More ❯

you create change in the workplace - making it better for all. Logiq Consulting are Cyber Security and Information Assurance experts. We specialise in providing leading edge consultancy to high-threat clients, as well as delivering a range of security services and products throughout the Private and The Role: An increase in clients across our Managed Services, along with the … Promote and evolve the clients Security Operations Centre (SOC), make recommendations for playbooks, processes and procedures, and assist in further integrating monitoring capabilities to enhance the SOC function. Utilise threat intelligence feeds and software vulnerability management tools to identify and respond to emerging threats and vulnerabilities in company IT systems. Review configuration dashboards, identifying deployment issues and misconfigurations … risks regarding further potential treatment/mitigation options. Essential Skills: Experience in operating SIEM tools and vulnerability management software and being able to interpret and prioritise alerts, incidents and threat intelligence. You will also hold DV Clearance and be a sole UK National. Desirable Skills: To support the requirements of this role an awareness of national and international standards More ❯

infections, and other suspicious behavior. • Maintain detailed documentation of incidents, findings, and response actions. • Collaborate with cross-functional teams including IT, compliance, and engineering to strengthen security posture. • Utilize threat intelligence feeds to contextualize events and support proactive defense strategies. • Assist in developing and refining incident response procedures and SOC playbooks. • Support vulnerability assessments and remediation tracking. • Maintain … Preferred Qualifications: • Security+ CE, CEH, or other relevant DoD 8570 certifications (required for some roles) • Experience supporting federal contracts or working in classified environments • Knowledge of MITRE ATT&CK, threat hunting techniques, and forensic analysis • Familiarity with ticketing systems, report writing, and compliance documentation Work Schedule & Environment: • This role may require shift work to support 24/7 operations More ❯