Staff Cyber Threat Intelligence Engineer

Role Description

Dropbox is seeking a Staff Security Engineer to join our Threat Intelligence and Hunting team. You will investigate critical threats to Dropbox and our customers, profiling threat actors and uncovering the actions, techniques and objectives of these malicious actors.    With your expertise, you will work to ensure the security of Dropbox and our customers. Aiming to protect both those who use our platform, and those who engage with through their friends, family and colleagues. We want to ensure trust in the Dropbox platform by protecting all users interactions with our products. 

Responsibilities

• Serve as subject matter expert on threat actors focused on Dropbox and our customers 
• Work across the security organization and engineering departments to define technical strategy in order to identify and disrupt threat actor activity in near-real-time.
• Establish and maintain relationships with industry peers to collaborate and share knowledge on various threat actors 
• Investigate and hunt for malicious activity across all Dropbox environments 
• Document and communicate investigations into threat actors, their activity, TTPs, briefing internal customers and partnering to detect, disrupt and mitigate attackers 
• Active participation in developing, documenting and implementing new processes to expand and mature capabilities 
• Analyze telemetry data to identify signals indicative of sophisticated threat actors
• Deep dive and analyze key business performance metrics, identify gaps, create plans to mitigate and drive to closure 
• Develop, track, and report on key program performance metrics 

Requirements

• 10 years of demonstrated experience in areas such as system security and/or network security
• 2+ years of experience in threat intelligence, cybercrime investigations/intelligence, tracking threat actor behaviors, including investigating, researching, or analyzing TTPs (Tactics, Techniques and Procedures), or attribution research 
• Experience with security vulnerabilities, exploitation techniques, and methods for remediation of such 
• Experience in Threat Hunting tooling and planning 
• Experience analyzing logs, building detections and coordinating remediation 
• Scripting skills (e.g. Python, PowerShell, other common languages)