Cyber Security Threat Intelligence Engineer

at  Boeing

At Boeing, we innovate and collaborate to make the world a better place. From the seabed to outer space, you can contribute to work that matters with a company where diversity, equity and inclusion are shared values. We’re committed to fostering an environment for every teammate that’s welcoming, respectful and inclusive, with great opportunity for professional growth. Find your future with us.
We are looking for an experienced Cyber Security Threat Intelligence Engineer based in Gothenburg, Sweden.

POSITION OVERVIEW:

As a Threat Intelligence Engineer, you will play a pivotal role in our organization’s cybersecurity strategy of the Digital Aviation Solutions Flight Operations portfolio, acting as the frontline defense against the ever-evolving landscape of digital threats. This position requires a proactive and detail-oriented professional who can navigate complex threat environments to identify, analyze, and mitigate potential cyber risks. You will utilize your expertise to develop robust threat intelligence strategies, enhance our security posture, and protect critical data assets. Collaborating with cross-functional teams, you will contribute to creating a resilient security environment by predicting, tracking, and neutralizing threats before they can impact the organization.

BASIC QUALIFICATIONS (REQUIRED SKILLS/EXPERIENCE):

• 4+ years work experience in threat intelligence, cybersecurity analysis, digital forensics, or related fields.
• In-depth knowledge of cybersecurity principles, including network security, malware analysis, application security, and incident response.
• Proficiency with threat intelligence platforms (TIPs) e.g. ThreatConnect, Anomali, or Recorded Future.
• Hands-on experience with SIEM tools (e.g., Splunk, ArcSight), IDS/IPS technologies, and endpoint detection and response (EDR) solutions.
• Familiarity with scripting languages like Python or PowerShell for automating threat detection and analysis workflows.

PREFERRED QUALIFICATIONS (DESIRED SKILLS/EXPERIENCE):

Technical Expertise

• Certified Ethical Hacker (CEH)
• Certified Threat Intelligence Analyst (CTIA)
• Computer Hacking Forensic Investigator (CHFI)

Analytical and Communication Skills

• Strong analytical abilities to identify patterns, discern anomalies, and predict adversarial movements.
• Exceptional written and verbal communication skills, capable of articulating complex issues to both technical and non-technical audiences.

Additional Skills

• Strong collaboration skills with the ability to work independently and as part of a dynamic security team.
• Ability to manage multiple tasks and prioritize effectively in a fast-paced environment.
• A keen interest in continuous learning and staying updated with the latest cyber threat trends and intelligence techniques.

We put great emphasis on your personal characteristics. We value individuals who have:

• Excellent written and verbal communication skills in English
• You take ownerships of issues and work well both independently and within a team
• You enjoy a variety of challenges of a highly technical nature

You’ll become a team member of the Cyber Defence Team. This team will be working closely with the PaaS- and SaaS-team, consisting of over 25 IT Infrastructure and application experts (globally). The team is today serving about 50 airline customers.

Threat Identification and Analysis

• Conduct thorough research and analysis of emerging cyber threats, vulnerabilities, and attack patterns to anticipate potential security risks.
• Monitor threat actor activities, tracking their evolving tactics, techniques, and procedures (TTPs).
• Analyze technical indicators and reverse-engineer malware samples to identify signatures and develop effective detection mechanisms.
• Continuously update threat models and perform pattern recognition to detect abnormal behaviors in network traffic or user activities.
• Leverage data from external intelligence sources, industry reports, and collaborative partnerships to enhance situational awareness of the latest threats.

Threat Intelligence Collection and Management

• Gather, process, and analyze threat intelligence from diverse sources, including open-source intelligence (OSINT), deep and dark web platforms, internal security logs, and commercial threat feeds.
• Establish and maintain a comprehensive threat intelligence repository for real-time analysis and historical reference.
• Develop automation scripts for collecting and aggregating threat data, ensuring accuracy, relevance, and actionability.
• Collaborate with other security teams to integrate threat intelligence into defensive measures, such as SIEM (Security Information and Event Management) systems and IDS/IPS (Intrusion Detection and Prevention Systems).

Threat Modeling and Risk Assessment

• Conduct threat modeling exercises to identify vulnerabilities and weaknesses in the organization’s systems, applications, and networks.
• Develop detailed risk assessments with clear recommendations for risk mitigation strategies based on the threat landscape and potential business impact.
• Implement predictive analytics to evaluate the likelihood and impact of identified threats, facilitating informed decision-making for security investments.
• Regularly review and update threat models to reflect the dynamic nature of the cyber threat environment.