Threat Intelligence Specialist

Threat Intelligence Specialist
Locations: Palo Alto
Base Salary Range: $142,000 - $226,000

_

X’s Threat Disruption team provides expert scaled investigative support into various platform related threats including violations of our platform safety and integrity policies. Our objective is to increase the costs to bad actors for manipulating the platform and mitigate associated harm.

Responsibilities: 

• Build heuristic rules to detect and stop bad actors on X, and contribute to building other detection systems and Safety product features.

• Use data analysis to identify signals used by bad actors on X, develop threat actor profiles, and complete scaled investigations into those signals/bad actors.

• Conduct threat modeling to improve threat detection and mitigation.

• Investigate anomalies and scaled threats detected by other Safety or partner teams.

• Perform continuous research based on open source and internal tooling on specific threats, including threat actors and campaigns, to determine detection and enforcement gaps for X Rules and policies. This includes campaign tracking and trending evaluation.

• Work closely with Engineering teams to retroactively retroactively remediate on-platform threats and create heuristics to proactively prevent threats from reoccurring. 

• When needed, produce brief bulletins, assessments, or full-length profiles of actors for stakeholders delivered in a timely and contextual manner. 

• Manage external and internal Threat Intelligence partnerships on behalf of X. This includes optimizing and managing data sources of threat intelligence information.

Qualifications: 

• Bachelor’s Degree in Computer Science, Information Assurance, Data Science, Software Engineering, Management Information Systems, or equivalent work experience.

• 3+ years Threat Intelligence experience working on relevant issues (safety, security, and/or content policy), preferably at an internet or technology company.

• Experience creating heuristics to identify and remediate scaled threats (e.g. YARA rules). 

• Proficient using SQL and relational databases in your work. 

• Ability to use Python, R, or another scripting language to facilitate scaled data analysis.

• Experience with problem solving and troubleshooting complex issues with an emphasis on root cause analysis.

• Strong interpersonal and communication skills. Must be able to effectively communicate security and threat concepts with both technical and non-technical individuals.

• Works well under pressure, and is comfortable working independently in a fast-paced, ever-changing environment.

• Preferred: Past experience or knowledge of Scala and/or Java programming languages.

• Preferred: Fluency in one or more of the following languages (French, German, Spanish, Turkish).