Threat Intelligence Principal (Remote)

About Tenex:

TENEX.AI is an AI-native, automation-first, built-for-scale Managed Detection and Response (MDR) provider. We are a force multiplier for defenders, helping organizations enhance their cybersecurity posture through advanced threat detection, rapid response, and continuous protection. Our team is comprised of industry experts with deep experience in cybersecurity, automation, and AI-driven solutions. We’re a fast growing startup backed by industry experts and top tier investor Andreessen Horowitz. As an early employee, you’ll play a meaningful role in defining and building our culture. Get in on the ground floor. We’re a small but well-funded team that just raised a substantial round – joining now comes with limited risk and unlimited upside. We are rapidly growing and seeking top talent to join our mission of revolutionizing the cybersecurity landscape.

The Opportunity: We are seeking an experienced and highly motivated Threat Intelligence Principal to join our cybersecurity team. This critical role will be responsible for leading our threat intelligence efforts, providing actionable insights into emerging threats, and enhancing our overall security posture. You will be instrumental in developing and maturing our threat intelligence program, collaborating with various security functions, and proactively identifying and mitigating risks.

Culture is one of the most important things at TENEX.AI—check out our culture deck at culture.tenex.ai to experience how we champion it, valuing the unmatched collaboration and community of in-person work while offering flexibility for the best of the best.

This role is for the extraordinary—the pinnacle 10x of 10x legends in any role— where we make exceptions to our in-person hiring to champion full remote freedom, empowering you to conquer without boundaries while still inviting you to join our in-person energy from time to time.

To be direct up front - If you’re looking at this position, we strongly recommend you consider accepting one of our lucrative relocation packages to our epic hubs in Sarasota, Florida (outside Tampa), or Overland Park in the Kansas City metro—where trailblazers redefine cybersecurity with 10x impact!

In Florida, you can break free from overly inflated cost of living sky-high taxes (like those of you trapped in California or New York) via our incredibly aggressive relocation packages, enjoying zero state income tax, boundless personal freedom, a pro-business surge, endless sunshine, and a pro-family haven in the master-planned Lakewood Ranch with elite amenities and vibes. In KC, leverage those same powerhouse relocation perks for lower taxes, authentic Midwest values of integrity and community, and a supportive, family-oriented ecosystem for enduring wins. See those respective listings with more details on our careers page.

For candidates who embody the rare "10x of 10x" talent, we offer the flexibility of fully remote work. If you are an exceptional, unrivaled force in this role and prefer not to relocate at this time, we encourage you to apply for this remote-first position. Please be aware that the competition for these remote roles is exceptionally fierce, and the standards for selection are significantly higher.

What You'll Do:

• General Cybersecurity Knowledge: Strong understanding of cyber security principles, including network protocols, operating systems, security architectures, and common attack vectors.  Familiarity with common malware analysis techniques and tools.

• Threat Intelligence Collection: Proactively research, identify, and collect threat intelligence from a variety of sources, including open-source intelligence (OSINT), commercial feeds, industry reports, dark web forums, and internal security data.

• Advanced Analysis and Correlation: Analyze raw threat data to identify patterns, trends, and connections. Correlate threat intelligence with internal security events and vulnerabilities to prioritize risks. Critically, translate raw data into actionable technical indicators of attack (IOAs), focusing on adversary techniques, procedures, and observable behaviors rather than simple IOCs.

• Reporting and Dissemination: Develop clear, concise, and actionable threat intelligence reports, briefings, and alerts for various audiences, including security operations, incident response, vulnerability management, and leadership.

• Public Profile & External Communication: Generate insightful updates and analysis for public consumption via social media platforms, contributing to the organization's public profile and demonstrating expertise in the threat intelligence landscape.

• Adversary Profiling & TTPs: Create and maintain in-depth profiles of threat actors, including their motivations, capabilities, and detailed tactics, techniques, and procedures (TTPs).

• IOA Development & Integration: Develop robust technical indicators of attack (IOAs) based on observed adversary behaviors. Integrate these IOAs into security tools and platforms to enhance detection and prevention capabilities.

• Vulnerability Intelligence: Monitor and analyze vulnerability disclosures, exploit trends, and provide insights into potential risks to the organization, linking them to known adversary TTPs.

• Knowledge Sharing: Stay up-to-date with the latest cyber security threats, vulnerabilities, and industry best practices. Share knowledge and insights with the security operations and detection engineering teams.

• Stakeholder Engagement: Build and maintain strong relationships with internal teams and external threat intelligence communities.  Prepare and deliver regular threat landscape briefings and reports to various audiences, including technical and non-technical stakeholders.

Qualifications

• 8+ years of progressive experience in cybersecurity, with at least 3-5 years specifically focused on threat intelligence.

• Demonstrated experience in leading and maturing threat intelligence programs.

• Deep understanding of the threat landscape, including advanced persistent threats (APTs), cybercrime, and hacktivism.

• Expertise in threat intelligence frameworks and methodologies (e.g., MITRE ATT&CK, STIX/TAXII, Diamond Model of Intrusion Analysis).

• Proficiency with threat intelligence platforms (TIPs) and security information and event management (SIEM) systems.

• Strong analytical skills with the ability to synthesize disparate information and draw meaningful conclusions.

• Excellent written and verbal communication skills, with the ability to present complex technical information to diverse audiences.

• Experience with scripting languages (e.g., Python) for data analysis and automation is a plus.

• Strong leadership, interpersonal, and collaboration skills.

• Ability to work independently and as part of a team in a fast-paced environment.

Bonus Points If You Have:

• Experience with cloud security threat intelligence.

• Background in malware analysis or reverse engineering.

• Experience contributing to open-source threat intelligence initiatives.

• Prior experience in a heavily regulated industry.

Preferred Skills:

• Experience with scripting languages (e.g., Python) for data analysis, automation, and custom tool development.

• Experience determining threat landscapes relevant to specific industry sectors and geographies.

• Experience with dark web monitoring and analysis.

• Understanding of geopolitical events and their potential impact on the cyber threat landscape.

Why Join Us?

• Opportunity to make a significant impact on the security posture of TENEX and its customer base.

• Work with cutting-edge AI capabilities and technologies with a driven and passionate team.

• Continuous learning and professional development opportunities.

• Competitive salary and benefits package.

If you're passionate about combining cybersecurity expertise with artificial intelligence and have experience with Google SecOps and Chronicle, we encourage you to apply!