Position Details

Salary $96K – $158K USD / year

Type Full-Time

Experience mid

Exp. Years Not specified

Education Not specified

Category Cybersecurity

About this role

Specialist, Cyber Defense & Response supports security operations by turning intelligence into actionable defense strategies, integrating CTI with SIEM/XDR/EDR, and delivering threat briefs to stakeholders.

Key Responsibilities

Act as CTI point of contact for security operations
Collect, analyze, and disseminate finished intelligence
Translate intelligence into actionable detection guidance
Deliver intelligence briefs to stakeholders
Enhance and document CTI processes

Technical Overview

The role covers CTI integration into SIEM and security tooling, applying MITRE frameworks (ATT&CK, ATLAS, D3FEND) and defensive engineering (CREF) across cloud and on-prem environments.

Ideal Candidate

The ideal candidate is a mid-level cybersecurity specialist with strong CTI and threat intel experience, hands-on SIEM/XDR/EDR, and familiarity with MITRE ATT&CK and related frameworks. They should be able to translate intelligence into actionable detection guidance and collaborate with security operations and external partners.

Must-Have Skills

Experience with analysis of security events from multiple sources including SIEMXDR/EDRnetwork and host-based IDS/IPSfirewall logsand system logs (Unix and Windows)Understanding of SaaS and Cloud Service ProvidersComplete understanding of the intelligence cycle including analytical methodologies such as Analysis of Competing Hypotheses and the Diamond modelDeep understanding of MITRE frameworks and the ability to apply them effectivelyincluding ATT&CK for mapping adversary behaviorsATLAS for AI threatsD3FENDand the CREFExperience defining Priority Intelligence RequirementsExperience with agile development methodologiesAbility to learn new skills and knowledge on an on-going basisCollaborative mindset with experience engaging external partners and industry groups

Nice-to-Have Skills

GIAC certifications (GCTIGMONGSOCGREMGCFAGNFA)Cloud security certifications (AWS SecurityAZ-500)Python and PowerShell for automationAdversary emulation and threat hunting methodologies

Tools & Platforms

Security Information & Event ManagementMITRE ATT&CKD3FENDATLASCREFPythonPowerShell

Required Skills

Security Information & Event ManagementMITRE ATT&CKDiamond ModelD3FENDATLASCREFThreat HuntingAdversary EmulationDigital ForensicsCyber Incident ResponseCyber Security OperationsAutomation and EngineeringPythonPowerShellCloud Service ProvidersCyber Threat IntelligenceUnixWindows

Hard Skills

Soft Skills

collaborativecommunicationstakeholder collaborationanalyticalself-motivatedcontinuous learning

Certifications

Preferred

GIAC certifications (GCTIGMONGSOCGREMGCFAGNFA)AWS SecurityAZ-500

Industry & Role

Industry Insurance

Job Function Operationalize threat intelligence to strengthen Prudential's security posture and detection capabilities.

Role Subtype Security Analyst

Tech Domains Security Information & Event Management, MITRE ATT&CK, D3FEND, ATLAS, Cyber Threat Intelligence, Unix, Windows, Cloud Service Providers, PowerShell, Python

Keywords for Your Resume

cyber defense & responseCTIthreat intelligenceSIEMXDREDREndpoint Detection & ResponseMITRE ATT&CKD3FENDATLASCREFThreat HuntingAdversary EmulationDigital ForensicsCyber Incident ResponseCyber Security OperationsAutomation and EngineeringPythonPowerShellCloud Service Providerscyber threat intelligencemitre att&cksiemedrxdradversary emulationdigital forensicscyber incident responsecloud service providerspython

Deal Breakers

Lack of experience with SIEM/XDR/EDR, No threat intelligence experience, No familiarity with MITRE ATT&CK or related frameworks

Apply for this Position →

Get matched to jobs like this

Luna finds roles that fit your skills and career goals — no endless scrolling required.

Create a Free Profile