Cybersecurity Senior Threat Intelligence Engineer - Arlington, VA
Arlington, VA

Job Description

Cybersecurity Senior Threat Intelligence Engineer

Location: Arlington, VA

Are you energized by helping organizations protect their data and build client trust? Do you want to work in one of the world's largest holistic internal cybersecurity organizations? If you're interested in proactively preventing, detecting, and responding to cyber-attacks across a complex global footprint, then Deloitte Global could be the perfect place for you. We're looking for an analytical thinker passionate about cybersecurity to join our team.

Work you'll do:

The Senior Threat Intelligence Engineer reports to the Collections Manager. Intelligence engineering lives within the collection function of the Threat Intelligence group. As a Senior Threat Intelligence Engineer, you will enable the automated collection, processing, storage, and dissemination of cyber threat data to/from a central Threat Intelligence Platform (TIP). The Senior Threat Intelligence Engineer is responsible for streamlining collection of threat indicators, designing applications that process data from disparate sources, and integrating TIP outputs with defense technologies. Other Responsibilities include to:

* Enable automated ingestion of threat data into TIP from commercial vendor APIs as well as from internal Deloitte defense technologies.
* Create workflows and playbooks using TIP to parse, format, and tag imported threat data, to include creating new data objects, defining data object values, and defining metadata
* Enable TIP to automatically disseminate select threat data to Deloitte security appliances, to include writing custom scripts as well as working with off-the-shelf integrations/apps.
* Partner with other cyber security and information technology teams to document processes and technologies, define requirements/use cases for TIP integration, and collaborate on user acceptance and systems integration testing.

This Deloitte Global role requires limited travel.

What you'll be part of-our Deloitte Global culture:

At Deloitte, we expect results. Incredible-tangible-results. And Deloitte Global professionals play a unique role in delivering those results. We reach across disciplines and borders to serve our global organization. We are the engine of Deloitte. We develop and lead global strategies and provide programs and services that unite our network.

In Deloitte Global, everyone has an opportunity to lead. We see the importance of your perspective and your ability to create value. We want you to fit in-with an inclusive culture, focus on work-life fit and well-being, and a supportive, connected environment; but we also want you to stand out-with opportunities to have a strategic impact, innovate, and take the risks necessary to make your mark.

Deloitte Global supports our talented professionals in answering the question: What impact will you make?

Who you'll work with:

The Deloitte Global Cybersecurity function is responsible for enhancing data protection, standardizing and securing critical infrastructure, and gaining cyber visibility through security operations centers. The Cybersecurity organization delivers a comprehensive set of security services to Deloitte's global network of firms around the globe.

#CybDef

Qualifications:

Education

* Bachelor's degree: a technology-related field, or equivalent education-related experience

Required

* Minimum of 8 years of experience in security operations or threat intelligence with 3 of those years of experience in security engineering
* Understanding of host and network forensic artifacts and indicators of compromise
* Understanding of cyber threats and how intelligence is used by security appliances and operators
* Familiarity with ThreatConnect
* Experience working with Splunk, to include integrating external data via Splunk Apps or the Splunk API
* Experience using common threat intelligence data source APIs
* Ability to automate manual processes in PowerShell and/or Python
* Experience defining customer requirements/use cases for scripts or application integrations
* Experience working in information technology / cyber security for a large, complex enterprise and collaborating across teams

Preferred

* Experience orchestrating processing of information with ThreatConnect playbooks or similar orchestration tools
* Experience managing threat data feeds from commercial threat intelligence vendors
* Experience developing security tool integrations involving VirusTotal Intelligence
* Experience maintaining documentation for and troubleshooting custom integrations between security operations technologies
* Understanding of Splunk Enterprise Security, to include LookupTables and Splunk Threat Intelligence data model
* Familiarity building integrations with Cisco ThreatGrid and ServiceNow

Key Skills

* Responsible for leading the delivery team and owns the technical solution delivery.
* Owns, directs and manages day to day execution of the delivery plan for development projects and is the primary point of escalation for any and all team impediments.
* Strong estimation skills to estimate resources (human and other) required to achieve project goals throughout execution of project.
* Responsible to oversee and ensure adherence to enterprise standards in project execution methodology, requirements gathering, code reviews, quality assurance and continuous improvement.

Key Responsibilities

* Proactive self-starter who independently identifies opportunities to automate and actively recommends enhancements which permit Threat Intel to work better, faster, and smarter.
* Identify manual analysis and reporting processes as candidates for enhancement and automate via scripting/coding.
* Facilitate integrations between Threat Intel Platform, tools, feeds, and other knowledge repositories and dissemination sites and mediums.

How you'll grow:

Deloitte Global inspires leaders at every level. We believe in investing in you, helping you embrace leadership opportunities at every step of your career, and helping you identify and hone your unique strengths. We encourage you to grow by providing formal and informal development programs, coaching and mentoring, and on-the-job challenges. We want you to ask questions, take chances, and explore the possible.

Benefits you'll receive:

Deloitte's Total Rewards program reflects our continued commitment to lead from the front in everything we do - that's why we take pride in offering a comprehensive variety of programs and resources to support your health and well-being needs. We provide the benefits, competitive compensation, and recognition to help sustain your efforts in making an impact that matters.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or protected veteran status, or any other legally protected basis, in accordance with applicable law.

Disclaimer: Nothing in this job description/posting shall constitute an offer or promise of employment. If you are not reviewing this job posting on our Careers' site (jobs2.deloitte.com) or one of our approved job boards we cannot guarantee the validity of this posting. For a list of our current postings, please visit us at jobs2.deloitte.com

Requisition code: DE19USAGTS005RB1166

*
*
*
*
*
*