Cyber Threat Intelligence Lead

United States - Remote

Guidewire Software logo
Guidewire Software
Apply now Apply later

Posted 3 weeks ago

We are looking for a Cyber Threat Intelligence Lead who will play a key role in identification, interpretation, transformation, and dissemination of intelligence crucial to the protection of Guidewire and its customers. This role will provide Incident Response teams with impactful information about threats and vulnerabilities, and use information derived from all intelligence disciplines to determine changes in actor activity, capabilities, intent, and resources. This role will focus on the identification, analysis, processing, and distribution of finished intelligence.


  • Provide strategic direction and ownership for Threat Intelligence/Digital Risk Protection within the multi-functional contexts of cyber assurance, application security, incident response, digital forensics
  • Work with various partners to build out a General Intelligence Requirements Handbook (GIRH)
  • Review, assess, and derive impactful threat intelligence from multiple open-source, commercial, and private sources to produce deliverables for both technical and executive audiences.
  • Demonstrated ability to lead diverse teams in complex, evolving analytical missions especially where priorities may shift due to the evolution of threat landscape
  • Demonstrated knowledge of Incident Response methodology and attacker tradecraft.
  • Experience working closely with threat intelligence analysts to understand their workflow and analytic problems and turning those into large-scale analytics and repeatable methodologies
  • Experience working with detection creation methodologies across multiple platforms


  • Expertise in tools, techniques, and procedures consistent with both routine cybercriminals and advanced adversary attacks using the cyber kill chain and diamond model.
  • Experience setting up Threat intelligence platform to ingest and disseminate actionable intelligence to Incident Response Team
  • Experience with managing Digital Risk Protection tools
  • Demonstrable experience in threat landscape assessment for products and applications deployed within a cloud-based environment such as AWS/Azure/GCP
  • Experience leveraging threat intelligence principles in strategic and tactical applications to deliver actionable high-level insights, support real-time intrusion events, and advise vulnerability management operations
  • Has a sound understanding of SIEM, DLP, CASB, EDR, operating systems, DRP, Canary Tokens, etc.
  • Excellent written and verbal communication skills with an eye for detail and the ability to articulate business needs in cross-group and partner scenarios.
  • Good Analytical, Problem solving and Interpersonal skills

Good to have

  • Ability to automate solutions to repetitive problems/tasks using scripting languages such as Perl, Python, PowerShell or Bash!
  • Certifications from SANS, Offensive Security, ISC2, AWS, Azure, GCP is a plus!
About GuidewireGuidewire is the platform P&C insurers trust to engage, innovate, and grow efficiently.
Guidewire combines core, data, digital, analytics, and AI to deliver our platform as a cloud service. More than 400 insurers, including the largest and most complex in the world, run on Guidewire.
As a partner to our customers, we continually evolve to enable their success. We are proud of our unparalleled implementation track record with 1000+ successful projects, supported by the largest R&D team and partner ecosystem in the industry. Our Marketplace provides hundreds of add-ons that accelerate integration, localization, and innovation.
Guidewire Software, Inc. is proud to be an equal opportunity and affirmative action employer. We are committed to an inclusive workplace, and believe that a diversity of perspectives, abilities, and cultures is a key to our success. Qualified applicants will receive consideration without regard to race, color, ancestry, religion, sex, national origin, citizenship, marital status, age, sexual orientation, gender identity, gender expression, veteran status, or disability. All offers are contingent upon passing a criminal history and other background checks where it's applicable to the position.
Disability Accommodations and Guidewire’s Appeals Process. Guidewire provides accommodations to the hiring process to create a fair opportunity for candidates with disabilities to contend for open positions. Accommodation requests should be directed to (650) 356-4940 or If things do not go as hoped, we invite you to use our appeals process. Guidewire promises to independently review any denied accommodation and any decision not to offer you the position. The appeals process is the same in either case. Within five business days of receiving a notice of denial of an accommodation, or receiving a notice of your non-selection for a vacancy, call (650) 356-4940 or e-mail to make an appeal. Guidewire will assign a new decision-maker to review the request and/or hiring decision, who will then notify you in writing of a decision within 10 business days.
Job tags: AI Analytics AWS Azure C Forensics Go Incident response Offensive Security Perl PowerShell Python SANS SIEM Threat intelligence Vulnerabilities Vulnerability management
Job region(s): North America Remote/Anywhere
Job stats:  26  2  0
  • Share this job via
  • or