Cyber Threat Intelligence Engineer

Massachusetts - Boston

Veeva Systems

Veeva Systems Inc. is a leader in cloud-based software for the global life sciences industry. Committed to innovation, product excellence, and customer success, Veeva has more than 1,100 customers, ranging from the world's largest...

View company page

Veeva [NYSE: VEEV] is the leader in cloud-based software for the global life sciences industry. Committed to innovation, product excellence, and customer success, our customers range from the world’s largest pharmaceutical companies to emerging biotechs. Veeva’s software helps our customers bring medicines and therapies to patients faster.
We are the first public company to become a Public Benefit Corporation. As a PBC, we are committed to making the industries we serve more productive, and we are committed to creating high-quality employment opportunities.
Veeva is a Work Anywhere company which means that you can choose to work in the environment that works best for you - on any given day. Whether you choose to work remotely from home or work in an office - it’s up to you.
The Role
This position is directly responsible for proactively discovering, processing, analyzing, and vetting relevant threat information to expedite defense mechanisms as well as the incident response process. The CTI Engineer will organize and vet incoming IOCs, maintain a repository of threat information, enrich information pertaining to incidents, advise leadership of recommended courses of action based on emerging trends, and deliver actionable metrics and threat intelligence reports for a variety of audiences.

What You'll Do

  • Leverage a Collection Management Framework (CMF) that organizes all threat intelligence feeds, both internal and external, by indicators and data that can be ascertained as well as the methods in how data is collected, the sources, and the avenues of implementation
  • Apply the indicator lifecycle (revealed, matured, utilized) to validate incoming indicators and determine relevance to Veeva Systems by adding context and enrichment
  • Detect patterns of ongoing intrusion and intrusion attempts across Veeva and the industry to predict future IOCs and suggest implementations
  • Utilize current CTI tools to detect/report on trends to drive decisions influencing defensive operations
  • Report meaningful and actionable metrics related to adversarial behavior to drive prioritized defensive actions
  • Recommend courses of action (discover, detect, deny, degrade, disrupt, deceive) post-incident
  • Support incident responders with relevant IOCs and historical data during ongoing investigations
  • Author intelligence reports that address specific intelligence requirements and emerging threats
  • Collaborate across other Veeva teams on relevant intelligence of emerging vulnerabilities to prioritize and drive remediation efforts

Requirements

  • Strong understanding of the Kill Chain and Diamond models, and means to merge them
  • Strong familiarity with some OSINT and proprietary CTI tools, examples as: DomainTools, MISP, YARA, ISAC/ISAO feeds, CyberChef, DataSploit, FireHOL, Maltego, Shodan, ThreatQuotient, Recorded Future Anomali, etc.
  • Strong familiarity of modern threats, top delivery vectors, and methods of exploitation
  • Experience in delivering adversary-based metrics or authoring/contributing to threat intelligence reports
  • Strong experience in organizing, processing, analyzing, and vetting indicators using sorting/processing tools to maintain a current, relevant threat database
  • Experience in enriching data of the four atomic indicators (domains, strings, IP addresses, accounts) to deliver additional context to incident responders
  • Strong experience in leveraging existing threat intelligence to augment investigations during incident response
  • 3+ years of experience in a cyber threat intelligence-related field, or 4+ years of experience in a cybersecurity operations field with at least 2+ years of experience in cyber threat intelligence

Nice to Have

  • Threat Intelligence or Intrusion Detection-related certification, such as GCTI, GOSI, CTIA, GCDA, GCIA, CCTIA, CTIP, CPTIA, CRTIA, etc.
  • Experience authoring or implementing YARA rules
  • Solid background in cloud security principles
  • Experience in discovering sensitive data leakage such as credentials, exposed code, brand/organization intelligence, etc.
  • Experience in creating and maintaining a prioritized list of crown jewel assets and understanding the top threats against them

Perks & Benefits

  • Unlimited PTO
  • Veeva Break: entire company takes off the final week of the year, and it’s paid
  • Incredible health, dental, vision plans for employee and family
  • Matching 401(k)
  • 15% target bonus in the form of company stocks, distributed throughout the year
  • $500/yr fitness stipend on any fitness-related product or program
  • Free, healthy lunches and snacks served daily at company offices
  • Free, onsite gym and fitness classes offered daily
  • 2% of salary paid by company for training and development
  • 1% of salary paid by company to donate to non-profit of your choice
#LI-RemoteUS#BI-Remote
Veeva’s headquarters is located in the San Francisco Bay Area with offices in more than 15 countries around the world.
Veeva is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity or expression, religion, national origin or ancestry, age, disability, marital status, pregnancy, protected veteran status, protected genetic information, political affiliation, or any other characteristics protected by local laws, regulations, or ordinances. If you need assistance or accommodation due to a disability or special need when applying for a role or in our recruitment process, please contact us at talent_accommodations@veeva.com. This position cannot be performed remotely in Colorado.

* Salary range is an estimate based on our AI, ML, Data Science Salary Index 💰

Tags: Pharma Security

Perks/benefits: Career development Fitness / gym Health care Home office stipend Lunch / meals Salary bonus Unlimited paid time off

Regions: Remote/Anywhere North America
Country: United States
Job stats:  14  2  0
Category: Engineering Jobs

More jobs like this

Explore more AI, ML, Data Science career opportunities

Find even more open roles in Artificial Intelligence (AI), Machine Learning (ML), Natural Language Processing (NLP), Computer Vision (CV), Data Engineering, Data Analytics, Big Data, and Data Science in general - ordered by popularity of job title or skills, toolset and products used - below.