Cybersecurity Threat Intelligence Specialist

• Adversary Attribution & Mapping: Collect, pivot, and analyze multi-source telemetry-including OSINT, commercial feeds, deep/dark web forums, and internal technical logs-to profile threat actors, track localized and global cyber campaigns, and map adversary TTPs directly to the MITRE ATT&CK framework.
• Detection Engineering & TIP Optimization: Manage, tune, and optimize the Threat Intelligence Platform (TIP) to ingest, score, and deduplicate IOCs, collaborating with SIEM/SOAR and Detection Engineering teams to translate threat trends into actionable YARA, Sigma, and SIEM rules.
• Proactive Hypothesis-Based Hunting: Partner with security teams to design and execute hypothesis-based threat hunting scopes and conduct retroactive hunts across data lakes and internal security platforms utilizing newly identified indicators and zero-day vulnerability intelligence.
• Incident Response Fusion & Advisory: Provide real-time, context-driven intelligence support during active security incidents, delivering critical briefings on attacker infrastructure, capabilities, and intent to the Incident Response (IR), SOC, and DevSecOps teams.
• Strategic & Operational Intelligence Synthesis: Synthesize complex, abstract technical data into high-impact threat assessments, flash reports, and threat actor profiles ("baseball cards"), contextualizing technical risks into actionable operational insights for both technical stakeholders and executive leadership.

• High School diploma equivalency with 2 years of cumulative experience OR Associate's degree/Bachelor's degree OR 4 years of applicable cumulative job specific experience required., * Advanced proficiency in developing automation scripts (e.g., Python, PowerShell) to streamline CTI workflows, automated enrichment, data parsing, and tool/API integration.
• Hands-on experience with specialized external threat landscape and enrichment tools (e.g., DomainTools, Intel 471, Maltego, or VirusTotal Enterprise).
• Active advanced security or threat intelligence certifications, such as GIAC Cyber Threat Intelligence (GCTI), Certified Threat Intelligence Analyst (CTIA), or GIAC Certified Forensic Analyst (GCFA).

• Comprehensive health coverage: medical, dental, vision, prescription coverage and HSA/FSA options
• Financial security & retirement: employer-matched 403(b), planning and hardship resources, disability and life insurance
• Time to recharge: pro-rated paid time off (PTO) and holidays
• Career growth: Ascension-paid tuition (Vocare), reimbursement, ongoing professional development and online learning
• Emotional well-being: Employee Assistance Program, counseling and peer support, spiritual care and stress management resources
• Family support: parental leave, adoption assistance and family benefits
• Other benefits: optional legal and pet insurance, transportation savings and more

Ascension is a leading nonprofit Catholic health system with a culture and associate experience grounded in service, growth, care and connection. We empower our 97,000+ associates to bring their skills and expertise every day to reimagining healthcare, together. Recognized as one of the Best 150+ Places to Work in Healthcare and a Military-Friendly Gold Employer, you'll find an inclusive and supportive environment where your contributions truly matter.