Sr Intelligence Ops Eng (US Remote)

Reporting to the Product Manager of Intelligence, the Intelligence Operations Engineer is responsible for assisting with the development and maintenance of tools and infrastructure used by Cofense Threat Intelligence Analysts to support the production of intelligence reporting. This role’s mission is to amplify phishing campaign analysis, enrichment, correlation, validation, and reporting through higher efficiency production with maximized automation.

Essential Duties/Responsibilities

• Assist with the design and deployment of effective and scalable infrastructure and tools analyzing large datasets used to produce Threat Intelligence reports.
• Assist with the creation and maintenance of databases, relational data structures, and correlative processes to produce long-term trend analyses.
• Work with teammates to create optimized and innovative processes that ensure Threat Intelligence reporting is produced efficiently and with a high level of confidence.
• Troubleshoot and resolve issues in production analysis tools and infrastructure.
• Collaborate with Cyber Threat Intelligence Analysts to develop requirements for features and tools that will improve their workflow.
• Research and identify new technologies around malware analysis, automation, and data enrichment that will increase the efficiency of analysis and intelligence production.
• Collaborate with the Intelligence Development team to link analysis tools with collection sources and publication pipelines.
• Other duties as assigned.

Knowledge, Skills and Abilities Required

• Working knowledge of Python and familiarity with at least one other programming language commonly used in “scripting” (JavaScript, PowerShell, Go, etc.)
• Functional knowledge of AWS and other cloud infrastructure tools and architectures
• Functional knowledge of containerized environment creation, operation, and administration (Docker)
• Experience using and configuring Elastic Search with an understanding of data structure and formatting (JSON)
• Understanding of malware analysis techniques, threat intelligence, and threat research
• Ability to use and modify command line script applications and utilities
• Ability to interact with customers to develop and deliver on requirements
• Familiarity with web development and frameworks such as Flask, Django or Vue
• Ability to effectively manage emerging priorities to ensure daily tasks are executed as needed
• Ability to communicate progress to analyst and leadership teams
• Highly motivated with a self-starter mentality and ability to work with minimal oversight
• Interest in cyber-attack lifecycles and threat actor tactics, techniques, and procedures.
• Candidate should enjoy fast-paced, team-oriented environment that encourages creativity.

Education and/or Experience:

• At least 5-7 years engineering and/or development operations experience
• At least 1 year experience with malware analysis or incident response preferred
• Experience with developing automation pipelines preferred
• Experience with Continuous Deployment/Continuous Integration tools
• Experience with developing tools or software used by “Power Users”
• Experience in security operations or phishing and malware analysis preferred
• A Bachelor’s degree in Computer Science, Cybersecurity, or Computer Forensics is preferred but not required

- Disclaimer-

The above statements are neither intended to be an all-inclusive list of the duties and responsibilities of the job described, nor are they intended to be a listing of all of the skills and abilities required to do the job. Rather, they are intended only to describe the general nature of the job. This job description is not a contract of employment, either express or implied. Employment with Cofense will be voluntarily entered into and your employment is considered at will. Cofense reserves the right to alter the job description at any time without notice.

Cofense is committed to equal employment opportunity. We will not discriminate against employees or applicants for employment on any legally recognized basis [protected class] including, but not limited to: veteran status, uniform service member status, race, color, religion, sex (including pregnancy), gender identity, sexual orientation, national origin, age, physical or mental disability, marital status, genetic information or any other status or characteristic protected by applicable national, federal, state or local laws and ordinances. We adhere to these commitments in all aspects of employment, including recruitment, hiring, training, compensation, promotion, benefits, and discipline.