Cyber Threat Intelligence Engineer

About the job

Join a team of more than 25,000 team members, comprised of our home office and over 215 clubs and 3 distribution centers in 17 states. We’re committed to delivering value and convenience to our Members, helping them save every day on everything they need for their family and home. BJ’s Wholesale Club offers a collaborative, team-oriented environment where all team members can learn, grow and excel.

The Security Engineer will fill a fundamental role meaningful role within Threat Operations Team with the focus on Cyber Threat Intelligence Platform and the associated operations.

This Security Engineer will also work with other security teams on architecting, crafting, and implementing technologies, processes, and improvements. The position includes understanding department, segment, and organizational strategy and operating objectives, including their linkages to related areas.

Responsibilities include but are not limited to:

  • Be the main POC for the Threat Intelligence Platform (TIP)
  • Create and maintain custom TIP integrations with other Cyber Security Controls with ongoing quality assurance
  • SME to centralize new datasets, feeds, and other information into the TIP such as proactive threat intelligence gathering, documenting of findings and the reporting of threat intelligence briefings to senior management
  • Process and enrich information to ensure timely, actionable, high confidence IOC’s are ingested and shared with key stakeholders.
  • Administer and maintain TIP accounts and applicable reviews
  • Main POC for innovative solutions for internal partner challenges
  • Create and deliver technical alerts and vulnerability notifications.
  • Create new use cases, CREs, and reports to drive continuous improvement and detection accuracy
  • Assists incident handling for the Cyber Security Incident Response Team (CSIRT). Assists with corrective action plans, audit findings and security issues, ensuring problems are resolved in an effective and timely manner.
  • Defines, documents, reviews, and updates security related processes and procedures.
  • Participate in proactive research and provide recommendations for continuous improvement on information security technologies, processes and services
  • Support with the team to manage and maintain the health of Security Orchestration, Automation, and Response infrastructure manager/clients.
  • Provide critical input and decision support to shape our threat detection program (detections and tuning)
  • Assist in design, maintenance, and implementation cyber threat hunt initiatives.

Requirements

  • Experience with Threat Intelligence Platforms and supporting operations
  • Must have variable level audience from technical to executive oral and written communication skills
  • Excellent interpersonal and organizational skills
  • 3 years experience in SIEM, SOAR technologies, and enterprise data centralization management
  • Proven experience in tuning and creating TIP Custom Rule Engine (CRE), labeling, and configurations to ensure the detection priority
  • Enterprise experience in event correlation, data engineering, and using information gathered from a variety of sources within the enterprise to gain situational awareness and indicator of attacks.
  • 2 years experience in enterprise level threat hunting
  • Ability to author investigation and incident reports for technical and non-technical audiences.
  • Expertise in shell scripting and other programming languages, such as Powershell and Python.
  • Preferred Bachelor’s Cyber Security, Information Technology, Computer Science or related field

More Information

Apply for this job

Leave your thoughts