76 to 100 of 233 Permanent Threat Intelligence Jobs

each fiscal year. The operation of existing applications and new application initiatives are critical to the success of the FBI mission. Additionally, thousands of personnel in the law enforcement, intelligence, legal, and administrative communities use these services daily to perform mission-critical work. These applications require responsive, effective, and specialized technical expertise to limit disruption to FBI operations. THIS … Security documentation and reporting Experience with security monitoring and incident response Understanding of network security principles Senior-Level Advanced proficiency with: Advanced security certifications (CISSP, GIAC, or equivalent) preferred Threat hunting methodologies Advanced persistent threat (APT) detection Complex security incident investigation Advanced digital forensics Security architecture assessment Penetration testing techniques Security automation and orchestration Threat intelligence More ❯

events using various tools, investigate potential incidents, and act as the primary escalation point for tier 1 Incident response: execute incident response procedures, coordinate with stakeholders, and minimize downtime Threat hunting: proactively search for advanced threats, utilize threat intelligence, and assist in implementing threat signatures Detection engineering: develop and maintain detection rules, research emerging threats, and … to deliverables and performance metrics where applicable Consult on IT and cyber defensive architecture and technologies Assess assigned cyber key terrain to thoroughly understand the mission, architecture and associated threat Advise on technical design and implementation of DCO capabilities required to effectively protect, detect and respond to cyber threats and attacks Research cyber defense technologies for best fit based … on mission, architecture and current threat Design, implement, configure and/or tune cyber defensive technology Author documentation to include SOPs, checklists, implementation guides, architecture diagrams, crew binders, etc. to support DCO Adapt technologies to meet the mission architecture and threat Requirements Need to have L2 security analyst experience More ❯

Security policies and directives. Develop and implement cybersecurity strategies, frameworks, and policies to enhance the security posture of critical systems. Oversee security risk assessments, vulnerability management, incident response, and threat intelligence activities. Provide guidance and mentorship to cybersecurity engineers and analysts. Lead security architecture reviews and technical assessments to identify and mitigate risks. Collaborate with stakeholders to ensure More ❯

and triage escalated security incidents; conduct in-depth investigations. Respond to and contain security incidents, ensuring proper escalation when necessary. Perform root cause analysis and recommend mitigation strategies. Support threat hunting activities and proactive identification of risks. Develop and tune correlation rules, alerts, and dashboards. Document incidents, investigations, and recommendations in ticketing systems. Collaborate with IT, engineering, and business … units to ensure security best practices. Mentor and assist Tier 1 analysts with complex investigations. Serve as a subject matter expert by investigating and presenting intelligence on the latest cyber threats, vulnerabilities, and industry best practices weekly or bi-weekly Required Skills & Experience 5+ years of experience in a Security Operations Center or similar security role. Strong analytical and … platforms: Cloud Security: Wiz, Azure Defender for Cloud, AWS Security Hub, related cloud native security tools Vulnerability Management: Tenable SIEM & Monitoring: Splunk, Microsoft Sentinel, Amazon CloudWatch, AWS CloudTrail EDR & Threat Protection: Microsoft Defender for Cloud, Microsoft Defender for Endpoint, Cisco AMP Identity & Access: Microsoft Defender for Identity, Azure Active Directory Data Loss Prevention: Code42, O365 DLP Familiarity with Microsoft More ❯

and play a pivotal role in enhancing cyber defence capabilities. This position offers the opportunity to work on cutting-edge security operations, with a strong focus on IBM QRadar , threat modelling, and automation. What You’ll Do Deploy, configure, and maintain IBM QRadar SIEM solutions. Onboard and normalise log sources across both cloud and on-premise environments. Develop and … optimise analytical rules for advanced threat detection and behavioural analysis. Design and implement incident response playbooks and integrate them with SOAR platforms to automate triage and response. Conduct threat modelling exercises (MITRE ATT&CK, STRIDE, Cyber Kill Chain) and translate them into actionable use cases. Perform in-depth investigations, coordinate incident response, and collaborate with threat intelligence … in SOC/NOC Environments Strong experience with SIEM - IBM QRadar . Experience with log parsing, KQL/SPL/AQL, and scripting (Python, PowerShell). Solid understanding of threat detection, incident response, vulnerability management, and penetration testing . Familiarity with frameworks such as MITRE ATT&CK, NIST, and CIS . Strong communication and presentation skills, with the ability More ❯

About Our Client Join Our Client , a fast-growing fintech innovator securing next-gen payment platforms for leading banks and startups. With a focus on AI-driven threat detection and zero-trust architecture, Our Client has been named one of Europe’s Top 50 Cybersecurity Scale-ups. Role Snapshot As an Associate Cybersecurity Analyst , you’ll be the eye … alongside world-class security engineers, hone your skills on cutting-edge tools, and shape the future of digital payments security. Your Day-to-Day Alert Triage: Analyze SIEM and threat-intelligence feeds to spot anomalies. Threat Hunting: Use forensic tools to track indicators of compromise across networks. Vulnerability Management: Run scans, prioritize remediation tasks, and validate fixes. … and DevOps teams to contain breaches. Report & Recommend: Draft concise, actionable incident summaries for executive stakeholders. Continuous Learning: Attend weekly knowledge-shares, capture insights, and contribute to our internal threat library. What You Bring Must-Haves Bachelor’s degree in Cybersecurity, Computer Science, or related field. Practical experience with at least one SIEM platform (e.g., Splunk, QRadar). Understanding More ❯

Security policies and directives. Develop and implement cybersecurity strategies, frameworks, and policies to enhance the security posture of critical systems. Oversee security risk assessments, vulnerability management, incident response, and threat intelligence activities. Provide guidance and mentorship to cybersecurity engineers and analysts. Lead security architecture reviews and technical assessments to identify and mitigate risks. Collaborate with stakeholders to ensure More ❯

Security policies and directives. Develop and implement cybersecurity strategies, frameworks, and policies to enhance the security posture of critical systems. Oversee security risk assessments, vulnerability management, incident response, and threat intelligence activities. Provide guidance and mentorship to cybersecurity engineers and analysts. Lead security architecture reviews and technical assessments to identify and mitigate risks. Collaborate with stakeholders to ensure More ❯

product development framework (SSDF) & standards, and best practices, such as ISO 27001, NIST Cybersecurity Framework, DFARS, CMMC and GDPR. Extensive experience in independently leading security operations, including incident response, threat intelligence, vulnerability management, and security monitoring. Proficiency in security architecture design, Product security, responding to vendor questionnaire and cyber security forms, network security, cloud security, identity and access More ❯

Antonio Texas (in the office 2-days week or more) Clearance: Top Secret/SCI Position Description Purpose: The Air Force ISR Digital Infrastructure Transformation paves the way for intelligence analysts to securely harness the latest technological advancements. It is orchestrated through Data and Analytics, Sense Making/Automation, Augmentation and AI (AAA), Networks, Hybrid and Multi-Cloud, Enterprise … Services, and cybersecurity capabilities. This structure allows integration, synchronization, and coordination with the Intelligence IC, Department of Defense (DoD), and commercial partners. The AF IC's ability to advance its digital infrastructure transformation and deliver intelligence at the speed of relevance hinges on people, processes, and technology. Proactively informing and developing our digitally savvy Airmen on capability portfolio … the organization to help prepare the organization to manage its security and privacy risks using NIST 800-37 (Risk Management Framework for Information Systems and Organizations), CNSS instructions (CNSSI), Intelligence Community Directives (ICD), DIA guidance and DoD Secure Technical Implementation Guidance (STIG). • Experienced in identifying, analyzing, and mitigating systemic vulnerabilities for Information systems and organizations, utilizing NIST More ❯

environmental conditions or hazards. Office environment. Little physical effort required. Requirements Associate degree or higher in any field and must hold one of the following certifications: a. Open Source Intelligence (OSINT) certification b. GIAC Open Source Intelligence (GOSI) c. Certified Threat Intelligence Analyst (CTIA) d. Certified Ethical Hacker (CEH) e. EC Council Certified Network Defender (CND More ❯

Palo Alto Cortex XDR and SOAR platforms. Candidate will be responsible for designing, developing, and maintaining xSOAR playbooks, automating security workflows, and administering the xSOAR environment to enhance our threat detection and response capabilities. Required: Bachelor's degree in computer science, Cybersecurity, or a related field (or equivalent experience). 3+ years of experience in cybersecurity, with a focus … on automation and orchestration. Proven experience with Palo Alto XSOAR administration and playbook development. Hands-on experience with Palo Alto Cortex XDR for threat detection and response. Strong scripting and programming skills in Python, PowerShell, or JavaScript. Familiarity with integrating XSOAR with APIs and third-party security tools (e.g., SIEM, ticketing systems, threat intelligence platforms). Understanding … of cybersecurity concepts, including incident response, threat hunting, and security operations. Excellent problem-solving skills and ability to work in a fast-paced environment. Strong communication skills to collaborate with technical and non-technical stakeholders. Qualified candidates should APPLY NOW for immediate consideration! Please hit APPLY to provide the required information, and we will be back in touch as More ❯

occurred. Responsibilities • Support SOC team in operating and performing duties in a Security Operations Center (SOC) to provide a secure environment that facilitates monitoring, incident response, malware analysis, and threat hunting activities. • Develop and utilize analytics on the security information and event management (SIEM) platform to monitor for security alerts and coordinate vulnerability assessments and artifact collection across servers …/S, DNS, SSH, SMTP, SMB), and experience with tools like Palo Alto, Elastic SIEM, Cribl, Splunk, VMware, Security Center. • Capable of attack reconstruction based on network traffic, integrating Threat Intelligence, and familiar with MITRE ATT&CK framework, with the ability to collaborate effectively across multiple locations. Desired Skill sets • Knowledge of Operational Technology (OT) or Industrial Control More ❯

occurred. Responsibilities • Support SOC team in operating and performing duties in a Security Operations Center (SOC) to provide a secure environment that facilitates monitoring, incident response, malware analysis, and threat hunting activities. • Develop and utilize analytics on the security information and event management (SIEM) platform to monitor for security alerts and coordinate vulnerability assessments and artifact collection across servers …/S, DNS, SSH, SMTP, SMB), and experience with tools like Palo Alto, Elastic SIEM, Cribl, Splunk, VMware, Security Center. • Capable of attack reconstruction based on network traffic, integrating Threat Intelligence, and familiar with MITRE ATT&CK framework, with the ability to collaborate effectively across multiple locations. Desired Skill sets • Knowledge of Operational Technology (OT) or Industrial Control More ❯

occurred. Responsibilities • Support SOC team in operating and performing duties in a Security Operations Center (SOC) to provide a secure environment that facilitates monitoring, incident response, malware analysis, and threat hunting activities. • Develop and utilize analytics on the security information and event management (SIEM) platform to monitor for security alerts and coordinate vulnerability assessments and artifact collection across servers …/S, DNS, SSH, SMTP, SMB), and experience with tools like Palo Alto, Elastic SIEM, Cribl, Splunk, VMware, Security Center. • Capable of attack reconstruction based on network traffic, integrating Threat Intelligence, and familiar with MITRE ATT&CK framework, with the ability to collaborate effectively across multiple locations. Desired Skill sets • Knowledge of Operational Technology (OT) or Industrial Control More ❯

Experience with online course platforms and virtual learning environments is a plus. Technical Proficiency: Proficient in cybersecurity tools and technologies such as firewalls, IDS/IPS, network monitoring tools, threat intelligence platforms, and security protocols. Skills and Expectations: Technical Expertise In-depth knowledge of cybersecurity frameworks, tools, and protocols. Practical experience with penetration testing, vulnerability assessments, and security More ❯

Job overview: This is an opportunity to lead global Security Operations focused on safeguarding Arm's digital environment through exemplary threat detection, incident response, and vulnerability management capabilities. This senior role, reporting directly into the CISO is accountable for driving the strategic direction of Arm's Detect & Response function, delivering outstanding performance and ensuring we are resilient against an … evolving threat landscape! In addition to operations, you will lead cyber crisis management, C-Suite level stress testing, team development, and top-level cybersecurity thought leadership. Responsibilities: Own and deliver the strategic roadmap for cyber incident and vulnerability detection & response in line with Arm's threat profile and business objectives. You will guide and develop a high-performing … team, driven with context of emerging threats and strategic objectives. Ensure Threat Intelligence, Proactive Security Testing and Security Analytics functions develop under your leadership to deliver maximum context into the operational team, as well as enabling real time risk validation and actionable security insights. Continue delivering automation and detection as code for security operations, enabling increased scalability and More ❯

at Two Circles, you play a key role in keeping our systems, people and data safe from external and internal threats by focusing on incident detection, response and remediation; threat hunting; security monitoring; continual improvement and providing technical assurance for solution design and changes. This will include maintaining and improving our security posture in tandem with GRC practices and … their alignment with our security approach and requirements. Internally, you will be responsible for our Security Operations activities with our operational team and external partners, including Incident Response and Threat Intelligence, to ensure these are executed consistently to our standards, as well as supporting Continual Security Improvement and being the Tech Ops representative in the GRC working group. … key part in aligning on best practice, and delivering improvements in our security posture. Key Responsibilities Assuring day-to-day execution of operational security tasks across multiple areas including threat and vulnerability management, anti-virus management, security monitoring etc. Helping design and deliver improved security tooling across all areas of cyber security (DR design and testing, End user tooling More ❯

you create change in the workplace - making it better for all. Logiq Consulting are Cyber Security and Information Assurance experts. We specialise in providing leading edge consultancy to high-threat clients, as well as delivering a range of security services and products throughout the Private and The Role: An increase in clients across our Managed Services, along with the … Promote and evolve the clients Security Operations Centre (SOC), make recommendations for playbooks, processes and procedures, and assist in further integrating monitoring capabilities to enhance the SOC function. Utilise threat intelligence feeds and software vulnerability management tools to identify and respond to emerging threats and vulnerabilities in company IT systems. Review configuration dashboards, identifying deployment issues and misconfigurations … risks regarding further potential treatment/mitigation options. Essential Skills: Experience in operating SIEM tools and vulnerability management software and being able to interpret and prioritise alerts, incidents and threat intelligence. You will also hold DV Clearance and be a sole UK National. Desirable Skills: To support the requirements of this role an awareness of national and international standards More ❯

infections, and other suspicious behavior. • Maintain detailed documentation of incidents, findings, and response actions. • Collaborate with cross-functional teams including IT, compliance, and engineering to strengthen security posture. • Utilize threat intelligence feeds to contextualize events and support proactive defense strategies. • Assist in developing and refining incident response procedures and SOC playbooks. • Support vulnerability assessments and remediation tracking. • Maintain … Preferred Qualifications: • Security+ CE, CEH, or other relevant DoD 8570 certifications (required for some roles) • Experience supporting federal contracts or working in classified environments • Knowledge of MITRE ATT&CK, threat hunting techniques, and forensic analysis • Familiarity with ticketing systems, report writing, and compliance documentation Work Schedule & Environment: • This role may require shift work to support 24/7 operations More ❯

with internal stakeholders (Field Sales, Marketing, Sales Operations, etc.) and leverage strategic regional partners to maximize growth, expand reach, and ensure flawless execution. Strategic Forecasting & Reporting: Maintain precise account intelligence and provide accurate forecasts of business opportunities in SFDC to inform strategic decisions for sales and executive leadership. Qualifications Your Experience We are seeking a highly accomplished and results … years of experience selling complex Security solutions or services, including a profound understanding and proven success in: Offensive Security Services Incident Response Retainers Risk Management Services SOC Assessment Services Threat Intelligence Services Channel Ecosystem Acumen: A profound understanding of global channel partners and a proven ability to strategically leverage a channel-centric go-to-market approach to drive More ❯

Overview M.C. Dean is Building Intelligence . We design, build, operate, and maintain cyber-physical solutions for the nation's most recognizable mission critical facilities, secure environments, complex infrastructure, and global enterprises. The company's capabilities include electrical, electronic security, telecommunications, life safety, automation and controls, audio visual, and IT systems. M.C. Dean is headquartered in Tysons, Virginia, and … compliance, and allow for effective and efficient execution of business functions. Provide effective leadership to identify, assess, and mitigate cybersecurity risks; exercise direct ownership of system monitoring and auditing, threat intelligence, vulnerability management, incident response, cybersecurity awareness, and other critical continuous monitoring processes. Lead investigations of computer security violations and incidents, reporting as necessary to both the Facility More ❯

principles in the context of safety-critical systems and regulated environments. Demonstrated experience leading the development of cybersecurity assurance artefacts for certification programmes. Practical understanding of airworthiness risk modelling, threat identification, attack surface reduction, and aircraft-level threat scenarios. Ability to produce certification-ready documentation aligned to EASA/UK CAA guidance, including traceability to compliance objectives. Strong … communication and interpersonal skills, with the ability to translate complex cybersecurity concepts for engineering, safety, and programme stakeholders. Knowledge of aerospace cybersecurity policy, risk management, and threat intelligence as applied to aircraft development environments. Experience Experience in cybersecurity, with at least 5 years focused on aerospace, defence, or regulated engineering environments. Proven track record of delivering security artefacts … responding to regulatory audits, design reviews, and certification authority engagements. Understanding aircraft production and supply chain security, including configuration management, supplier assurance, and design data integrity. Exposure to digital threat modelling techniques tailored to aerospace domains (MITRE ATT&CK for ICS/Aerospace, STRIDE-LM). Ability to contribute to internal capability development, methodology refinement, and knowledge transfer across More ❯

embedding security requirements throughout the solution lifecycle, from initial design through development, testing, and into operational deployment. Demonstrate a strong understanding of leading operational security functions, including SOC operations, threat intelligence, and vulnerability management. Experience of managing the incident response lifecycle, including triage, containment, investigation, remediation, and conducting post-incident reviews. Ability to establish and improve incident response More ❯

advancing purple team maturity, the ideal candidate will bring deep technical acumen, a transformation mindset, and a proven ability to lead and inspire high-performing teams in a dynamic, threat-informed environment. RESPONSIBILITIES Technical Leadership & Execution - Personally lead and execute advanced penetration tests, red/purple team exercises, and adversary emulation campaigns across cloud, application, and infrastructure layers. - Identify … vulnerabilities to simulate real-world attack scenarios, validate detection and response capabilities, and uncover control gaps. - Develop and maintain a Purple Team playbook tailored to business-specific technologies and threat models. - Integrate offensive findings into SOC tuning, detection engineering, and control validation workflows. Program Ownership - Own and evolve the offensive security roadmap, including internal testing services, external bug bounty … broader Cyber Transformation roadmap. Team Building & Transformation - Build and mentor a high-performing global team of offensive security engineers and red teamers. - Lead the transformation from traditional pentesting to intelligence-driven, continuous offensive security. - Foster a culture of innovation, experimentation, and continuous learning. Collaboration & Influence - Partner with Threat Intelligence, SOC, and Engineering teams to contextualize findings and More ❯