Title:  SR Consultant, Surface Area Management - Threat Intelligence

Job Purpose and Impact

As a Threat Intelligence Senior Consultant you will play a critical role in strengthening the organization’s security posture by leading the collection, analysis, and dissemination of actionable threat intelligence. Your expertise will drive proactive defense measures, inform executive and operational decisions, and ensure alignment between emerging cyber threats and enterprise risk. You will serve as a key advisor to both technical teams and leadership, transforming raw intelligence into strategic insights that reduce exposure and accelerate response to adversarial activity..

Key Accountabilities

OPERATIONAL THREAT INTELLIGENCE
•    Monitor, collect, and analyze raw threat data from a diverse range of sources (OSINT, commercial feeds, dark web, internal telemetry) to identify immediate threats, campaigns, and indicators of compromise (IOCs) relevant to the organization.
•    Develop and disseminate tactical threat intelligence, including IOCs, YARA or SIGMA rules, Snort/Suricata signatures, and detection logic, for rapid deployment by Security Operations Center (SOC) and Incident Response (IR) teams.
•    Provide actionable intelligence on how vulnerabilities are being exploited to inform remediation efforts and compensating controls.
•    Provide real-time support during active incidents, offering deep technical context on adversary TTPs, malware families, and observed attack chains.
•    Contribute to the enhancement of security controls and detection capabilities by identifying gaps based on current threat intelligence and recommending specific improvements.
 
INTELLIGENCE DISSEMINATION & COMMUNICATION 
•    Produce clear, concise, and technically accurate intelligence reports, alerts, and briefings for various audiences, from technical defenders to executive leadership.
•    Contextualize technical findings with relevant business impact to ensure intelligence is actionable and understood by non-technical stakeholders.
•    Actively participate in knowledge sharing and training initiatives to uplift the overall threat intelligence maturity across the organization.

Qualifications

REQUIRED QUALIFICATIONS

 •    4 years of relevant work experience

 •     Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field, or equivalent practical experience.
 •    Demonstrable experience with threat intelligence platforms (TIPs) and security information and event management (SIEM) systems (e.g., Splunk, Elastic, Sentinel).
 •    Strong understanding and ability to deconstruct complex adversary tactics, techniques, and procedures (TTPs) and experience applying frameworks like MITRE ATT&CK to articulate adversary behaviors and inform defensive strategies.
 •    Excellent written and verbal communication skills, with the ability to convey complex technical information to diverse audiences.
 •    Demonstrated experience in leading and operationalizing a Threat Intelligence program.
 
PREFERRED QUALIFICATIONS
•    Experience with scripting languages (e.g., Python) for data analysis, automation, or malware analysis.
•    Experience with vulnerability scanning platforms (e.g., Tenable.sc, Nessus, Qualys) and their integration with threat intelligence.
•    Experience performing in-depth technical analysis of malware (static and dynamic), phishing campaigns, and observed adversary techniques to understand their functionality, capabilities, and intent.
•    Experience analyzing network traffic (PCAP), logs, and endpoint data to identify technical indicators and patterns of malicious activity.
•    Certifications such as GCTI, GREM, GCFA, CISSP, or similar.