Sr Threat Intelligence Investigator

Oracle Oracle · Enterprise · Nashville, TN +1

This role focuses on threat intelligence within Oracle's cybersecurity operations, involving tracking threat actors, analyzing their tactics, techniques, and procedures (TTPs), and aiding in security incident response. It requires handling large datasets, developing analytical capabilities, and producing intelligence products. While it involves data analysis and potentially using AI tools, the core craft is not AI/ML model development or research.

What you'd actually do

  1. Lead investigations through in depth analysis and collection efforts of suspected adversary campaigns across the OCI environment to deliver timely, actionable intelligence and create effective remediation strategies within the OCI environment.
  2. Provide detailed attribution analysis to identify threat actors and inform proactive defense strategies
  3. Manage cross-company and executive communications, explaining intricate technical matters to non-technical audiences.
  4. Facilitate post-incident reviews to extract lessons learned, document new threat intelligence, and drive resolution actions with impacted teams.
  5. Stay up to date on emerging threats, vulnerabilities, security technologies, and global geopolitical issues to assess their potential impact and proactively enhance Oracle’s defenses.

Skills

Required

  • Threat intelligence analysis
  • Cybersecurity incident response
  • Data analysis
  • Technical writing
  • Communication skills
  • OSINT research
  • Malware analysis (highly desirable)
  • Structured query usage for logs
  • Detection signature development (YARA, Snort, Suricata, Bro/Zeek)

Nice to have

  • Knowledge of cloud services
  • In-depth knowledge of multiple operating systems
  • Experience in Incident Response, SOC, and/or Digital Forensics Analysis
  • Experience working on a global or geographically distributed security team
  • Active TS/SCI security clearance

What the JD emphasized

  • 6-10+ years of industry experience in analytical and operational threat intelligence
  • Investigative experience tracking distinct APT groups providing intelligence on their methodologies.
  • Expertise in one or more of the following areas: national security, defense, intelligence, law enforcement, or foreign area and language expertise relevant to threat analysis
  • Proficient in using structured queries to extract data from logs and in developing detection signatures (e.g., YARA, Snort, Suricata, Bro/Zeek).