Cyber Threat Intelligence Engineer
Massachusetts - Boston
Applications have closed
Veeva Systems
Veeva Systems Inc. is a leader in cloud-based software for the global life sciences industry. Committed to innovation, product excellence, and customer success, Veeva has more than 1,100 customers, ranging from the world's largest...We are the first public company to become a Public Benefit Corporation. As a PBC, we are committed to making the industries we serve more productive, and we are committed to creating high-quality employment opportunities.
Veeva is a Work Anywhere company which means that you can choose to work in the environment that works best for you - on any given day. Whether you choose to work remotely from home or work in an office - it’s up to you.
The Role
This position is directly responsible for proactively discovering, processing, analyzing, and vetting relevant threat information to expedite defense mechanisms as well as the incident response process. The CTI Engineer will organize and vet incoming IOCs, maintain a repository of threat information, enrich information pertaining to incidents, advise leadership of recommended courses of action based on emerging trends, and deliver actionable metrics and threat intelligence reports for a variety of audiences.
What You'll Do
- Leverage a Collection Management Framework (CMF) that organizes all threat intelligence feeds, both internal and external, by indicators and data that can be ascertained as well as the methods in how data is collected, the sources, and the avenues of implementation
- Apply the indicator lifecycle (revealed, matured, utilized) to validate incoming indicators and determine relevance to Veeva Systems by adding context and enrichment
- Detect patterns of ongoing intrusion and intrusion attempts across Veeva and the industry to predict future IOCs and suggest implementations
- Utilize current CTI tools to detect/report on trends to drive decisions influencing defensive operations
- Report meaningful and actionable metrics related to adversarial behavior to drive prioritized defensive actions
- Recommend courses of action (discover, detect, deny, degrade, disrupt, deceive) post-incident
- Support incident responders with relevant IOCs and historical data during ongoing investigations
- Author intelligence reports that address specific intelligence requirements and emerging threats
- Collaborate across other Veeva teams on relevant intelligence of emerging vulnerabilities to prioritize and drive remediation efforts
Requirements
- Strong understanding of the Kill Chain and Diamond models, and means to merge them
- Strong familiarity with some OSINT and proprietary CTI tools, examples as: DomainTools, MISP, YARA, ISAC/ISAO feeds, CyberChef, DataSploit, FireHOL, Maltego, Shodan, ThreatQuotient, Recorded Future Anomali, etc.
- Strong familiarity of modern threats, top delivery vectors, and methods of exploitation
- Experience in delivering adversary-based metrics or authoring/contributing to threat intelligence reports
- Strong experience in organizing, processing, analyzing, and vetting indicators using sorting/processing tools to maintain a current, relevant threat database
- Experience in enriching data of the four atomic indicators (domains, strings, IP addresses, accounts) to deliver additional context to incident responders
- Strong experience in leveraging existing threat intelligence to augment investigations during incident response
- 3+ years of experience in a cyber threat intelligence-related field, or 4+ years of experience in a cybersecurity operations field with at least 2+ years of experience in cyber threat intelligence
Nice to Have
- Threat Intelligence or Intrusion Detection-related certification, such as GCTI, GOSI, CTIA, GCDA, GCIA, CCTIA, CTIP, CPTIA, CRTIA, etc.
- Experience authoring or implementing YARA rules
- Solid background in cloud security principles
- Experience in discovering sensitive data leakage such as credentials, exposed code, brand/organization intelligence, etc.
- Experience in creating and maintaining a prioritized list of crown jewel assets and understanding the top threats against them
Perks & Benefits
- Unlimited PTO
- Veeva Break: entire company takes off the final week of the year, and it’s paid
- Incredible health, dental, vision plans for employee and family
- Matching 401(k)
- 15% target bonus in the form of company stocks, distributed throughout the year
- $500/yr fitness stipend on any fitness-related product or program
- Free, healthy lunches and snacks served daily at company offices
- Free, onsite gym and fitness classes offered daily
- 2% of salary paid by company for training and development
- 1% of salary paid by company to donate to non-profit of your choice
Veeva’s headquarters is located in the San Francisco Bay Area with offices in more than 15 countries around the world.
Veeva is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity or expression, religion, national origin or ancestry, age, disability, marital status, pregnancy, protected veteran status, protected genetic information, political affiliation, or any other characteristics protected by local laws, regulations, or ordinances. If you need assistance or accommodation due to a disability or special need when applying for a role or in our recruitment process, please contact us at talent_accommodations@veeva.com. This position cannot be performed remotely in Colorado.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Business Intelligence Cloud GCIA GCTI Incident response Intrusion detection MISP OSINT SHODAN Threat intelligence Vulnerabilities
Perks/benefits: Career development Fitness / gym Health care Home office stipend Lunch / meals Salary bonus Unlimited paid time off
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs
- Open CEH-related jobs
- Open IPS-related jobs