CrawlJobs Logo

Senior Cyber Threat Intelligence Engineer

United States, Chevy Chase 105000.00 - 215000.00 USD / Year · Job Posted February 21, 2026
Apply Position
Job Link Share

Job Description

As a Senior Cyber Threat Intelligence Engineer, you will function as a deeply technical individual contributor responsible for advancing intelligence-driven threat detection and proactive threat hunting across GEICO’s environment. This role requires extensive hands-on experience, strong analytic judgment, and the ability to independently execute complex work that directly contributes to reducing cyber risk. You will be expected to operate with a high degree of autonomy, applying your technical expertise to identify adversary behavior, develop actionable insights, and drive meaningful outcomes without requiring close supervision.

Job Responsibility

  • Analyze and assess advanced cyber threats, adversary behavior, tooling, and campaigns relevant to GEICO
  • Develop and execute intelligence-informed threat-hunting hypotheses using endpoint, network, and cloud telemetry
  • Build, maintain, and enhance custom tools, scripts, and automation to support intelligence analysis and hunting workflows
  • Use programming and scripting languages (e.g., Python, PowerShell, Bash, or similar) to analyze data, enrich intelligence, and automate manual processes
  • Translate threat intelligence into actionable detection logic, investigative guidance, and response context
  • Produce clear, well-structured written intelligence products, including assessments, briefings, and reports for both technical and non-technical audiences
  • Support active investigations by providing timely adversary context during incidents
  • Track emerging threats, vulnerabilities, and adversary trends, prioritizing relevance and impact
  • Continuously improve analytic tradecraft, tooling, and processes to increase effectiveness and efficiency

Requirements

  • 7+ years of experience in cyber threat intelligence, threat hunting, security operations, or a related cybersecurity discipline
  • Demonstrated hands-on experience conducting threat hunting in enterprise environments
  • Strong coding or scripting experience with the ability to design and maintain custom tools
  • Proven experience applying adversary frameworks such as MITRE ATT&CK to real-world detection and analysis
  • Experience producing written intelligence products that inform technical teams and leadership
  • Deep understanding of attacker techniques, intrusion workflows, malware, and phishing operations
  • Experience working with SIEM, EDR, and threat intelligence platforms
  • Ability to work independently, manage competing priorities, and deliver results under time constraints

Nice to have

  • Experience supporting incident response or digital forensics activities
  • Familiarity with cloud platforms and cloud-based threat activity
  • Experience building internal CTI tooling, pipelines, or automation
  • Experience working in large enterprise or regulated environments

What we offer

  • Comprehensive Total Rewards program
  • 401K savings plan with 6% match
  • Performance and recognition-based incentives
  • Tuition assistance
  • Mental healthcare
  • Fertility and adoption assistance
  • Workplace flexibility
  • GEICO Flex program (work from anywhere in the US for up to four weeks per year)

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Senior Cyber Threat Intelligence Engineer

8 matching positions

Cyber Systems Engineer Senior Technical Specialist – Project Engineer

The Cyber Systems Engineer Project Management Technical Support provides support...
Location
Location
United States , Westfields, Virginia
Salary
Salary:
Not provided
arcfield.com Logo
Arcfield
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • BS 12-15, MS 10-13, PhD 10+
  • Must possess and be able to maintain a TS/SCI with Poly
  • Able to support customer’s core hours (0900-1500
  • Mon – Fri)
  • DoD 8570 certification in IAT or IAM
  • Experience with security operations, data analysis, threat detection, and the deployment and optimization of Splunk for enterprise security solutions
  • understanding of Security Information and Event Management (SIEM) and log management
  • Experience supporting project management and acquisitions
  • Experience with customer’s Cybersecurity Processes and tools/capabilities to include Splunk
  • Experience in requirements analysis
Job Responsibility
Job Responsibility
  • Work collaboratively with the government customer and a small team of project managers and developers to ensure successful implementation of Splunk
  • Collaborate with the cyber operations group and act as the liaison between the group and developers to ensure Splunk requirements are understood and being met
  • Provide assessments to the customer on the cybersecurity contractor’s program performance.
  • Develop, maintain, and deliver acquisition artifacts to assist the customer in assessing contractor’s performance
  • Assist in the development of execution reviews, acquisition roadmaps and transition plans
  • Develop briefings and artifacts for acquisition Readiness Reviews
  • Provide technical recaps of customer meetings with cyber security contractors
  • Work closely with the customer Lead and stakeholders to execute contracts
  • Provide technical input for the development of acquisition documentation for review and approval by the customer to include Requests for Contract Action (RCA) packages, RFPs for Engineering Change Proposals (ECPs), and proposal analysis to support negotiation and award activities.
  • Assist in the development, review, and update of acquisition documents to ensure guidance for acquisitions is adequate and current.
  • Fulltime
Read More
Arrow Right

Cyber Threat Intelligence Analyst

The Cyber Threat Intelligence Analyst (CTI) plays a vital role in enhancing Amge...
Location
Location
Portugal , Lisbon
Salary
Salary:
Not provided
amgen.com Logo
Amgen
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master’s degree in Cybersecurity, Information Technology, Intelligence Studies, or related field OR Bachelor’s degree with 1 year of experience in Cyber Threat Intelligence, Threat Hunting, or a similar security role OR Diploma with 2 years of relevant experience in threat intelligence or related cybersecurity functions
  • Strong understanding of the cyber threat landscape, adversary tactics (MITRE ATT&CK), and threat actor methodologies
  • Experience conducting intelligence analysis using OSINT, dark web monitoring, threat reports, and threat intelligence platforms
  • Ability to write concise, impactful threat intelligence reports tailored to various audiences
  • Familiarity with cyber kill chain, diamond model, and intelligence lifecycle
  • Basic scripting knowledge (Python, PowerShell) to support enrichment and automation of threat intelligence
Job Responsibility
Job Responsibility
  • Collect, analyze, and assess cyber threat intelligence from open-source intelligence (OSINT), commercial feeds, government sources, and internal telemetry
  • Develop and maintain profiles of threat actors, their capabilities, infrastructure, and campaigns relevant to Amgen’s industry
  • Produce actionable intelligence reports, threat advisories, and strategic briefings for technical teams and senior stakeholders
  • Correlate threat intelligence with internal events to support investigations and improve detection capabilities
  • Assist in the enrichment of threat hunting and incident response efforts by providing contextual intelligence and TTP mapping
  • Track geopolitical and sector-specific threats to anticipate risks that could affect business operations
  • Collaborate with SOC and engineering teams to improve detection rules and defense mechanisms based on threat intelligence findings
  • Maintain situational awareness of the cyber threat landscape and emerging risks to healthcare, life sciences, and biotechnology sectors
  • Support the configuration and maintenance of threat intelligence platforms (TIPs) and threat feed integrations
  • Contribute to purple team and threat emulation exercises to validate defensive controls and response capabilities
What we offer
What we offer
  • Work That Matters – Build tech that accelerates scientific breakthroughs and helps patients worldwide
  • Modern Tech Stack – Cloud-first, automation-focused, AI-powered
  • Global Scale, Agile Mindset – Collaborate across continents while working in nimble, high-impact teams
  • Continuous Learning – Access to certifications, trainings, mentorship, and career mobility
  • AMGEN Total Rewards Plan – Comprehensive benefits in healthcare, finance, and well-being
  • Flexibility – Hybrid work model with time split between our Lisbon office and remote work
  • Fulltime
Read More
Arrow Right

Senior Applied Threat Intelligence Analysts

Security represents the most critical priorities for our customers in a world aw...
Location
Location
United States , Redmond
Salary
Salary:
102100.00 - 202200.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection.
  • Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection.
  • Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection.
  • equivalent experience.
  • Ability to meet Microsoft, customer and/or government security screening requirements are required for this role.
  • Microsoft Cloud Background Check: This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter.
Job Responsibility
Job Responsibility
  • Lead with AI to understand the threat landscape and the latest attacker tradecraft.
  • Track threat actors, including financially motivated threat actors
  • their infrastructure, their targets, and their shifting techniques, tactics, and procedures.
  • Translate complex technical findings into clear, prescriptive guidance for security operations teams, executives, and the broader defender community.
  • Partner with product, research, marketing, and communications teams to ensure high-quality intelligence experiences through Microsoft's customer-facing surfaces and managed services (Agentic Security, Defender XDR, Defender Experts, Sentinel, blogs, briefings).
  • Build and refine the pipelines, tooling, and workflows that allow Microsoft to stream insightful cyber threat intelligence to customers machine speed.
  • Represent Microsoft Threat Intelligence in customer briefings, industry conferences, and cross-industry working groups.
  • Fulltime
Read More
Arrow Right

Senior Applied Threat Intelligence Analyst

Security represents the most critical priorities for our customers in a world aw...
Location
Location
United States , Redmond
Salary
Salary:
119800.00 - 234700.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field. OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection. OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection. OR equivalent experience.
  • Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter.
Job Responsibility
Job Responsibility
  • Author and publish high-impact threat intelligence reports (actor profiles, campaign analyses, trend reports, TTP deep-dives, vulnerability profiles) for both customer-facing and internal audiences.
  • Build and refine the pipelines, tooling, and workflows that allow Microsoft to stream insightful cyber threat intelligence to customers machine speed.
  • Represent Microsoft Threat Intelligence in customer briefings, industry conferences, and cross-industry working groups.
  • Translate technical findings into clear, actionable insights for security operations teams and technical stakeholders.
  • Partner with product, engineering, and research teams to operationalize intelligence into Microsoft security platforms (e.g., Defender XDR, Sentinel, customer briefings).
  • Contribute to scalable workflows and pipelines that improve how threat intelligence is generated, refined, and delivered to customers.
  • Support customer engagements (briefings, responses, and discussions) with accurate and timely intelligence insights.
  • Collaborate within the team to improve analytic tradecraft, knowledge sharing, and intelligence quality.
  • Fulltime
Read More
Arrow Right

Senior Cyber Detection Engineer (SIEM)

Zachary Piper Solutions is seeking a Senior Cyber Detection Engineer (SIEM) to s...
Location
Location
United States , Springfield
Salary
Salary:
135000.00 - 150000.00 USD / Year
pipercompanies.com Logo
Piper Companies
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active TS/SCI CI Polygraph required
  • Bachelor’s degree from an accredited college in a related discipline and 5+ years of prior relevant experience
  • IAT Level II (GSEC, Security+, SSCP, or CCNA-Security) certification required
  • Proficient in modern operating systems, including Windows, UNIX, network OS environments, databases, and virtualized computing platforms
  • Experienced with enterprise-grade security tools, such as Security Information and Event Management (SIEM) systems specifically Splunk, Threat Intelligence Platforms (TIPs), and network monitoring solutions
  • Skilled in developing, modifying, and fine-tuning detection mechanisms, including IDS signatures and SIEM correlation rules
  • Knowledgeable in implementing cybersecurity countermeasures and mitigation strategies to reduce risk and enhance system resilience
Job Responsibility
Job Responsibility
  • Support Cyber Operations Squadron (COS) efforts by ensuring timely publication of updated cybersecurity tool signatures, including antivirus and host-based security systems
  • Conduct in-depth threat analysis, including reverse engineering of malware, to uncover critical details such as origin, target, impacted systems, recommended mitigations, and mission risk
  • Develop custom content for Security Information and Event Management (SIEM) tools and create tailored IDS/IPS signatures to counter specific threats
  • Correlate security events and incidents using data from diverse enterprise sources to identify patterns and potential threats
  • Assess the impact of cyber incidents on data and infrastructure, providing detailed evaluations of damage and recovery needs
  • Perform trend analysis and reporting on cyber incidents to identify recurring threats and inform proactive defense strategies
  • Analyze network traffic and system data to detect anomalies and potential security threats
  • Deliver real-time detection, identification, and reporting of cyber intrusions, suspicious activities, and policy violations
  • Create and implement detection rules
What we offer
What we offer
  • Full Benefits: PTO
  • 11 Paid Holidays
  • Cigna Medical, Dental, and Vision
  • 401k with ADP
  • Certification reimbursement
  • Contract mobility and job stability – Contract through 2026
  • Fulltime
Read More
Arrow Right

Senior Cyber Security Engineer

Airbus Commercial Aircraft is looking for a Senior Cyber Security Engineer (f/m)...
Location
Location
France , Toulouse
Salary
Salary:
Not provided
airbus.com Logo
Airbus
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master's Degree in Information Technology or related discipline
  • Experience in threat detection or incident response
  • Experience in Reverse engineering
  • Strong negotiation and communication skills
  • Strong ability to work in a multinational and complex environment
  • Ability to coordinate with teams located in different BUs and locations
  • English: Negotiation Level
Job Responsibility
Job Responsibility
  • Investigate technical cyberattacks and perform Digital forensics and incident response (DFIR) activities
  • Contribute to threat hunting improvement through industrialization of intrusion detection
  • Participate in the architecture and development of new Detection & Response and DFIR tools
  • Perform Threat Intelligence on attacker groups related to aerospace and defence industry
  • Contribute to research and publications conducted by Airbus CERT
  • Represent Airbus CERT within working groups and security conferences throughout the world
What we offer
What we offer
  • Attractive salary, agreements on success and profit sharing schemes, employee savings plan abounded by Airbus and employee stock purchase plan on a voluntary basis
  • Extra days-off for special occasions, holiday transfer option, a Staff council offering many social, cultural and sport activities and other services
  • Complementary health insurance coverage (disability, invalidity, death). Depending on the site: health services center, concierge services, gym, carpooling application
  • Great upskilling opportunities and development prospects with unlimited access to +10.000 e-learning courses to develop your employability, certifications, expert career path, accelerated development programmes, national and international mobility
  • Fulltime
Read More
Arrow Right

Senior Cyber Security Engineer

As a Sr Cybersecurity Engineer at Cloud Software Group, you will design and impl...
Location
Location
United States , San Ramon
Salary
Salary:
116716.00 - 210089.00 USD / Year
cloud.com Logo
Cloud Software Group
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in Cybersecurity Engineering, Infrastructure Security, or a related technical role, with a proven track record of managing enterprise-grade security platforms or a Master’s degree with 3 years
  • or a PhD without experience
  • Deep technical understanding of security controls across multiple domains, including Vulnerability Lifecycle Management, Privileged Access Management (PAM), Identity & Access Management (IAM), and Network Defense
  • Knowledge of one or more Cloud platforms (AWS, Azure and GCP) and best practices for architecting and securing
  • Familiarity with security telemetry concepts, including logging, monitoring, and alerting
  • Awareness of common enterprise threat vectors and the types of controls used to prevent or detect them
  • Knowledge of security trends, software, and protocols
  • Problem-solving, attention to detail, sharp analytical skills
  • Strong communication skills
Job Responsibility
Job Responsibility
  • Collaborate with Engineering Business Units, Operations teams to architect, deploy, and continuously optimize enterprise security controls that balance robust protection with business agility
  • Drive the continuous optimization of core security platforms, focusing on Vulnerability Management, Privileged Access Management (PAM), and automated workflows to enhance our defensive posture
  • Ensure high availability and performance of owned security platforms by providing advanced technical support and streamlining escalation paths
  • Create and maintain clear technical documentation for security configurations, processes, and improvements
  • Actively monitor global threat intelligence feeds and vulnerability disclosures to identify emerging risks and integrate proactive countermeasures into our security architecture
  • Orchestrate enterprise-wide phishing simulation programs to quantify organizational risk and leverage data-driven insights to strengthen the “human firewall" against social engineering
  • Translate complex vulnerability data into comprehensive risk reports, providing stakeholders with clear technical roadmaps to harden the organization's security posture
  • Support internal and external security audits by providing technical evidence as needed
What we offer
What we offer
  • Healthcare, life insurance and disability benefits, 401(k) plan and company match
  • Fulltime
Read More
Arrow Right
New

Cyber Risk Senior Officer - Senior Vice President

Location
Location
United States , Irving
Salary
Salary:
156160.00 - 234240.00 USD / Year
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years relevant experience
  • Practical experience working in, assessing, or challenging security architecture, infrastructure security, network security, cloud security, cyber resilience or data protection
  • Deep knowledge of products within the coverage area, including a technical understanding of current and emerging trends as well as the ability to apply in-depth understanding of the business impacts of technical contributions
  • Experience in cyber risk assessments, metrics, enterprise technology services, risks, and controls within globally complex, dispersed, and diverse organizations
  • In-depth knowledge of cyber risks and controls across various information system architecture and engineering domains including: data protection, identity and access management, vulnerability management, network security, endpoint security, logging and monitoring, incident management, cyber resilience and third-party management
  • preferred expertise in security architecture, cloud security, and emerging technologies (including Artificial Intelligence and Digital Assets)
  • Subject matter expert in one or more industry standard risk management frameworks (including ISO27001, COBIT, TOGAF and CRI for example), and an in-depth understanding of cyber risk mitigation strategies
  • Outstanding communication and influencing skills through all levels of the organization and with external partners and vendors
  • Exceptional relationship management skills
  • must be able to address and resolve conflict while maintaining relationships
Job Responsibility
Job Responsibility
  • Manages internal projects on threat issues that support a variety of participants and stakeholders measuring the effectiveness and comprehensiveness of Citi’s first line defenses
  • Establishes and oversees the application of compliance and cyber policies and procedures, technology and tools, and governance processes to provide credible challenge for minimizing losses from cyber risks
  • Independently assesses cyber risks and drive actions to address the root causes that persistently lead to operational risk losses by challenging both historical and proposed practices
  • Leads independent assurance activities to assess areas of concern including substantive and controls testing
  • Monitors, evaluates, and challenges Key Risks and associated Key Risk Indicators triggers and thresholds
  • Also lead discussions with Key Indicator owners on breaches and action steps to correct breaches
  • Identifies potential risks associated with program/project delivery on a technical and detailed level
  • Leads various second line of defense cyber assessments including risk assessments, control assessments, maturity assessments etc
  • Assesses cyber risks associated with new initiatives and programs being proposed for implementation
  • Challenges the design, adequacy and strength of the control environment associated to technology and cyber and recommends actions to ensure the operational risk profile is in line with the cyber risk appetite
What we offer
What we offer
  • medical, dental & vision coverage
  • 401(k)
  • life, accident, and disability insurance
  • wellness programs
  • paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays
  • Fulltime
Read More
Arrow Right