We are looking for a Cyber Threat Intelligence Lead who will play a key role in identification, interpretation, transformation, and dissemination of intelligence crucial to the protection of Guidewire and its customers. This role will provide Incident Response teams with impactful information about threats and vulnerabilities, and use information derived from all intelligence disciplines to determine changes in actor activity, capabilities, intent, and resources. This role will focus on the identification, analysis, processing, and distribution of finished intelligence.
Responsibilities
- Provide strategic direction and ownership for Threat Intelligence/Digital Risk Protection within the multi-functional contexts of cyber assurance, application security, incident response, digital forensics
- Work with various partners to build out a General Intelligence Requirements Handbook (GIRH)
- Review, assess, and derive impactful threat intelligence from multiple open-source, commercial, and private sources to produce deliverables for both technical and executive audiences.
- Demonstrated ability to lead diverse teams in complex, evolving analytical missions especially where priorities may shift due to the evolution of threat landscape
- Demonstrated knowledge of Incident Response methodology and attacker tradecraft.
- Experience working closely with threat intelligence analysts to understand their workflow and analytic problems and turning those into large-scale analytics and repeatable methodologies
- Experience working with detection creation methodologies across multiple platforms
Requirements
- Expertise in tools, techniques, and procedures consistent with both routine cybercriminals and advanced adversary attacks using the cyber kill chain and diamond model.
- Experience setting up Threat intelligence platform to ingest and disseminate actionable intelligence to Incident Response Team
- Experience with managing Digital Risk Protection tools
- Demonstrable experience in threat landscape assessment for products and applications deployed within a cloud-based environment such as AWS/Azure/GCP
- Experience leveraging threat intelligence principles in strategic and tactical applications to deliver actionable high-level insights, support real-time intrusion events, and advise vulnerability management operations
- Has a sound understanding of SIEM, DLP, CASB, EDR, operating systems, DRP, Canary Tokens, etc.
- Excellent written and verbal communication skills with an eye for detail and the ability to articulate business needs in cross-group and partner scenarios.
- Good Analytical, Problem solving and Interpersonal skills
Good to have
- Ability to automate solutions to repetitive problems/tasks using scripting languages such as Perl, Python, PowerShell or Bash!
- Certifications from SANS, Offensive Security, ISC2, AWS, Azure, GCP is a plus!
The US base salary range for this full-time position is $135,000-203,000 + bonus + equity + benefits. Our salary ranges are determined by role, level, and location. The range displayed on each job posting reflects the minimum and maximum target for new hire salaries for the position across all US locations. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your recruiter can share more about the specific salary range for your preferred location during the hiring process. We also pride ourselves on being a pay for performance company.
Please note that the compensation details listed in US role postings reflect the base salary only, and do not include bonus, equity, or benefits.
About Guidewire
Guidewire is the platform P&C insurers trust to engage, innovate, and grow efficiently. We combine digital, core, analytics, and AI to deliver our platform as a cloud service. More than 450 insurers, from new ventures to the largest and most complex in the world, run on Guidewire.
As a partner to our customers, we continually evolve to enable their success. We are proud of our unparalleled implementation track record with 1000+ successful projects, supported by the largest R&D team and partner ecosystem in the industry. Our Marketplace provides hundreds of add-ons that accelerate integration, localization, and innovation.
Guidewire Software, Inc. is proud to be an equal opportunity and affirmative action employer. We are committed to an inclusive workplace, and believe that a diversity of perspectives, abilities, and cultures is a key to our success. Qualified applicants will receive consideration without regard to race, color, ancestry, religion, sex, national origin, citizenship, marital status, age, sexual orientation, gender identity, gender expression, veteran status, or disability. All offers are contingent upon passing a criminal history and other background checks where it's applicable to the position.
Disability Accommodations and Guidewire’s Appeals Process. Guidewire provides accommodations to the hiring process to create a fair opportunity for candidates with disabilities to contend for open positions. Accommodation requests should be directed to (650) 356-4940 or
Accommodations@guidewire.com. If things do not go as hoped, we invite you to use our appeals process. Guidewire promises to independently review any denied accommodation and any decision not to offer you the position. The appeals process is the same in either case. Within five business days of receiving a notice of denial of an accommodation, or receiving a notice of your non-selection for a vacancy, call (650) 356-4940 or e-mail
Accommodations@guidewire.com to make an appeal. Guidewire will assign a new decision-maker to review the request and/or hiring decision, who will then notify you in writing of a decision within 10 business days.