Galvanick
Senior Threat Intelligence Automation Engineer
Join to apply for the Senior Threat Intelligence Automation Engineer role at
Galvanick .
About Galvanick Galvanick protects the industrial world against cyber attacks. Our threat detection platform defends the modern world against criminals and nation‑states that target operational technology (OT) systems and networks. This is a chance to work in a startup environment with driven individuals committed to solving cybersecurity's big problems. We are backed by Founders Fund, Village Global, MaC Venture Capital, and others.
About The Role We are seeking a Senior Threat Intelligence Automation Engineer to establish and lead Galvanick's threat intelligence program. In this role, you will architect our intelligence capabilities, defining how we consume, produce, and operationalize threat intelligence to protect critical infrastructure. You will bridge the gap between raw intelligence and actionable detections, ensuring our platform stays ahead of evolving threats to OT environments.
This is a unique opportunity to build a threat intelligence program from the ground up, directly impacting how we detect and respond to sophisticated adversaries targeting industrial systems. You will work closely with our detection engineering team to ensure threat intelligence drives both our detection development process and threat identification at runtime. This role requires strategic vision and hands‑on technical implementation to create a world‑class intelligence capability.
What You Will Do
Define and implement Galvanick's comprehensive threat intelligence strategy, establishing processes for consuming, analyzing, and producing actionable intelligence specific to OT/ICS environments.
Drive integration of threat intelligence sources directly into our detection engineering workflow, ensuring new detections are informed by the latest adversary tactics, techniques, and procedures.
Design and define technical requirements for our threat intelligence platform and system of record, selecting and implementing tools that scale with our growth.
Operationalize threat intelligence at runtime, ensuring real‑time correlation between intelligence feeds and active threat detection across customer environments.
Build relationships with intelligence sharing communities, government agencies, and industry partners to enhance our understanding of threats targeting critical infrastructure.
Develop intelligence products and reports informing internal teams and customer decision‑making, translating complex threat landscapes into actionable insights.
Experiment with and iterate on intelligence integration methods, continuously improving how we transform raw intelligence into high‑fidelity detections and hunting hypotheses.
Who You Are
Experience in threat intelligence, with deep expertise in consuming, analyzing, and operationalizing intelligence for security operations or detection engineering.
Strong technical background implementing threat intelligence platforms (TIPs) and STIX/TAXII frameworks, with Python (or Go) proficiency for automating intelligence workflows.
Proven ability to translate strategic intelligence requirements into technical implementations and design and build intelligence programs from the ground up.
Experience working with intelligence sharing communities, ISACs, and government intelligence sources, with an understanding of TLP and intelligence handling requirements.
Demonstrated expertise investigating malware, phishing, web attacks, insider threats, and advanced persistent threats.
Bonus Points
Experience with industrial control systems, SCADA, or operational technology environments and understanding of threats specific to critical infrastructure.
Active involvement in the threat intelligence community with established relationships in industry and government intelligence circles.
Published research, conference presentations, or contributions to open‑source intelligence projects.
Experience working in startup environments where you've had to build capabilities with limited resources while maintaining high quality standards.
Numerous Detection Engineers have sent you “Yes!” memes or outright high‑fived you at various points in your career.
Benefits We provide top‑of‑the‑line medical/dental/vision for employees and dependents, and have additional benefits designed to optimize every team member’s vitality, health, and wellness. Compensation ranges from $100,000/year in our lowest geographic market up to $180,000/year in our highest market. Pay is based on location and may vary. Equity may be provided as part of the compensation package.
Location The Galvanick team is based in Seattle. New team members are expected to work in office. We cover relocation expenses.
ITAR Requirements To conform to U.S. Government export regulations, including ITAR, you must be a U.S. citizen, lawful permanent resident, or qualified to obtain required authorizations from the U.S. Department of State. Learn more about the ITAR
here .
#J-18808-Ljbffr
Galvanick .
About Galvanick Galvanick protects the industrial world against cyber attacks. Our threat detection platform defends the modern world against criminals and nation‑states that target operational technology (OT) systems and networks. This is a chance to work in a startup environment with driven individuals committed to solving cybersecurity's big problems. We are backed by Founders Fund, Village Global, MaC Venture Capital, and others.
About The Role We are seeking a Senior Threat Intelligence Automation Engineer to establish and lead Galvanick's threat intelligence program. In this role, you will architect our intelligence capabilities, defining how we consume, produce, and operationalize threat intelligence to protect critical infrastructure. You will bridge the gap between raw intelligence and actionable detections, ensuring our platform stays ahead of evolving threats to OT environments.
This is a unique opportunity to build a threat intelligence program from the ground up, directly impacting how we detect and respond to sophisticated adversaries targeting industrial systems. You will work closely with our detection engineering team to ensure threat intelligence drives both our detection development process and threat identification at runtime. This role requires strategic vision and hands‑on technical implementation to create a world‑class intelligence capability.
What You Will Do
Define and implement Galvanick's comprehensive threat intelligence strategy, establishing processes for consuming, analyzing, and producing actionable intelligence specific to OT/ICS environments.
Drive integration of threat intelligence sources directly into our detection engineering workflow, ensuring new detections are informed by the latest adversary tactics, techniques, and procedures.
Design and define technical requirements for our threat intelligence platform and system of record, selecting and implementing tools that scale with our growth.
Operationalize threat intelligence at runtime, ensuring real‑time correlation between intelligence feeds and active threat detection across customer environments.
Build relationships with intelligence sharing communities, government agencies, and industry partners to enhance our understanding of threats targeting critical infrastructure.
Develop intelligence products and reports informing internal teams and customer decision‑making, translating complex threat landscapes into actionable insights.
Experiment with and iterate on intelligence integration methods, continuously improving how we transform raw intelligence into high‑fidelity detections and hunting hypotheses.
Who You Are
Experience in threat intelligence, with deep expertise in consuming, analyzing, and operationalizing intelligence for security operations or detection engineering.
Strong technical background implementing threat intelligence platforms (TIPs) and STIX/TAXII frameworks, with Python (or Go) proficiency for automating intelligence workflows.
Proven ability to translate strategic intelligence requirements into technical implementations and design and build intelligence programs from the ground up.
Experience working with intelligence sharing communities, ISACs, and government intelligence sources, with an understanding of TLP and intelligence handling requirements.
Demonstrated expertise investigating malware, phishing, web attacks, insider threats, and advanced persistent threats.
Bonus Points
Experience with industrial control systems, SCADA, or operational technology environments and understanding of threats specific to critical infrastructure.
Active involvement in the threat intelligence community with established relationships in industry and government intelligence circles.
Published research, conference presentations, or contributions to open‑source intelligence projects.
Experience working in startup environments where you've had to build capabilities with limited resources while maintaining high quality standards.
Numerous Detection Engineers have sent you “Yes!” memes or outright high‑fived you at various points in your career.
Benefits We provide top‑of‑the‑line medical/dental/vision for employees and dependents, and have additional benefits designed to optimize every team member’s vitality, health, and wellness. Compensation ranges from $100,000/year in our lowest geographic market up to $180,000/year in our highest market. Pay is based on location and may vary. Equity may be provided as part of the compensation package.
Location The Galvanick team is based in Seattle. New team members are expected to work in office. We cover relocation expenses.
ITAR Requirements To conform to U.S. Government export regulations, including ITAR, you must be a U.S. citizen, lawful permanent resident, or qualified to obtain required authorizations from the U.S. Department of State. Learn more about the ITAR
here .
#J-18808-Ljbffr