Threat Intelligence Engineer

The Threat Intelligence Engineer will monitor, ingest, and analyze cyber threat intelligence from open-source (OSINT), commercial feeds, and federal/government alerting sources to detect threats relevant to the client’s systems and infrastructure. They will produce timely, actionable intelligence reports and briefings tailored to multiple audiences including technical staff, SOC teams, and executive leadership. They will lead investigations and attribution analysis on Insider Threats, Advanced Persistent Threat (APT) activity, malware campaigns, phishing operations, and zero-day vulnerabilities. The Engineer will collaborate closely with Security Operations Center (SOC), incident response, and vulnerability management teams to validate indicators of compromise (IOCs) and enhance detection capabilities. They will maintain expert-level knowledge of attacker Tactics, Techniques, and Procedures (TTPs) and apply threat modeling frameworks such as MITRE ATT&CK. They will also deliver written analysis and verbal briefings to both technical and non-technical stakeholders, distilling complex threat information into strategic guidance.