Apply on Employer Site

Galvanick · 2 months ago

Senior Threat Intelligence Automation Engineer

Seattle, WA

Full-time

Onsite

Senior Level

$100K/yr - $180K/yr

Galvanick is a startup focused on protecting the industrial world against cyber attacks through their threat detection platform. The Senior Threat Intelligence Automation Engineer will lead the company's threat intelligence program, architecting capabilities and ensuring actionable intelligence to protect critical infrastructure from sophisticated adversaries.

AnalyticsArtificial Intelligence (AI)Cloud SecurityCyber SecurityNetwork SecuritySoftware

No H1B

U.S. Citizen Only

Responsibilities

Define and implement Galvanick's comprehensive threat intelligence strategy, establishing processes for consuming, analyzing, and producing actionable intelligence specific to OT/ICS environments

Drive integration of threat intelligence sources directly into our detection engineering workflow, ensuring new detections are informed by the latest adversary tactics, techniques, and procedures

Design and define technical requirements for our threat intelligence platform and system of record, selecting and implementing tools that scale with our growth

Operationalize threat intelligence at runtime, ensuring real-time correlation between intelligence feeds and active threat detection across customer environments

Build relationships with intelligence sharing communities, government agencies, and industry partners to enhance our understanding of threats targeting critical infrastructure

Develop intelligence products and reports informing internal teams and customer decision-making. You will translate complex threat landscapes into actionable insights

Experiment with and iterate on intelligence integration methods, continuously improving how we transform raw intelligence into high-fidelity detections and hunting hypotheses

Qualification

Threat intelligence expertiseThreat intelligence platformsPython proficiencyOperational Technology knowledgeMalware investigationSoft skills

Required

Experience in threat intelligence, with deep expertise in consuming, analyzing, and operationalizing intelligence for security operations or detection engineering

Strong technical background implementing threat intelligence platforms (TIPs) and STIX/TAXII frameworks, with Python (or Go) proficiency for automating intelligence workflows

Proven ability to translate strategic intelligence requirements into technical implementations. You have experience designing and building intelligence programs from the ground up

Experience working with intelligence sharing communities, ISACs, and government intelligence sources, with an understanding of TLP and intelligence handling requirements

Demonstrated expertise investigating malware, phishing, web attacks, insider threats, and advanced persistent threats

Preferred

Experience with industrial control systems, SCADA, or operational technology environments and understanding of threats specific to critical infrastructure

Active involvement in the threat intelligence community with established relationships in industry and government intelligence circles

Published research, conference presentations, or contributions to open-source intelligence projects

Experience working in startup environments where you've had to build capabilities with limited resources while maintaining high quality standards

Numerous Detection Engineers have sent you 'Yes!' memes or outright high-fived you at various points in your career