Royal Caribbean

Threat Intelligence Engineer

Position Summary:

As a Threat Intelligence Engineer, you will support our cybersecurity team by analyzing, collecting, and sharing actionable threat intelligence to protect our organization’s digital assets. You will collaborate across teams to identify emerging threats and assist in investigations and mitigation efforts. This role offers opportunities to work with cutting-edge cybersecurity technologies in a dynamic environment.

Essential Skills and Responsibilities:

• Threat Data Collection and Analysis

Collect and analyze internal and external data to identify cybersecurity threats and vulnerabilities, ensuring relevance to security teams.

• Threat Mapping and Monitoring

Monitor intelligence feeds to detect vulnerabilities and cyber risks, allowing for proactive responses based on identified threats.

• Mapping Threat Actors to Infrastructure

Identify relationships between threat actors and their infrastructure to enhance our understanding of potential risks. Pivot on known IoCs to uncover related infrastructure.

• Processing Indicators of Compromise (IoCs)

Extract and validate IoCs from incidents and malware reports in order to enrich them within our threat intelligence platform for timely detection and response. Processing of IoC’s within Sandbox. Tag, score and categorize IoCs for relevance, confidence, and threat actor attribution. Proactively push high-confidence IoCs for blocking

• MITRE ATT&CK Framework Utilization

Apply the MITRE ATT&CK framework to understand threat actor tactics and improve analysis and reporting.

• Threat Intelligence Reporting

Assist in the creation of detailed reports and briefings for technical and non-technical audiences, providing actionable insights aligned with organizational goals.

• Adversary Profile Development

Develop and maintain profiles of threat actors and their tactics to support effective threat mitigation strategies.

• Cross-Team Collaboration

Work closely with various teams to share intelligence and support investigations, ensuring coordinated security efforts. Work with external teams to disseminate timely information.

• Research and Investigation

Conduct research on threat actors and malware to inform cybersecurity efforts and improve detection and response mechanisms.

• Continuous Learning

Stay updated on cybersecurity trends and share knowledge within the team to enhance collective intelligence efforts.

QUALIFICATIONS AND EDUCATION

• Work Experience: At least 3-5 years experience
• Experience.educational background: a bachelor’s degree in cybersecurity, computer science, intelligence studies, or a related field, or equivalent work experience.
• Cybersecurity knowledge: basic understanding of core cybersecurity principles, including threat intelligence, risk management, incident response, and security operations.
• Mitre att&ck framework: familiarity with the mitre att&ck framework and how to apply it for threat analysis and reporting.
• Analytical skills: strong ability to analyze large volumes of complex data, identify patterns, and synthesize actionable insights that address pirs.
• Technical tools proficiency: familiarity with common cybersecurity tools and platforms such as siems, threat intelligence platforms, and network monitoring tools. hands-on experience with these tools is a plus.
• Communication skills: strong verbal and written communication skills, with the ability to translate codmplex technical findings into clear and concise reports for diverse audiences.
• Collaboration and teamwork: ability to work effectively in a collaborative team environment, sharing intelligence and assisting in cross-functional efforts.
• Attention to detail: a keen eye for detail, with a strong focus on accuracy and thoroughness in all tasks.

preferred qualifications:

• Certifications: relevant certifications such as security+, ceh, or giac are a plus.
• Programming/scripting knowledge: experience with scripting languages (e.g., python, powershell) for automating data analysis or incident response.
• Hands-on threat intelligence experience: practical experience with threat intelligence tools, platforms, and frameworks.

#LI-RC1