Threat Intelligence and Detection Engineer

At Insane Cyber, we’re focused on advancing cybersecurity for the better. We’ve developed innovative tools backed by expert support to change how organizations perform deep level proactive and reactive analysis. We partner with our customers to provide cutting-edge solutions and services to help protect our critical infrastructure and critical operations from threats – from the power grid to manufacturing. 

Our flagship Valkyrie and Cygnet products provide host and network analysis automation beyond the capabilities of other products on the market. Our Corvus and Aesir product lines deliver managed and professional services to help assess and fill gaps and weaknesses in the security posture of clients' security programs. 

It’s an exciting time for us as we continue to grow our products and services, and we need a great team in place! 

As we grow, we are seeking a Threat Intelligence and Detection Engineer to join our team. This role is crucial for the continued development and enhancement of our flagship products, Valkyrie and Cygnet. You will be a key player in our professional services team, bringing your expertise and innovative thinking to advance our technology and maintain our competitive edge in the market. 

Responsibilities  

Provide expert proactive and reactive consultancy services to clients, helping them understand and mitigate cybersecurity risks. Typical services include, but are not limited to threat hunting, incident response, digital forensics, and architecture reviews 

Keep up with current and emerging threats and develop innovative ways to implement detection of threats in Valkyrie and Cygnet with both host and network data 

Collaborate with engineering, professional services, external customers and other internal and external groups to identify, architect, develop and deliver capabilities to end users 

Perform analysis and investigations, correlating events and data to detect security incidents 

Participate in incident response efforts throughout the IR life cycle.  

Develop and maintain security incident response plans

Operationalize, monitor, and optimize security and network monitoring solutions  

Improve observability and monitoring of the customer environments, collaborating with internal and customer teams to enhance visibility into security events and incidents 

Apply working experience with protocol dissection and proprietary protocol analysis—preferably
in the industrial space 

Work with a cross-functional team to develop new detections specifically for industrial environments 

Deliver solutions to and manage cybersecurity projects, ensuring alignment with client needs and best industry practices 

Build and maintain strong relationships with clients, acting as a trusted advisor in cybersecurity matters 

Ensure the quality and timeliness of service delivery, adhering to project deadlines and client expectations 

Stay updated on the latest cybersecurity trends and technologies, applying this knowledge to improve service quality

Qualifications 

Minimum 3-5 years of full-time experience in cybersecurity 

Bachelor’s or Master’s degree in Information Technology, Cybersecurity, or a related field, or equivalent experience 

Experience in digital forensics, incident response, or threat hunting is a plus 

Experience in industrial sectors, Operational Technology (OT), Industrial Control Systems (ICS) and/or critical operations assurance is a plus  

Experience in a startup or rapidly growing professional services organization is a plus 

Working knowledge of proprietary and open-source threat detection engines and rulesets (Suricata, Yara, Sigma, Zeek, etc.) 

Working experience with host and network data analysis across packet capture files, host logs, registry, memory and/or disk artifacts 

Working knowledge of major nation state and criminal level threats and experience building host and network detections to identify those threats 

Deep working knowledge of MITRE ATT&CK, D3FEND, or other threat modeling frameworks 

[Nice to Have] Proficiency in backend languages and frameworks, such as Python, JavaScript, C, Go, Rust, or similar technologies 

Proven track record of successful delivery in a consulting environment 

Excellent client relationship management skills and the ability to explain complex technical concepts clearly 

Strong communication skills, collaboration mindset, and an ability to learn quickly required 

Benefits  

Competitive Base Salary

Equity offering subject to board approval 

Comprehensive medical/dental/vision/life insurance plan  

Retirement plan with employer match  

Flexible working hours and generous time-off policy  

Insane Cyber is proud to be an equal-opportunity employer. We celebrate diversity and strive to foster an inclusive environment for all employees. If you're a visionary with a passion for pushing the boundaries of industrial cybersecurity, we'd love to hear from you.