The Role

Black Lotus Labs has an opening for a Principal Information Security Engineer. The Black Lotus Labs team utilizes our unique visibility to hunt advanced threats and discover new malicious activities facing our customers. Our unique data sets present exciting opportunities to utilize Machine Learning and Graph analytic techniques as we find new ways to hunt for threats.
 

The Main Responsibilities

• Lead technical delivery of threat intelligence services on Black Lotus Labs Federal Programs as well as manage a small team of technical staff also delivering on Black Lotus Labs customer engagements, addressing current challenges and anticipating future threat visibility and defense needs. 
• Serve as touch point and team lead for multiple Black Lotus Labs customer engagements to include managing contract deliverables and assessing scope, as well as developing and delivering on growth strategies. 
• Oversee teams’ collection, analysis, production, and dissemination of actionable cyber threat intelligence.
• Ensure project delivery and program growth by coordinating with stakeholders across Lumen including with finance, contracts, PMO, legal, and engineering. 
• Serve as a people leader for a small group of direct reports.
• This position provides opportunities to mentor junior analysts, enhance team skillsets, and stay abreast of the latest cyber threat trends.
• Individually on client work and as a team lead: 
• Provide timely and actionable intelligence to support customer intelligence requirements.
• Research latest threat attacker tools, techniques and procedures (TTPs) with a goal of automating detection on behalf of customers. 
• Leverage global datasets (netflow, malware, passive DNS, etc) to track malicious cyber actors, their infrastructure and campaigns.
• Collaborate with a global team of threat intelligence analysts to analyze and develop coverage for emerging threats.
• Contribute to the development of tactical solutions to support triage and deep-dive analysis of malicious artifacts surfaced by internal and external partners.

What We Look For in a Candidate

• Experience leading a team in a dynamic, client-driven environment, addressing current challenges and anticipating future threat visibility and defense needs. Develop strategy and mentor team members. 
• Skilled in translating customer requirements into research and project deliveries as per contracts. Possesses deep technical expertise in adversary capabilities, infrastructure, and techniques to develop methods for detecting and tracking current threats and predicting future attacks.
• Experience prototyping capabilities in customer environments, taking feedback to tailor the delivery, and scoping capability into future work products. 
• Collaboration across disciplines to scope, define, and deliver customer-facing work. 
• Experience using OSINT methods for investigation, including discovering novel threats in malware repositories.
• Scripting experience with Python and familiarity with distributed computing.
• Extensive experience hunting threat actors and developing algorithms and techniques to identify new threats from large data sets.
• Deep knowledge of network-based threats and identifying behaviors without attack payloads.
• TS/SCI w/ Poly clearance
   

Legal Statements

In any materials you submit, you may redact or remove age-identifying information such as age, date of birth, or dates of school attendance or graduation. You will not be penalized for redacting or removing this information.

Compensation