isecjobs.com

Threat Content Developer

Madrid, Community of Madrid, Spain (Hybrid)

⚠️ We'll shut down after Aug 1st - try foo🦍 for all jobs in tech ⚠️

Full Time Mid-level / Intermediate EUR 34K - 79K * est.
Company logo

Integrity360

Integrity360 are the fastest growing cyber security specialists in Europe. Learn more about how we can help your organisation grow securely.

View all jobs at Integrity360

Apply now Apply later

About Us 

Integrity360 is one of Europe’s leading cyber security specialists operating from office locations spread out across Europe, providing a comprehensive range of professional, support and managed cyber security services for our 300+ clients. With four top-class Security Operation Centers, we offer a complete end-to-end security services covering our clients’ security from every angle. Our services include Managed Security, Cyber Security Testing, Incident Response, Security Integration, PCI Compliance and Cyber Risk & Assurance services. 



What sets Integrity360 apart is our excellent team of people that drive the business forward. The company was founded with a focus on technical expertise and that philosophy remains today. The skills and experience in our company are some of the greatest in the industry and clients remain with Integrity360 because they can rely on and trust us to go above and beyond to ensure their needs are met. Listed multiple times on Gartner Market Guides for Managed Security Services. 

 

Job Role

The role of Threat Content Developer provides the successful candidate with an opportunity to develop & enhance Integrity360’s threat detection capabilities across Managed Detection & Response (MDR) service lines.

Tracking adversary activity across a range of industries, the successful applicant will help to ensure Integrity360-managed products are positioned to detect the latest tactics, techniques, and procedures employed by attackers.


Working alongside teams including Incident Response, Cyber Threat Intelligence, and Integrity360’s Cyber Security Operations Centre (CSOC), the successful applicant will translate intelligence concerning adversary activity into detection capabilities which guide actionable investigations of real time threats.


You will bring your knowledge & expertise of security operations, threat detection and security platforms, and threat intelligence review to technically assess and prioritize evolving threats. Considering Integrity360’s existing use case catalogue, you will help to identify and close gaps in coverage, continually improving detective capabilities with proactive and reactive additions to Integrity360’s overall threat content roadmap.


If security is something that is not just your career but your passion – you spend endless hours researching and reading about what is happening in the world and where/how the latest hacks or vulnerabilities exploits are happening….we want to hear from you!


Key Areas / Responsibilities

  • Continual assessment of the Integrity360 detection portfolio, considering strengths and weaknesses and translating them into roadmap items and priorities.
  • Ongoing analysis of various threat intelligence forms, tracking adversary activity in the context of adversary groups, campaigns, and software.
  • Tracking emerging threats, such as 0-day exploits published for popular software used across the Integrity360 customer base.
  • Continuous deployment of detection analytics (predominantly to SIEM), designed to detect any threats or risks identified during threat intelligence reviews.
  • Engage with colleagues, from teams such as Incident Response, to identify indicators which may precede successful attacks, operationalizing those indicators into new detections.
  • Contribute to the development of new tools used within the Threat Content Development team, typically leveraging automation to minimize delivery times and maximize intelligence integrations.
  • Author technical documentation, with high-level explanations and low-level details of new detections and/or systems.



Qualifications / Qualities:

Basic:

  • 3+ years hands-on technical experience within an IT security related position, such as Detection Engineer, DevSecOps Engineer, Network Security Engineer, Cyber Security Engineer, Information Security Engineer, etc.
  • Demonstrable experience implementing threat detection capabilities in security tooling such as SIEM, EDR, XDR, or SOAR.
  • Deep understanding of security frameworks such as Mitre ATT&CK, OWASP, NIST, and/or CIS.
  • Strong, low-level understanding of networking principles, operating systems, and software design practices.
  • Familiar with commonly adopted cloud technologies across different vendors (e.g. Azure, AWS, GCP).
  • Genuinely passionate about security, with a curious and analytical approach to problem solving.

Preferred:

  • A working knowledge of incident response and investigation best practices, capable of identifying avenues of investigation for new detections.
  • Capable of working with one or more programming/ scripting language, e.g. Python, PowerShell, Bash, etc.
  • Experience working with one or more popular CI/CD tool, such as Azure DevOps or GitLab Runner, familiar with tools such as git.

 

 


Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  1  0  0
Categories: Security Engineering Jobs Threat Intel Jobs

Tags: Analytics Automation AWS Azure Bash CI/CD Cloud Compliance CSOC DevOps DevSecOps EDR Exploits GCP GitLab Incident response MITRE ATT&CK Network security NIST OWASP PowerShell Python Scripting SIEM SOAR Threat detection Threat intelligence Vulnerabilities XDR Zero-day

Perks/benefits: Career development

Region: Europe
Country: Spain

More jobs like this

« Back to job search To the top ↑

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.

Senior Cloud Security Engineer jobsSystems Engineer jobsSenior Information Security Analyst jobsSenior Cybersecurity Engineer jobsSystems Administrator jobsSenior Security Analyst jobsSecurity Operations Engineer jobsCyber Security Specialist jobsSenior Product Security Engineer jobsInformation System Security Officer (ISSO) jobsInformation Security Manager jobsSenior Information Security Engineer jobsSecurity Specialist jobsSenior Network Security Engineer jobsSecurity Consultant jobsInformation Systems Security Engineer jobsChief Information Security Officer jobsSenior Cyber Security Engineer jobsIT Security Engineer jobsSenior Software Engineer jobsCyber Threat Intelligence Analyst jobsNetwork Engineer jobsSenior IT Auditor jobsCybersecurity Specialist jobsSecurity Operations Analyst jobs
Security assessment jobsEncryption jobsBash jobsJava jobsTS/SCI jobsRMF jobsSDLC jobsThreat detection jobsITIL jobsTerraform jobsIDS jobsSplunk jobsSQL jobsCompTIA jobsMalware jobsTop Secret jobsDocker jobsIPS jobsForensics jobsOWASP jobsFinance jobsActive Directory jobsGIAC jobsSOC 2 jobsClearance Required jobs
OSCP jobsCRISC jobsMITRE ATT&CK jobsDoDD 8570 jobsHIPAA jobsTCP/IP jobsIntrusion detection jobsVPN jobsCCSP jobsSOAR jobsZero Trust jobsDNS jobsIT infrastructure jobsJavaScript jobsAnsible jobsNIST 800-53 jobsIndustrial jobsKPIs jobsMachine Learning jobsBanking jobsUNIX jobsGCIH jobsData Analytics jobsSANS jobsSOX jobs