[Hiring] Cybersecurity Threat Intelligence Specialist @Ascension
Role Description What You Will Do:
- Adversary Attribution & Mapping:
Collect, pivot, and analyze multi-source telemetry—including OSINT, commercial feeds, deep/dark web forums, and internal technical logs—to profile threat actors, track localized and global cyber campaigns, and map adversary TTPs directly to the MITRE ATT&CK framework.
- Detection Engineering & TIP Optimization:
Manage, tune, and optimize the Threat Intelligence Platform (TIP) to ingest, score, and deduplicate IOCs, collaborating with SIEM/SOAR and Detection Engineering teams to translate threat trends into actionable YARA, Sigma, and SIEM rules.
- Proactive Hypothesis-Based Hunting:
Partner with security teams to design and execute hypothesis-based threat hunting scopes and conduct retroactive hunts across data lakes and internal security platforms utilizing newly identified indicators and zero-day vulnerability intelligence.
- Incident Response Fusion & Advisory:
Provide real-time, context-driven intelligence support during active security incidents, delivering critical briefings on attacker infrastructure, capabilities, and intent to the Incident Response (IR), SOC, and DevSecOps teams.
- Strategic & Operational Intelligence Synthesis:
Synthesize complex, abstract technical data into high-impact threat assessments, flash reports, and threat actor profiles ("baseball cards"), contextualizing technical risks into actionable operational insights for both technical stakeholders and executive leadership.
Qualifications
- High School diploma equivalency with 2 years of cumulative experience OR Associate's degree/Bachelor's degree OR 4 years of applicable cumulative job specific experience required.
- Advanced proficiency in developing automation scripts (e.g., Python, PowerShell) to streamline CTI workflows, automated enrichment, data parsing, and tool/API integration.
- Hands-on experience with specialized external threat landscape and enrichment tools (e.g., DomainTools, Intel 471, Maltego, or VirusTotal Enterprise).
- Active advanced security or threat intelligence certifications, such as GIAC Cyber Threat Intelligence (GCTI), Certified Threat Intelligence Analyst (CTIA), or GIAC Certified Forensic Analyst (GCFA).
Benefits
- Paid time off (PTO)
- Various health insurance options & wellness plans
- Retirement benefits including employer match plans
- Long-term & short-term disability
- Employee assistance programs (EAP)
- Parental leave & adoption assistance
- Tuition reimbursement
- Ways to give back to your community