Cyber Threat Intelligence) Team Lead

Overview

Hybrid
$60 - $70
Contract - Independent
Contract - W2
75% Travel

Skills

Amazon Web Services
Cloud Computing
Collaboration
Continuous Improvement
Google Cloud Platform
Good Clinical Practice
Incident Management
Forensics

Job Details

Job Title

CTI (Cyber Threat Intelligence) Team Lead

Duration

6 month contract to start, long term expectation

Location

M-Th in-office; Various office locations:

    • Northern CA
      • Rocklin office: 3750 Atherton Rd, Rocklin, CA 95765 <- strong preference
      • San Francisco office: 100 North Point, San Francisco, CA 94133
    • Brooklyn, NY: 55 Water Street, Brooklyn, NY 11201

Duties/Day to Day Overview

    • Conduct threat intelligence analysis leveraging OSINT, proprietary threat feeds, and internal telemetry.
    • Lead proactive threat hunting campaigns across networks, endpoints, and cloud environments using behavioral indicators and hypothesis-driven approaches.
    • Perform incident response investigations including root cause analysis, containment, eradication, and lessons learned reporting.
    • Execute digital forensic analysis on compromised systems, email threats, and insider threat cases.
    • Collaborate with SOC, DevSecOps, and infrastructure teams to triage and remediate critical security events.
    • Provide technical expertise to red team operations, simulate APT-style attacks, and help identify weaknesses in detection and response strategies.
    • Assist in vulnerability management efforts by identifying high-risk issues and validating remediation plans.
    • Support continuous improvement of threat detection capabilities, SIEM tuning, and custom alert development.
    • Serve as an SME on network security protocols, firewall log analysis, lateral movement detection, and data exfiltration prevention.

Top Requirements

(Must haves)

    • Bachelor s degree in Computer Science, Information Security, or related field.
    • 5+ years of experience in Information Security roles with deep exposure to threat intelligence, incident response, and forensics
    • Cool calm, demeanor who is teachable and then can turn around and help others. Someone ordered and methodical.
    • Prior experience in red team / offensive security operations or working alongside red team engagements
    • Strong knowledge of attack frameworks such as MITRE ATT&CK, Cyber Kill Chain, and Diamond Model
    • Hands-on experience with tools such as:
      • Tanium, CrowdStrike, GoogleSec Opps, Proofpoint, Palo Alto Demisto, Axonius, ExtraHop
      • Scripting or automation using Python, PowerShell, or Bash
    • Solid understanding of network protocols, cloud architectures (AWS/Google Cloud Platform/Azure), and endpoint telemetry
    • Excellent written and verbal communication skills for incident write-ups and executive briefings
    • Experience in ecommerce protection/application security & compliance.

Additional Qualifications

    • Experience with purple team engagements or SIEM detection engineering
    • Familiarity with threat modeling and intel enrichment platforms
    • Ability to brief stakeholders, legal, and compliance teams on cyber threat risks
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.