Threat Intelligence Specialist - San Francisco

Company Description

Are you prepared to join the X team and help build the ultimate real-time information-sharing app, revolutionizing how people connect? At X, we're on a mission to become a trusted global digital public square, committed to minimal censorship within legal boundaries. Our goal is to empower every user to freely create and share ideas, fostering open public discourse without barriers. Join us in shaping this thrilling journey where your contribution will be invaluable to our success!

X’s Threat Disruption team provides expert scaled investigative support into inauthentic accounts and behavior on the platform. Our objective is to increase the costs to bad actors for manipulating the platform and mitigate associated harm.

Job Description

Base Salary Range: $127,000 - $166,000

Responsibilities: 

• Recognize, research, and analyze various threat actor groups/attack patterns, tactics, techniques and procedures. 

• Use data analysis to develop profiles of bad actors on X, and complete scaled investigations into those bad actors.

• Conduct threat modeling to improve threat detection and mitigation.

• Build heuristic rules to detect and stop bad actors on X, and contribute to building other detection systems and Safety product features.

• Perform continuous research based on open source and internal tooling on specific threats, including threat actors and campaigns, to determine detection and enforcement gaps for X Rules and policies. This includes campaign tracking and trending evaluation.

• Investigate anomalies detected by other Safety or partner teams.

• Participate in Red/Blue team activities.

• Produce brief bulletins, assessments, or full-length profiles of actors for stakeholders delivered in a timely and contextual manner. 

• Manage external and internal Threat Intelligence partnerships on behalf of X. This includes optimizing and managing data sources of threat intelligence information.

Qualifications

• Bachelor’s Degree in Computer Science, Information Assurance, Security, Management Information Systems, Risk Management or equivalent work experience acceptable.

• 3+ years Threat Intelligence experience working on relevant issues (safety, security, and/or content policy), preferably at an internet or technology company.

• Experience creating heuristic-based rules (e.g. YARA). 

• Experience using SQL and relational databases in your work. Ability to use Python, R, or another scripting language to facilitate scaled data analysis.

• Experience with threat models such as Kill Chain or MITRE ATT&CK.

• Experience with problem solving and troubleshooting complex issues with an emphasis on root cause analysis.

• Strong interpersonal and communication skills. Must be able to effectively communicate security and threat concepts with both technical and non-technical individuals.

• Works well under pressure, and is comfortable working in a fast-paced, ever-changing environment.

• Preferred: Past experience or knowledge of Scala and/or Java programming languages.

Additional Information

Eligible Locations
This is an in-office role. 

Commitment to Hiring Military: 

All qualified applicants, of any veteran or military status, will receive equal consideration for employment without discrimination.

We appreciate the values, leadership, and unique skills Service members bring to the workforce, we always take into account their prior military training/experience, and will encourage opportunities to hire Guardsmen, Reservists, and Veterans.

All your information will be kept confidential according to EEO guidelines.