Threat Intelligence Principal (Kansas City)

About Tenex:

TENEX.AI is an AI-native, automation-first, built-for-scale Managed Detection and Response (MDR) provider. We are a force multiplier for defenders, helping organizations enhance their cybersecurity posture through advanced threat detection, rapid response, and continuous protection. Our team is comprised of industry experts with deep experience in cybersecurity, automation, and AI-driven solutions. We’re a fast growing startup backed by industry experts and top tier investor Andreessen Horowitz. As an early employee, you’ll play a meaningful role in defining and building our culture. Get in on the ground floor. We’re a small but well-funded team that just raised a substantial round – joining now comes with limited risk and unlimited upside. We are rapidly growing and seeking top talent to join our mission of revolutionizing the cybersecurity landscape.

The Opportunity: We are seeking an experienced and highly motivated Threat Intelligence Principal to join our cybersecurity team. This critical role will be responsible for leading our threat intelligence efforts, providing actionable insights into emerging threats, and enhancing our overall security posture. You will be instrumental in developing and maturing our threat intelligence program, collaborating with various security functions, and proactively identifying and mitigating risks.

Location: This role will require onsite in our Overland Park, KS location.

What You'll Do:

• General Cybersecurity Knowledge: Strong understanding of cyber security principles, including network protocols, operating systems, security architectures, and common attack vectors.  Familiarity with common malware analysis techniques and tools.

• Threat Intelligence Collection: Proactively research, identify, and collect threat intelligence from a variety of sources, including open-source intelligence (OSINT), commercial feeds, industry reports, dark web forums, and internal security data.

• Advanced Analysis and Correlation: Analyze raw threat data to identify patterns, trends, and connections. Correlate threat intelligence with internal security events and vulnerabilities to prioritize risks. Critically, translate raw data into actionable technical indicators of attack (IOAs), focusing on adversary techniques, procedures, and observable behaviors rather than simple IOCs.

• Reporting and Dissemination: Develop clear, concise, and actionable threat intelligence reports, briefings, and alerts for various audiences, including security operations, incident response, vulnerability management, and leadership.

• Public Profile & External Communication: Generate insightful updates and analysis for public consumption via social media platforms, contributing to the organization's public profile and demonstrating expertise in the threat intelligence landscape.

• Adversary Profiling & TTPs: Create and maintain in-depth profiles of threat actors, including their motivations, capabilities, and detailed tactics, techniques, and procedures (TTPs).

• IOA Development & Integration: Develop robust technical indicators of attack (IOAs) based on observed adversary behaviors. Integrate these IOAs into security tools and platforms to enhance detection and prevention capabilities.

• Vulnerability Intelligence: Monitor and analyze vulnerability disclosures, exploit trends, and provide insights into potential risks to the organization, linking them to known adversary TTPs.

• Knowledge Sharing: Stay up-to-date with the latest cyber security threats, vulnerabilities, and industry best practices. Share knowledge and insights with the security operations and detection engineering teams.

• Stakeholder Engagement: Build and maintain strong relationships with internal teams and external threat intelligence communities.  Prepare and deliver regular threat landscape briefings and reports to various audiences, including technical and non-technical stakeholders.

Qualifications

• 8+ years of progressive experience in cybersecurity, with at least 3-5 years specifically focused on threat intelligence.

• Demonstrated experience in leading and maturing threat intelligence programs.

• Deep understanding of the threat landscape, including advanced persistent threats (APTs), cybercrime, and hacktivism.

• Expertise in threat intelligence frameworks and methodologies (e.g., MITRE ATT&CK, STIX/TAXII, Diamond Model of Intrusion Analysis).

• Proficiency with threat intelligence platforms (TIPs) and security information and event management (SIEM) systems.

• Strong analytical skills with the ability to synthesize disparate information and draw meaningful conclusions.

• Excellent written and verbal communication skills, with the ability to present complex technical information to diverse audiences.

• Experience with scripting languages (e.g., Python) for data analysis and automation is a plus.

• Strong leadership, interpersonal, and collaboration skills.

• Ability to work independently and as part of a team in a fast-paced environment.

Bonus Points If You Have:

• Experience with cloud security threat intelligence.

• Background in malware analysis or reverse engineering.

• Experience contributing to open-source threat intelligence initiatives.

• Prior experience in a heavily regulated industry.

Preferred Skills:

• Experience with scripting languages (e.g., Python) for data analysis, automation, and custom tool development.

• Experience determining threat landscapes relevant to specific industry sectors and geographies.

• Experience with dark web monitoring and analysis.

• Understanding of geopolitical events and their potential impact on the cyber threat landscape.

Why Join Us?

• Opportunity to make a significant impact on the security posture of TENEX and its customer base.

• Work with cutting-edge AI capabilities and technologies with a driven and passionate team.

• Continuous learning and professional development opportunities.

• Competitive salary and benefits package.

If you're passionate about combining cybersecurity expertise with artificial intelligence and have experience with Google SecOps and Chronicle, we encourage you to apply!