onsite

Threat Intelligence Automation Engineer - Openkyber

QA Engineer

Design and implement automated threat intelligence workflows, integrating data sources and SIEM platforms using Python, REST APIs, and Linux scripting to enhance detection and response capabilities.

About the role

Key Responsibilities

Develop and maintain automated pipelines that ingest, enrich, and distribute threat intelligence data across security tools.
Integrate threat feeds and internal data sources with SIEM solutions using REST APIs and custom Python scripts.
Design, implement, and tune detection rules and alerts based on enriched intelligence to improve security posture.
Collaborate with security analysts to translate investigative findings into repeatable, automated processes.
Monitor performance of automation workflows, troubleshoot issues, and continuously optimize for scalability and reliability.

Requirements

Strong programming experience in Python, with a focus on automation and data processing.
Hands‑on experience with Threat Intelligence Platforms (e.g., MISP, ThreatConnect) and SIEM tools (e.g., Splunk, Elastic).
Proficiency in working with RESTful APIs and scripting in Linux environments.
Understanding of cyber threat concepts, ATT&CK framework, and incident response workflows.
Ability to perform root‑cause analysis, document solutions, and implement corrective actions.

Skills

pythonsiemlinux

CompanyOpenkyber

DepartmentEngineering

LocationGeorgia, United States

Experience3+ years

Tenurefull-time

LevelMid-Level

Posted June 24, 2026