Senior - Threat Intelligence Engineering




¿Can you imagine participating in the transformation of leading national and international organizations?

At Deloitte, we are committed to making an impact on society, our clients, and you.


As part of the global Centralized Cybersecurity Threat Intel team, the Threat Intelligence Engineer reports to the Signatures & Tools Manager. Intelligence Engineering lives within the collection function of the Threat Intelligence group. 


As a Threat Intelligence Engineer, you will enable the automated collection, processing, storage, and dissemination of cyber threat data to/from a central Threat Intelligence Platform (TIP), a link analysis tool, open source indicator sharing platform, and other tools and databases that facilitate research and analysis. The Threat Intelligence Engineer is responsible for streamlining collection of threat indicators, designing applications that process data from disparate sources, and integrating intelligence outputs with cyber defense technologies. 



What is the challenge?


  • Create workflows and playbooks to parse, format, and tag imported threat data, to include creating new data objects, defining data object values, and defining metadata.
  • Enable TIP to automatically disseminate select threat data to Deloitte security appliances, to include writing custom scripts as well as working with off-the-shelf integrations/apps.
  • Implement solutions through our existing DevOps maturity model, primarily utilizing languages such as Python and accessing data via restful APIs.
  • Perform administration and maintenance activities for tools and databases owned and maintained by the Threat Intelligence Service.
  • Relay updates and roadmaps from vendors to development stakeholders.
  • Involve yourself in agile documentation practices.
  • Follow the Definition of Done for both developments and integrations, conduct implementation and development testing, adhering to standards.
  • Support Secure Systems Development Lifecycle (SSDLC), including functional and non-functional cybersecurity requirements for all new application developments.
  • Partner with other cyber security and information technology teams to create and document processes and technologies, define requirements/use cases for integrations, and collaborate on user acceptance and systems integration testing.



How do we imagine you?


  • Required:
    • Bachelor’s Degree preferably in a technology-related field, or equivalent education-related experience.
    • Minimum of 3 years of experience in Security Engineering.
    • Understanding of OSI Layer, network fundamentals and protocols.
    • Knowledge on authentication and authorization concepts & User Account Management.
    • Experience in understanding Application Resource Management and troubleshooting.
    • Experience in development/writing API connectors and scalable applications.
    • Thorough understanding of technology infrastructures using Firewalls, VPN, Data Loss Prevention, IDS/IPS, and Web-Proxy.
    • Ability to automate manual processes in Python and/or PowerShell.
    • Experience defining customer requirements/use cases for scripts or application integrations.


  • Preferred:
    • Understanding of host and network forensic artifacts and indicators of compromise.
    • Experience orchestrating processing of information with Threat Intel Platforms, Link Analysis tools, MISP, Azure DevOps, or any Orchestration tools.
    • Experience working with Splunk, to include integrating external data via Splunk Apps or the Splunk API.
    • Experience managing threat data feeds from commercial threat intelligence vendors.
    • Understanding of Splunk Enterprise Security, to include LookupTables and Splunk Threat Intelligence data model.
    • Familiarity building integrations with ServiceNow.
    • Familiarity with Security Audits.



How is it to work at Deloitte?


🤩 High-impact projects where you will have a long journey and learning experience

☯️ A hybrid-flexible daily routine: you will have flexible hours and a good balance between remote work and teamwork in our offices or our clients’ offices

⚽ Good atmosphere inside and outside the office: you will enjoy several team buildings per year, cultural and sports activities... and much more!

🧘‍♀️ Comprehensive well-being: take care of yourself with our physical, mental, and financial health program... and with a medical team in the offices!

🤲 Social impact: You can sign up for a large number of national and international volunteer opportunities and pro-bono projects where you can put your time and talent at the service of those who need it most

🗣️Culture of feedback and continuous learning: you will grow in an inclusive environment where equal opportunities and your personalized training plan will boost your development. Can you already see yourself at the Deloitte University in Paris?

🤝 Exclusive benefits for being part of Deloitte: you will be able to enjoy a wide catalog of benefits and a complete flexible compensation plan


If you like what you read, here are your next steps:


  • Apply for the position by clicking on 'Submit application now' and complete your profile
  • If you are a good fit for the role, our talent team will contact you to get to know you better


Start the process! We will guide you through the different stages until your incorporation.

Deloitte es una Firma de servicios profesionales firmemente comprometida con la igualdad de oportunidades. En este sentido, la Firma aceptará y tramitará solicitudes de todos los sectores de la sociedad, no discriminando por motivos de sexo, expresión de género, raza, religión o creencias, origen étnico o nacional, discapacidad, enfermedad o condición de salud, predisposición genética a sufrir patologías, edad, ciudadanía, estado civil, orientación o identidad sexual, situación socioeconómica o cualquier otra condición o circunstancia personal o social.
Ubicación:  Madrid
Tipo de puesto:  Profesionales con experiencia
Línea de servicio:  T&T
Req Id:  40027