101 to 125 of 252 Threat Intelligence Jobs

principles in the context of safety-critical systems and regulated environments. Demonstrated experience leading the development of cybersecurity assurance artefacts for certification programmes. Practical understanding of airworthiness risk modelling, threat identification, attack surface reduction, and aircraft-level threat scenarios. Ability to produce certification-ready documentation aligned to EASA/UK CAA guidance, including traceability to compliance objectives. Strong … communication and interpersonal skills, with the ability to translate complex cybersecurity concepts for engineering, safety, and programme stakeholders. Knowledge of aerospace cybersecurity policy, risk management, and threat intelligence as applied to aircraft development environments. Experience Experience in cybersecurity, with at least 5 years focused on aerospace, defence, or regulated engineering environments. Proven track record of delivering security artefacts … responding to regulatory audits, design reviews, and certification authority engagements. Understanding aircraft production and supply chain security, including configuration management, supplier assurance, and design data integrity. Exposure to digital threat modelling techniques tailored to aerospace domains (MITRE ATT&CK for ICS/Aerospace, STRIDE-LM). Ability to contribute to internal capability development, methodology refinement, and knowledge transfer across More ❯

principles in the context of safety-critical systems and regulated environments. Demonstrated experience leading the development of cybersecurity assurance artefacts for certification programmes. Practical understanding of airworthiness risk modelling, threat identification, attack surface reduction, and aircraft-level threat scenarios. Ability to produce certification-ready documentation aligned to EASA/UK CAA guidance, including traceability to compliance objectives. Strong … communication and interpersonal skills, with the ability to translate complex cybersecurity concepts for engineering, safety, and programme stakeholders. Knowledge of aerospace cybersecurity policy, risk management, and threat intelligence as applied to aircraft development environments. Experience Experience in cybersecurity, with at least 5 years focused on aerospace, defence, or regulated engineering environments. Proven track record of delivering security artefacts … responding to regulatory audits, design reviews, and certification authority engagements. Understanding aircraft production and supply chain security, including configuration management, supplier assurance, and design data integrity. Exposure to digital threat modelling techniques tailored to aerospace domains (MITRE ATT&CK for ICS/Aerospace, STRIDE-LM). Ability to contribute to internal capability development, methodology refinement, and knowledge transfer across More ❯

embedding security requirements throughout the solution lifecycle, from initial design through development, testing, and into operational deployment. Demonstrate a strong understanding of leading operational security functions, including SOC operations, threat intelligence, and vulnerability management. Experience of managing the incident response lifecycle, including triage, containment, investigation, remediation, and conducting post-incident reviews. Ability to establish and improve incident response More ❯

advancing purple team maturity, the ideal candidate will bring deep technical acumen, a transformation mindset, and a proven ability to lead and inspire high-performing teams in a dynamic, threat-informed environment. RESPONSIBILITIES Technical Leadership & Execution - Personally lead and execute advanced penetration tests, red/purple team exercises, and adversary emulation campaigns across cloud, application, and infrastructure layers. - Identify … vulnerabilities to simulate real-world attack scenarios, validate detection and response capabilities, and uncover control gaps. - Develop and maintain a Purple Team playbook tailored to business-specific technologies and threat models. - Integrate offensive findings into SOC tuning, detection engineering, and control validation workflows. Program Ownership - Own and evolve the offensive security roadmap, including internal testing services, external bug bounty … broader Cyber Transformation roadmap. Team Building & Transformation - Build and mentor a high-performing global team of offensive security engineers and red teamers. - Lead the transformation from traditional pentesting to intelligence-driven, continuous offensive security. - Foster a culture of innovation, experimentation, and continuous learning. Collaboration & Influence - Partner with Threat Intelligence, SOC, and Engineering teams to contextualize findings and More ❯

Data Intelligence (DI) is seeking a Mid/Senior VMware Engineer to join our Blue Team supporting CVN Hull, Mechanical, and Electrical (HM&E) systems virtualization. In this role, you will design, maintain, and secure advanced VMware-based infrastructure in a mission-critical, defensive cybersecurity environment, ensuring operational readiness and compliance with DoD standards. This position combines deep VMware … systems are resilient against intrusion and compliant with DoD cybersecurity requirements. - Work closely with cybersecurity teams to integrate monitoring, logging, and security controls into the VMware architecture to support threat detection and response. - Contribute to secure configuration guides, operational manuals, and provide training to users and administrators on virtualization security best practices. - Participate in release planning and change management … experience in all of the following skillsets/disciplines: - System Hardening - Networking and Virtualization - DoD cybersecurity policies and security tools - Frameworks such as MITRE ATT&CK and MITRE D3FEND - Threat Intelligence and identifying emerging potential threats - Performing vulnerability assessments with the Assured Compliance Assessment Solution tool - Remediating vulnerability findings to include implementing vendor patches on both Linux and More ❯

What you’ll be doing Leading investigations into escalated security events and incidents Driving containment, remediation, and root-cause analysis for major incidents Performing malware analysis, reverse engineering, and threat hunting Developing and optimising SIEM use cases (Splunk, QRadar) Shaping SOC runbooks, playbooks, and incident response procedures Supporting client stakeholders with incident reporting and recommendations Staying ahead of emerging … threats and integrating threat intelligence Acting as an escalation point and guiding L1/L2 analysts What we’re looking for 2–5 years in cyber security, ideally SOC or incident response Strong experience with Splunk and/or QRadar (other SIEMs considered) Good understanding of incident response, DFIR, malware analysis Knowledge of network traffic flows, vulnerability management More ❯

IT, engineering, and business teams to ensure swift containment and recovery. Review and tune security alerts with the MDR provider, refining detection rules to minimize false positives and improve threat identification accuracy. Develop, track, and report on key MDR performance indicators (KPIs) to leadership, highlighting trends and the effectiveness of security operations. Maintain and evolve our security incident response … responding to complex security incidents. Hands-on experience with SIEM platforms (e.g., Splunk, Sentinel, QRadar). Ability to query data, analyze logs, and understand how data sources feed into threat detection. Strong knowledge of EDR tools (e.g., CrowdStrike, SentinelOne, Carbon Black) and their role in detecting and responding to threats on endpoints. Solid understanding of network protocols, firewalls, intrusion …/prevention systems (IDS/IPS), and network traffic analysis. Familiarity with security principles and services in major cloud environments (AWS, Azure, GCP). Ability to consume and apply threat intelligence to proactively improve security controls and detection mechanisms. Experience with MacOS desired. Experience with web3 environments desired. Must be able to articulate complex technical concepts to both More ❯

during live security incidents Improving detection rules, playbooks, and tooling with MITRE ATT&CK-driven enhancements Producing clear incident reports for both technical and non-technical audiences Contributing to threat intelligence initiatives Staying ahead of the curve on emerging threats, tactics, and techniques To secure this SOC role: Proven experience in a Security Operations Centre (SOC) environment Hands … on knowledge of SIEM tools (Microsoft Sentinel, Splunk, etc.) Familiarity with MITRE ATT&CK and threat detection methodologies Strong analytical mindset with log, endpoint, and network analysis skills Understanding of network protocols (TCP/IP, DNS, HTTP, SMTP) Awareness of enterprise security architecture: firewalls, AV, VPNs, IDS/IPS Eligible for DV Clearance – British citizens who have resided in More ❯

and supporting remediation where required. Track and manage penetration testing programs. Investigate and respond to security breaches and incidents. Supporting the administration of email and web gateways Develop our threat intelligence and provide monitoring of external information sources to make recommendations on latest security threats and vulnerabilities that affect our technical estate Collaborate with IT and other departments … risk management tools and techniques ·A passion for cyber security and active interest in technology Experience of Information Security standards and frameworks Awareness and understanding of the Information Security threat landscape Understanding of Information Security solutions e.g. email/web gateways, SIEM, Endpoint protection etc. Knowledge/experience working with next gen security solutions Awareness of Cloud security solutions More ❯

Essential Job Duties Provide systems engineering/cybersecurity support to weapons and space cybersecurity assessments Agnostic of threat, help translate adversarial mindset, threat intelligence into actionable mitigations within possible areas of CNO and CND (Computer Network Defense), System design, Network architecture/administration, Continuity of Operations. Evaluate different vulnerability findings and determine conceptual mitigations/next steps … gap between technical and non-technical understanding of threats/vulnerabilities Ensure that evaluation/mitigation techniques are technically sound. Ensure the technical solution articulates the mission impact and threat effectively Required Qualifications The System Engineer shall have a minimum of twelve 12 years of experience (BS in STEM related field will account for 4 years) At least three … engineering tasks Experience with Cybersecurity/System Engineering and vulnerability analysis. Experience with prioritization of vulnerabilities and understanding of mission impacts System Engineering of DoD command, control, communications and intelligence (C3I) systems Analyzing needs, deriving system level requirements, and contributing to the design, development, and implementation and maintenance of computer networks and systems Desired Qualifications Working knowledge of the More ❯

support for the detection of cyber incidents and provides recommendations on how to correct findings. This role combines the duties of an ISSO, Security Operations Center (SOC) Analyst and Threat Analyst to ensure a holistic defense against emerging threats. Performs tasks in a variety of areas to include: Serve as the ISSO in support of the ISO for assigned … scope, impact, and root cause, and recommend effective remediation strategies, based on SIEM data analysis, in accordance with SLAs and OLAs. Conduct research on the latest organization's environment threat vectors, attack methodologies, and adversarial tactics, techniques, and procedures (TTPs). Support the configuration, tuning, and optimization of security monitoring tools, including SIEM and threat detection platforms. Generate … Familiarity with (DRAGOS, Corelight, Splunk, Snort). Proficiency in analyzing security events, logs, and alerts from various security tools (e.g., SIEM, firewalls, IDS/IPS). Familiarity with CVEs, threat intelligence frameworks (e.g., MITRE ATT&CK), and vulnerability management practices. Knowledge of NETCOM policies, Cyber Tasking Orders (CTOs), and cybersecurity compliance requirements. A high-level performer with the More ❯

that matters. We're looking for a Cybersecurity Subject Matter Expert (SME) with a background in risk management, cybersecurity frameworks, and IT defense strategies to support critical government and intelligence initiatives. If you're passionate about protecting systems from evolving threats and thrive in a mission-critical, analytical, and leadership-oriented role-this opportunity is for you. RESPONSIBILITIES Conduct … Nessus, Splunk, SCAP, STIGs) Knowledge of federal cybersecurity policies and standards (e.g., FISMA, FedRAMP, NIST SP 800-53) Excellent analytical, communication, and stakeholder engagement skills Experience supporting cybersecurity for intelligence or defense systems Familiarity with cloud security, Zero Trust architecture, and endpoint protection solutions Background in incident response, penetration testing, or threat intelligence Experience implementing RMF within More ❯

develop detection signatures. Provide incident response leadership, from containment and eradication to recovery. Collaborate with cross-functional teams and external parties (forensics, law enforcement, clients). Stay current on threat intelligence and integrate insights into monitoring processes. Contribute to the creation and refinement of runbooks, playbooks, and incident response documentation. Support pre-sales activities, solution scoping, and client More ❯

develop detection signatures. Provide incident response leadership, from containment and eradication to recovery. Collaborate with cross-functional teams and external parties (forensics, law enforcement, clients). Stay current on threat intelligence and integrate insights into monitoring processes. Contribute to the creation and refinement of runbooks, playbooks, and incident response documentation. Support pre-sales activities, solution scoping, and client More ❯

develop detection signatures. Provide incident response leadership, from containment and eradication to recovery. Collaborate with cross-functional teams and external parties (forensics, law enforcement, clients). Stay current on threat intelligence and integrate insights into monitoring processes. Contribute to the creation and refinement of runbooks, playbooks, and incident response documentation. Support pre-sales activities, solution scoping, and client More ❯

develop detection signatures. Provide incident response leadership, from containment and eradication to recovery. Collaborate with cross-functional teams and external parties (forensics, law enforcement, clients). Stay current on threat intelligence and integrate insights into monitoring processes. Contribute to the creation and refinement of runbooks, playbooks, and incident response documentation. Support pre-sales activities, solution scoping, and client More ❯

role, ideally around CNI and OT, with exposure to cyber plans. Proven experience operating in a SOC or a related cyber security role. In-depth knowledge of cyber threats, threat intelligence frameworks and cyber security best practice. Strong analytical and problem-solving skills. Ability to work independently and as part of a team. Excellent communication and interpersonal skills. More ❯

role, ideally around CNI and OT, with exposure to cyber plans. Proven experience operating in a SOC or a related cyber security role. In-depth knowledge of cyber threats, threat intelligence frameworks and cyber security best practice. Strong analytical and problem-solving skills. Ability to work independently and as part of a team. Excellent communication and interpersonal skills. More ❯

materials production, collateral effects estimate, and joint planning group support Assist in the coordination of joint strategic and operational planning and execution of joint fires, targeting, capability pairing, and threat mitigation in support of the Cyber Mission Force and partner operations Provide advice to leadership on all principles of the Joint Targeting Cycle to include: Focused, Effects-Based, Interdisciplinary … and Fires in exercises Participates as Senior Fires support in exercises Develops joint targeting policies and procedures Certified Ethical Hacker (CEH) CompTIA Security+ GIAC Security Essentials (GSEC) GIAC Cyber Threat Intelligence (GCTI) GIAC Open-Source Intelligence (GOSI) GIAC Certified Intrusion Analyst (GCIA) GIAC Defending Advanced Threats (GDAT) Certified Information Systems Security Professional (CISSP More ❯

you will play a key role in enhancing cyber resilience. You'll be responsible for leveraging tools such as Microsoft Defender, Sentinel, Azure, and their SOC partner to conduct threat analysis, risk assessments, and implement effective controls. You'll support the delivery of their Cyber Security Sub Strategy in line with the Cyber Assessment Framework, and contribute to the … design and operation of threat intelligence, incident response, vulnerability management, and ethical hacking capabilities. You'll work closely with internal stakeholders and external partners to ensure compliance with ISO27001, Cyber Essentials+, and other regulatory frameworks. This role also involves reporting on cyber threats and performance using Power BI, supporting penetration testing, and contributing to the development of secure More ❯

tasks, and develop new detection content including machine learning analytics and security automation. Maintain and update SOC documentation, processes, procedures, and operational metrics/dashboard reporting. Build and enhance threat intelligence capabilities, sharing actionable insights across the organisation and wider smart energy sector. Collaborate with internal and external teams to identify opportunities for security improvements and evaluate emerging … including leading investigations in complex environments. Strong ability to work independently and collaboratively to achieve objectives. Previous experience within a Security Operations role. In-depth understanding of the cyber threat landscape, adversary tactics, and the MITRE ATT&CK framework. Knowledge of cloud environments and SaaS applications such as AWS, Azure, Office 365, and Defender. Ability to work under pressure More ❯

informing decision-making, and proactively contributing to mitigating potential threats. The success candidate will collaborate with various teams, both internal and external, to ensure a comprehensive understanding of the threat landscape and response to any incidents. Working within the security operations centre (SOC), the primary responsibility is to rapidly investigate and document cybersecurity incidents within the organisation. Key Responsibilities … the organization to respond efficiently and effectively to cyber threats. Qualifications: Proven experience operating in a SOC or a related cyber security role. In-depth knowledge of cyber threats, threat intelligence frameworks and cyber security best practice. Strong analytical and problem-solving skills. GIAC Certified Incident Handler Bachelor's or Master's degree in Cyber Security or related More ❯

informing decision-making, and proactively contributing to mitigating potential threats. The success candidate will collaborate with various teams, both internal and external, to ensure a comprehensive understanding of the threat landscape and response to any incidents. Working within the security operations centre (SOC), the primary responsibility is to rapidly investigate and document cybersecurity incidents within the organisation. Key Responsibilities … the organization to respond efficiently and effectively to cyber threats. Qualifications: Proven experience operating in a SOC or a related cyber security role. In-depth knowledge of cyber threats, threat intelligence frameworks and cyber security best practice. Strong analytical and problem-solving skills. GIAC Certified Incident Handler Bachelor's or Master's degree in Cyber Security or related More ❯

Sterling is an IT integrator that provides information technology, systems engineering and professional services to customers in the defense, intelligence, homeland security, federal civil and commercial sectors. As one of the nation's leading Value-Added Resellers (VAR) and fastest growing Systems Integrators, we have the partnerships, access to technology, training, and certifications to plan, integrate and manage large … implementations of Cortex XSOAR to automate and optimize security operations Design, develop, and maintain playbooks to automate incident response workflows and streamline security operations Integrate security tools (EDR, SIEM, threat intelligence platforms) with XSOAR Conduct detailed analysis of operational business processes to identify automation opportunities. Guide strategic planning and execution of cloud security best practices Prepare and maintain More ❯

support for the detection of cyber incidents and provides recommendations on how to correct findings. This role combines the duties of an ISSO, Security Operations Center (SOC) Analyst and Threat Analyst to ensure a holistic defense against emerging threats. Performs tasks in a variety of areas to include: Serve as the ISSO in support of the ISO for assigned … scope, impact, and root cause, and recommend effective remediation strategies, based on SIEM data analysis, in accordance with SLAs and OLAs. Conduct research on the latest organization's environment threat vectors, attack methodologies, and adversarial tactics, techniques, and procedures (TTPs). Support the configuration, tuning, and optimization of security monitoring tools, including SIEM and threat detection platforms. Generate … Familiarity with (DRAGOS, Corelight, Splunk, Snort). Proficiency in analyzing security events, logs, and alerts from various security tools (e.g., SIEM, firewalls, IDS/IPS). Familiarity with CVEs, threat intelligence frameworks (e.g., MITRE ATT&CK), and vulnerability management practices. Knowledge of NETCOM policies, Cyber Tasking Orders (CTOs), and cybersecurity compliance requirements. A high-level performer with the More ❯