United Natural Foods Inc

Apply for this job

Cybersecurity Engineer Sr - Threat Intelligence - Remote (Finance)



Job Overview:

The threat intelligence engineer identifies and mitigates cyber threats, which enhances UNFI's security posture, and protects critical assets. The role provides actionable threat intelligence that includes indicators of compromise (IOCs), technique, tactics, and procedures (TTPs), behaviors, trends and emerging threats that could exploit vulnerabilities to help defend UNFI. The role produces actionable reports, briefings, technical reports for internal stakeholders. The role is required to support the development of new detection rules and analytics based on evolving threats. The role leads engagements, communicates technical details to senior leadership, mentors junior staff, and provides technical direction to the program.

Job Responsibilities:

  • Monitor threat intelligence feeds and alerts
  • Analyze Indicators of Compromise (IOCs), TTPs (Tactics, Techniques, and Procedures), and threat actor behavior
  • Participate in threat hunting or incident response investigations as a supporting analyst
  • Prepare briefings or bulletins on emerging threats (e.g., a new CVE, ransomware campaign, or APT activity)
  • Update threat intelligence platforms and threat models with recent findings
  • Meet with other internal teams (SOC, Red Team, Vulnerability Management, Risk) to share intelligence
  • Perform deep-dive analysis on specific threats (e.g., tracking a ransomware group's evolution)
  • Correlate internal telemetry (SIEM, logs, EDR data) with external threat intelligence
  • Apply intelligence to create use cases and detection rules through collaboration across teams
  • Publish internal threat landscape reports or executive summaries
  • Run tabletop exercises or simulations based on current threat actor behavior
  • Produce a comprehensive annual threat landscape report specific to the organization
  • Update the threat intelligence program's roadmap and tooling
  • Refresh or rebuild threat actor profiles and threat models (e.g., mapping to MITRE ATT&CK)
  • Conduct intelligence-sharing collaborations (e.g., with ISACs, government, or vendors)
  • Contribute to red/purple team scenario planning
  • Performs other duties as assigned

Job Requirements:

Education/ Certifications:

  • BA/BS in Computer or Cybersecurity domain
  • At least 1 industry leading or senior level cybersecurity certification, for example: ISC2 Certified Information Systems Security Professional (CISSP), GIAC Cyber Threat Intelligence (GCTI), EC-Council's Certified Threat Intelligence Analyst (CTIA), CREST Practitioner Threat Intelligence Analyst (CPTIA), MITRE MAD ATT&CK Cyber Threat Intelligence Certification
  • Experience:
  • 8+ years of hands-on cybersecurity experience within IT environments.
  • 5+ years of experience as a threat intelligence analyst.

Knowledge/Skills/ Abilities
  • Ability to multitask and prioritize work effectively
  • Highly motivated self-starter
  • Strong sense of ownership and driven to manage tasks to completion
  • Complex critical thinking and security analysis skills
  • Advanced written and verbal communication skills for a wide array of audiences
  • Ability to communicate technical risk details into easy-to-understand language
  • Knowledge of threat modeling and adversary tactics and techniques frameworks, such as MITRE ATT&CK matrices, Cyber Kill Chain, STRIDE, or PASTA
  • Ability to write succinct briefings, presentations, and reports to convey analysis, threat trends, threat actor profiles, indicator bulletins, vulnerability details and defensive strategies to varied audiences
  • Knowledge of current and emerging cyber adversaries and their techniques, tactics, and procedures (TTPs)
  • Good judgment is required for this position as there may be times when direct supervision may not be immediately available.

Work Environment:

Remote Role:

  • This position is classified as remote where the associate will perform remote work from their primary residence. Remote associates are welcome to work from the office but are not required to do so. While remote associates are not required to work from an office on a regular basis, they may be required to come to the office or other UNFI locations for necessary business reasons or if directed to do so by their manager.

Travel (minor):
  • This position may require the associate to travel to company offices, distribution centers, or other locations for specific meetings or other business reasons

Physical Environment/Demands:

Office Roles:

  • Most work is performed in a temperature-controlled office environment.
  • Incumbent may sit for long periods of time at a desk or computer terminal.
  • While performing the duties of this job, the employee is regularly required to sit; use hands to finger, handle, or feel; reach with hands and arms; and talk or hear.
  • Incumbent may use calculators, keyboards, telephones, and other office equipment during a normal workday.
  • Stooping, bending, twisting, and reaching may be required in the completion of job duties.
Apply
Apply Here done