Cloudflare · 4 hours ago
Senior Threat Intelligence Engineer
Austin, TX
Full-time
Hybrid
Mid, Senior Level
4+ years expCloudflare is a leading company on a mission to help build a better Internet. They are seeking a Senior Threat Intelligence Engineer to join their proactive security team, focusing on leveraging threat intelligence and machine learning to defend against cyber threats.
AnalyticsEnterprise SoftwareSecurityWeb Hosting
Responsibilities
Intelligence Collection & Analysis: Proactively research, collect, and analyze threat intelligence from various sources (OSINT, commercial feeds, dark web, and internal security events) to understand the current and emerging threat landscape
Machine Learning and Data Science: Design, implement, and maintain detection use cases for the entire machine learning lifecycle (data ingestion, training, deployment, and inference)
Threat Actor Profiling: Develop detailed profiles of relevant threat actors, their Tactics, Techniques, and Procedures (TTPs) using frameworks like MITRE ATT&CK , and identify potential impacts to the organization
Actionable Intelligence Dissemination: Produce and disseminate timely, relevant, and actionable intelligence reports and briefings for both technical security teams and executive leadership
IOC/IOA Management: Engineer the ingestion, enrichment, correlation, and contextualization of Indicators of Compromise (IOCs) and Indicators of Attack (IOAs) into security platforms
Automated Defense Development: Design, develop, and implement robust automation workflows and playbooks (SOAR) to streamline security operations tasks, including incident triage, alert enrichment, vulnerability management, and threat response actions
Tool Integration & Optimization: Integrate diverse security tools (e.g., SIEM, EDR, Cloud Security Posture Management, vulnerability scanners, Threat Intelligence Platforms) through APIs and scripting (primarily Python) to create seamless, automated feedback loops
Process Improvement: Identify manual, repetitive, and time-consuming security processes and engineer scalable automation solutions to increase team efficiency and operational maturity
Incident Response Support: Provide threat context to support the Incident Response team during active security incidents
Cross-Functional Partnership: Collaborate with Detection Engineers, Security Engineers, and Software Developers to embed security and intelligence-driven practices into the CI/CD pipeline and corporate infrastructure
Qualification
Required
4+ years of hands-on experience in a Security Engineering, Cyber Threat Intelligence, or Security Automation role
Strong proficiency in at least one scripting/programming language for automation (e.g., Python)
Deep understanding of the cyber kill chain, threat actor TTPs, common attack vectors, networking protocols, and operating system internals
Proven experience designing and implementing SOAR playbooks and integrating security tools via APIs
Experience working with commercial and open-source Threat Intelligence Platforms (TIPs) and threat feeds
Familiarity with security services and automation in major cloud environments (AWS, Azure, or GCP)
Preferred
Understanding of attacker Tools, Techniques and Procedures (TTPs)
Understanding of attack components
Experience threat hunting in a complex network
The ability to read an attack brief or vulnerability report and contextualize the associated risk
Experience validating vulnerability reports and providing impact analysis
Experience performing data gathering and analysis on perceived threats; generating additional contextual data that can be operationalized
Experience with common tools used within Security Operations
Experience utilizing security event information in intelligence analysis
Ability to navigate ambiguity, and provide clarity to complex situations
Ability to work autonomously with a strong sense of urgency, ownership and self drive
Ability to build partnerships and get results across many different stakeholders
Ability to effectively communicate, both verbal and written, to stakeholders regarding relative risk, urgency, and feedback
Highly qualified candidates will have an understanding of nation state motivations and operational capabilities
Experience with Infrastructure-as-Code (IaC) tools like Terraform
Familiarity with data analysis and visualization tools for threat intelligence
Experience with malware analysis and reverse engineering to extract actionable indicators
Company
Cloudflare
Cloudflare is a web performance and security company that provides online services to protect and accelerate websites online.
1001-5000 employees
H1B Sponsorship
Cloudflare has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (117)
2024 (115)
2023 (66)
2022 (98)
2021 (83)
2020 (37)
Funding
Current Stage
Public CompanyTotal Funding
$2.08BKey Investors
Franklin TempletonFidelityUnion Square Ventures
2025-06-13Post Ipo Debt· $1.75B
2019-09-12IPO
2019-03-12Series E· $150M
Leadership Team
Matthew Prince
CEO & Co-Founder
Lee Holloway
Co-Founder & Lead Engineer
Recent News
2026-01-20
2026-01-20
Boston Herald
2026-01-20
Company data provided by crunchbase