Senior Threat & Intelligence Engineer
First Advantage
- Experience
- 5+ yrs
- Location
- Bangalore, Karnataka, India
- Job type
- Full-time
Required skills
- SIEM
- EDR
- Log Analytics
- Network Telemetry
- Identity Logs
- Cloud Audit Pipelines
About the role
Responsibilities - Translate evolving business risk and operational vulnerabilities into clear, decision‑ready threat intelligence and briefings, providing actionable insights that enable timely risk reduction, remediation, and mitigation.
- Partner with cross‑functional technical and business teams to define, maintain, and continuously adapt intelligence requirements as the threat landscape changes, ensuring intelligence outputs remain relevant, prioritized, and operationally actionable.
- Synthesize diverse intelligence streams to assess adversary intent, capability, and risk to the organization.
- Conduct in‑depth threat research and evaluation of internal and external intelligence reporting while prioritizing emerging and ongoing threats to inform strategic decision‑making and enterprise‑level risk management.
- Correlate internal telemetry, operational data, and external intelligence to identify emerging threats and evolving adversary activity.
- Independently identify when high priority requirements require focus shift to deliver high‑impact tactical and operational support as the threat landscape changes.
- Support and provide input to an intelligence‑driven threat hunting program with repeatable workflows, playbooks, and effective metrics.
- Independently perform continuous hunt cycles and execute the full intel/ hunt lifecycle—using hypothesis‑driven methods and developing deep proficiency with EDR, SIEM, log analytics, network telemetry, and identity systems to identify known and unknown threats.
- Drive hypothesis‑led investigations and hunts by performing exploratory analysis across large‑scale datasets to surface anomalies and weak signals by assessing exploitability in the context of the tech stack.
- Identify detection, visibility, coverage, and mitigation gaps surfaced through intelligence analysis and threat hunting, and research root causes to partner with engineering teams for continuous improvement.
- Contribute to structured documentation processes and methodologies to drive continuous improvement — refining priorities, processes, and tooling.
- Independently identify new problem spaces and proactively pursue solutions without waiting for direction
Required Qualifications - Experienced practitioner (5 Years Plus) in threat intelligence and/or hunting, producing rigorous, multi‑domain, strategic, and predictive intelligence at scale.
- Ability to apply structured analytical techniques to operate effectively under uncertainty and incomplete data, forming defensible, well‑supported analytic judgments in ambiguous, fast‑moving environments.
- Knowledge of multiple threat analysis and modeling frameworks (e.g., Diamond Model, MITRE ATT&CK, DREAD, PASTA) to create structured assessments, communicate risk clearly, and drive consistent, repeatable analysis.
- Ability to define and refine intelligence‑driven threat hunts—using repeatable methodologies and playbooks, hunts at scale across diverse datasets, and documenting findings for both technical and non‑technical audiences.
- Hands-on expertise with enterprise hunting tools and data platforms (SIEM, EDR, network telemetry, identity logs, cloud audit pipelines)
- Technology-focused perspective; experience supporting or defining requirements tied to software, infrastructure, or security tooling
- Diverse background/alternative perspectives that strengthen analytical depth and problem-solving
- Proven ability to translate threat intelligence and hunt findings into decision‑ready insights for technical and non‑technical stakeholders, including senior leadership
- Experience working in a collaborative environment—contributing insights while integrating feedback and perspectives from others
- Highly self-directed and organized, effectively managing priorities and deliverables end‑to‑end with strong time management and communication.
Preferred Qualifications - Experience integrating intelligence efforts across corporate security domains—partnering with Executive Protection, Insider Risk, Trust & Safety, and Physical Security teams, with exposure to geopolitical risk, fraud/insider threat, and supply chain risk.
- Experience partnering with detection engineering or red teams to validate hypotheses and strengthen threat coverage
- Hands‑on experience building/supporting automation, scripting, or workflow optimization to scale intelligence production, research, or hunt operations
- Familiarity with data engineering concepts relevant to hunting (e.g., pipeline quality, normalization, enrichment, log onboarding)
- Prior experience presenting intelligence findings to senior leadership or executive audiences
Work Location - Bangalore(Remote) About First Advantage
Provides background screening and identity verification solutions for employers.
This page is fully interactive when JavaScript is enabled. Please enable JavaScript to apply or browse related roles.