We are looking for a Cyber Threat Intelligence Lead who will play a key role in identification, interpretation, transformation, and dissemination of intelligence crucial to the protection of Guidewire and its customers. This role will provide Incident Response teams with impactful information about threats and vulnerabilities, and use information derived from all intelligence disciplines to determine changes in actor activity, capabilities, intent, and resources. This role will focus on the identification, analysis, processing, and distribution of finished intelligence.
Responsibilities
- Provide strategic direction and ownership for Threat Intelligence/Digital Risk Protection within the multi-functional contexts of cyber assurance, application security, incident response, digital forensics
- Work with various partners to build out a General Intelligence Requirements Handbook (GIRH)
- Review, assess, and derive impactful threat intelligence from multiple open-source, commercial, and private sources to produce deliverables for both technical and executive audiences.
- Demonstrated ability to lead diverse teams in complex, evolving analytical missions especially where priorities may shift due to the evolution of threat landscape
- Demonstrated knowledge of Incident Response methodology and attacker tradecraft.
- Experience working closely with threat intelligence analysts to understand their workflow and analytic problems and turning those into large-scale analytics and repeatable methodologies
- Experience working with detection creation methodologies across multiple platforms
Requirements
- Expertise in tools, techniques, and procedures consistent with both routine cybercriminals and advanced adversary attacks using the cyber kill chain and diamond model.
- Experience setting up Threat intelligence platform to ingest and disseminate actionable intelligence to Incident Response Team
- Experience with managing Digital Risk Protection tools
- Demonstrable experience in threat landscape assessment for products and applications deployed within a cloud-based environment such as AWS/Azure/GCP
- Experience leveraging threat intelligence principles in strategic and tactical applications to deliver actionable high-level insights, support real-time intrusion events, and advise vulnerability management operations
- Has a sound understanding of SIEM, DLP, CASB, EDR, operating systems, DRP, Canary Tokens, etc.
- Excellent written and verbal communication skills with an eye for detail and the ability to articulate business needs in cross-group and partner scenarios.
- Good Analytical, Problem solving and Interpersonal skills
Good to have
- Ability to automate solutions to repetitive problems/tasks using scripting languages such as Perl, Python, PowerShell or Bash!
- Certifications from SANS, Offensive Security, ISC2, AWS, Azure, GCP is a plus!
About Guidewire
Guidewire is the platform P&C insurers trust to engage, innovate, and grow efficiently. We combine digital, core, analytics, and AI to deliver our platform as a cloud service. More than 450 insurers, from new ventures to the largest and most complex in the world, run on Guidewire.
As a partner to our customers, we continually evolve to enable their success. We are proud of our unparalleled implementation track record with 1000+ successful projects, supported by the largest R&D team and partner ecosystem in the industry. Our Marketplace provides hundreds of add-ons that accelerate integration, localization, and innovation.
Guidewire Software Inc. provides equal employment opportunities to all applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. All offers are contingent upon passing a criminal history and other background checks where it's applicable to the position.
We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.