Protective Intelligence & Threat Analyst
OpenAISalary not specified
Not SpecifiedCompensation
N/AExperience Level
N/AJob Type
Not SpecifiedVisa
N/AIndustries
Requirements
- 7+ years in cybersecurity with at least 3 years in threat intelligence, threat hunting, or detection engineering roles
- 3+ years of experience with dark web, OSINT tools
- Strong understanding of adversary TTPs, MITRE ATT&CK, and intrusion kill chain analysis
- Proficiency with SIEM, EDR, and cloud-native security tools (e.g., Sentinel, Splunk, Defender, Elastic, CrowdStrike)
- Hands-on experience scripting in Python, Bash, KQL, PowerShell, or similar languages
- Ability to work with Linux, including command line for analysis of large datasets
- Demonstrated ability to translate intelligence into operational detection and response improvements
- Excellent written and verbal communication skills, including the ability to brief executives on complex technical issues
- Bachelor’s degree in Cybersecurity, Computer Science, or related field (or equivalent experience)
- Industry certifications such as GCTI, GCFA, GCIA, GREM, or OSCP
Responsibilities
- Lead and mentor a team of threat intelligence and detection engineers
- Develop and maintain the organization’s threat intelligence program, ensuring intelligence directly informs detection and response priorities
- Establish and maintain intelligence-sharing partnerships (e.g., ISACs, government agencies, peer organizations)
- Define and track KPIs to measure the effectiveness of threat hunting and detection engineering programs
- Conduct proactive threat hunts leveraging intelligence on emerging adversary behaviors (MITRE ATT&CK-aligned)
- Develop, test, and tune detections across SIEM, EDR, and cloud security platforms (e.g., Microsoft Sentinel, Splunk, Defender, CrowdStrike)
- Collaborate with incident response and SOC teams to validate detections and improve coverage gaps
- Use automation and scripting (e.g., Python, KQL, PowerShell) to enhance hunting and detection efficiency
- Identify, access, collect data and other threat intelligence for dark web sources
- Review cybercrime forums/marketplaces and other platforms to determine their potential as ongoing collection targets
Skills
UltraViolet Cyber
Unified defensive and offensive cybersecurity solutions
About UltraViolet Cyber
UltraViolet Cyber focuses on enhancing cybersecurity for organizations by integrating both defensive and offensive security operations. Their main services include Managed Detection and Response (MDR), which provides continuous monitoring and response to cyber threats, and Penetration Testing as a Service, where they simulate cyber attacks to find and fix vulnerabilities. This company stands out from competitors by combining the expertise of Red Team (offensive) and Blue Team (defensive) professionals, ensuring that security measures are both proactive and reactive. The goal of UltraViolet Cyber is to help organizations improve their resilience against cyber threats and protect their sensitive data and infrastructure effectively.
McLean, VirginiaHeadquarters
2023Year Founded
$4MTotal Funding
SERIES_ACompany Stage
CybersecurityIndustries
201-500Employees
