Manager/Lead Engineer, Threat Intel & Hunt

Why you should join the Security and Trust team

Klaviyo is seeking a technically proficient Threat Intel & Hunt Manager/Lead to join the Security Intelligence Operations Organization. In this role, you will partner with leadership to set technical direction as well as work hands-on to build the threat intel and hunt operations from ground up. As a Manager/Lead, you will be responsible for providing thought leadership in threat intelligence, threat actor techniques, tactics and procedures (TTPs), and threat hunt ops. You will collaborate with threat detection and response engineers to drive intel-based decisions, hunts, detections, response and investigations. 

How you will make a difference:

• Partner with security leadership to build threat intel and hunt operations roadmap
• Lead day-to-day operations and execute on threat intel & hunt objectives and key results
• Serve as threat intel subject matter expert and stay current with emerging threats
• Lead threat research and track threat actor TTPs applicable to Klaviyo 
• Plan, scope and conduct threat hunt operations based on threat intelligence, data sets, and knowledge of Klaviyo’s corporate and cloud environments
• Drive proactive threat detection development as result of threat research and hunt operations
• Hunt and respond to threats and incidents leveraging security tech stack   
• Serve as a member of the broader Security Intelligence Operations and support with incidents
• Lead deployment and optimization of threat intel & hunt technologies
• Lead automation of threat intelligence and hunt processes and playbooks
• Create and disseminate threat intelligence and hunt products and briefings
• Grow threat research capabilities to include extraction of IOCs and TTPs via digital forensics 
• Mentor, develop, grow team engineers within the team 

We’d love to hear from you if you have:

• Leadership experience in building out threat  intelligence and/or threat hunt operations functions 
• Extensive hands-on experience in threat intelligence, threat hunt, and security operations
• Hand-on threat intel and hunt experience in the modern cloud environments
• History of utilizing open source intel to create targeted IOCs
• Expertise in Linux and MacOS internal and security investigations
• Subject matter expert in threat intelligence, threat hunt and log analysis
• Strong understanding of techniques, tools and procedures (TTPs) used by threat actors 
• Hands-on experience with SIEM and centralized logging (e.g., Splunk, ELK)
• Experience securing cloud environments such as AWS, GCP, and/or Azure
• Experience with scripting languages to automate or build features (Python, Go and/or Ruby)
• Experience with Security Orchestration, Automation, and Response (SOAR)
• Automation-first approach for all work performed
• Strong oral and written communication skills
• Team player with a strong, self-managing work ethic