Threat Intelligence Integration Engineer

At phia we hire talented and passionate people who are focused on collaborative, meaningful work, providing technical and operational subject matter expertise and support services to our partners and clients.

phia is seeking a Threat Intelligence Engineer who will focus on integrating Threat Intelligence Platforms (TIPs) with other security and operation tools. Ideal candidates will have a passion for protecting large enterprises from cyber threats. This is a remote position within the United States. U.S. citizenship and the ability to obtain a Public Trust are required.

• Assist with integrating Analyst1 and other Threat Intelligence Platforms (TIPs) with different security and operation tools, such as ServiceNow, Armis, Sentinel One, SIEM, EDR, IDS/IPS, and other network security tools, to enhance threat detection and response capabilities.
• Validate data is received from multiple tools including but not limited to ServiceNow, Armis, and Sentinel One. 
• Utilize automation opportunities to streamline threat intelligence workflows and improve incident response times.
• Ensure seamless integration with existing security infrastructure, including endpoint security, firewalls, and SOAR platforms.
• Develop and maintain detailed System Security Concept of Operations (ConOps) documents that outline the operational procedures and guidelines for the security architecture.
• Align the security architecture with the organization's overall business and technology strategy, ensuring it balances business requirements with information and cybersecurity needs.
• Plan, design, build, tested, and implement robust security architectures for all IT projects.
• Perform vulnerability testing, risk analyses, and security assessments to ensure the efficacy of the security designs.
• Test, evaluate, and verify hardware and software to ensure systems and architecture are consistent with cybersecurity architecture guidelines and requirements.
• Identify critical system capabilities and business functions that require enhanced security measures and prioritize them based on risk and impact on the organization.
• Conduct regular security reviews to identify gaps in the security architecture and determine the effectiveness of the current security design.
• Recommend changes or enhancements as necessary based on security reviews.
• Assist in configuring and re-configuring security tools to ensure they align with the overall security architecture.
• Use threat intelligence to optimize the configuration of these tools and improve their effectiveness.

• 5+ years of experience with SIEM systems, MITRE ATT&CK Framework, Endpoint Security Services, and the onboarding and implementation of various security tools.
• Proven experience in analyzing alerts from Cloud, SIEM, and EDR tools, and in the alerts tuning process.
• Familiarity with cybersecurity operation center functions and experience configuring and re-configuring security tools.
• Experience with security frameworks and the ability to interpret use cases into actionable monitoring solutions.

• Security Information and Event Management (SIEM) systems
• Intrusion Detection/Prevention Systems (IDS/IPS)
• Network and Host Malware Detection and Prevention
• Web/Email Gateway Security Technologies
• Security tools and threat intel platform integration
• Utilization of available Artificial Intelligence (AI) and Machine Learning (ML) opportunities to enhance security operations.

• Bachelor’s Degree in an engineering or cyber discipline

• CompTIA Net+, A+, Security+
• Certified Testing Engineer (CPTE)
• Certified Ethical Hacker (CEH)
• Certified Information System Security Professional (CISSP)

• U.S. Citizenship required.
• Ability to obtain Public Trust (or higher) government clearance.

#LI-LC1

Who You Are

A proactive problem solver that appreciates the challenges of working in a fast-paced, dynamic environment.

Intellectually curious with a genuine desire to learn and advance your career.

An effective communicator, both verbally and in writing.

Customer service-oriented and mission-focused.

Critical thinker with excellent problem-solving skills

If your experience and qualifications aren’t a match for this position, you will remain in our database for consideration for future opportunities that may be a better fit.

Who We Are

phia, LLC is a Northern Virginia-based, small business established in 2011 with a focus on Cyber Intelligence, Cyber Security/Defense, Intrusion Analysis & Incident Response, Cyber Architecture & Capability Analysis, Cyber Policy & Strategy, and Information Assurance/Security. we proudly support various agencies and offices within the Department of Defense (DoD), Federal government, and private/commercial entities.

phia values work-life balance and offers the following benefits to full-time employees:

Comprehensive medical insurance to include dental and vision

Short Term & Long-Term Disability

401k Retirement Savings Plan with Company Match

Tuition and Professional Development Assistance Flex Spending Accounts (FSA)

phia does not discriminate on the basis of race, sex, color, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity, or any other reason prohibited by law in the provision of employment opportunities and benefits.