PRI Technology
Manager, Threat Intelligence & PEN Test (Blue/Purple Team)
PRI Technology, Austin, Texas, us, 78716
Base pay range
$180,000.00/yr - $200,000.00/yr
Additional compensation types Annual Bonus
Job Summary Manager, Threat Intelligence & Testing based in Austin, TX. This is an enterprise role working for a 70,000+ organization reporting to the Attack Surface Management Director. This person will lead a team of analysts and security professionals focused on identifying, analyzing, and simulating cyber threats to proactively defend the organization’s enterprise and manufacturing environments. This role is critical in enhancing threat visibility, validating security controls, and informing strategic defense initiatives. The ideal candidate will possess a strong background in cyber threat intelligence, adversary emulation, and blue/purple team operations, combined with proven leadership and communication skills.
Location & Schedule Location: Austin, TX
Schedule: 4 days onsite, 1 remote
Responsibilities
Lead and mentor a team of threat intelligence analysts and security testing professionals, fostering a culture of curiosity, rigor, and continuous improvement.
Develop and execute strategies for threat intelligence gathering and security testing aligned with organizational risk management goals.
Set performance goals, conduct regular reviews, and provide feedback and development plans for team members.
Serve as the primary point of contact for threat intelligence and testing matters, communicating findings and recommendations to executive leadership and other stakeholders.
Manage budgets for tools, training, and resources related to threat intelligence and testing operations.
Oversee the collection, analysis, and dissemination of tactical, operational, and strategic threat intelligence.
Maintain and evolve the threat intelligence platform (e.g., Anomali, MISP, TIP integrations).
Enrich detection and response efforts through intelligence-led insights.
Lead internal and external penetration testing, purple team engagements, and threat emulation exercises.
Drive continuous control validation initiatives (e.g., MITRE ATT&CK alignment, breach simulation).
Collaborate with detection engineers and SOC to convert threat Client into actionable detections.
Guide hypothesis-driven threat hunts based on current intelligence and adversary behaviors.
Maintain a technical understanding of adversary TTPs, attack surface management, and risk-based prioritization.
Collaborate with detection engineering, SOC, and incident response teams to align intelligence and testing efforts with operational needs.
Partner with IT, OT, and business units to ensure threat intelligence and testing activities support enterprise and industrial environments.
Communicate threat trends, testing outcomes, and risk insights effectively to both technical and executive stakeholders.
Ensure intelligence and testing practices support compliance with internal policies and external regulatory requirements.
Qualifications
Bachelor's or Master's degree in Cybersecurity, Intelligence Studies, or related field
Solid experience in threat intelligence, red/purple teaming, or adversary emulation
Extensive experience in cyber threat intelligence lifecycle management, including collection, analysis, dissemination, and operationalization.
Skilled in profiling threat actors, mapping TTPs to MITRE
Proficient in designing and executing red and purple team exercises using tools like Cobalt Strike, Caldera, and Atomic Red Team.
Strong understanding of threat intelligence platforms, STIX/TAXII protocols, and integration with SIEM/SOAR.
Experienced in adversary emulation, control validation, and threat-informed defense strategies across IT and OT environments.
Effective at translating threat intelligence into detection logic, hunting hypotheses, and executive-level risk narratives.
Proven ability to lead cross-functional testing initiatives and influence detection and response strategies through intelligence insights.
Familiar with regulatory and compliance frameworks (e.g., NIST, ISO, CMMC) and their intersection with threat intelligence programs.
Strong knowledge of threat actor profiling, TTP mapping, and intelligence lifecycle management
Experience with threat intelligence platforms (TIPs), STIX/TAXII, and integrating intelligence into SOC and IR workflows
Strong communication and reporting skills, with the ability to translate technical findings into business risk language
Certifications such as GCTI, CTIA, OSCP, or CRTO are highly valued
Benefits & Perks
Medical insurance
Vision insurance
401(k)
Tuition assistance
Disability insurance
Contact Senior IT Recruiter at PRI Technology
Email: lori.sklarski@pritechnology.com
Phone: 973-732-5454 x27
Office: 973.732.5454 x27
Cell: 973.432.9968
Website:
www.pritechnology.com
#J-18808-Ljbffr
Additional compensation types Annual Bonus
Job Summary Manager, Threat Intelligence & Testing based in Austin, TX. This is an enterprise role working for a 70,000+ organization reporting to the Attack Surface Management Director. This person will lead a team of analysts and security professionals focused on identifying, analyzing, and simulating cyber threats to proactively defend the organization’s enterprise and manufacturing environments. This role is critical in enhancing threat visibility, validating security controls, and informing strategic defense initiatives. The ideal candidate will possess a strong background in cyber threat intelligence, adversary emulation, and blue/purple team operations, combined with proven leadership and communication skills.
Location & Schedule Location: Austin, TX
Schedule: 4 days onsite, 1 remote
Responsibilities
Lead and mentor a team of threat intelligence analysts and security testing professionals, fostering a culture of curiosity, rigor, and continuous improvement.
Develop and execute strategies for threat intelligence gathering and security testing aligned with organizational risk management goals.
Set performance goals, conduct regular reviews, and provide feedback and development plans for team members.
Serve as the primary point of contact for threat intelligence and testing matters, communicating findings and recommendations to executive leadership and other stakeholders.
Manage budgets for tools, training, and resources related to threat intelligence and testing operations.
Oversee the collection, analysis, and dissemination of tactical, operational, and strategic threat intelligence.
Maintain and evolve the threat intelligence platform (e.g., Anomali, MISP, TIP integrations).
Enrich detection and response efforts through intelligence-led insights.
Lead internal and external penetration testing, purple team engagements, and threat emulation exercises.
Drive continuous control validation initiatives (e.g., MITRE ATT&CK alignment, breach simulation).
Collaborate with detection engineers and SOC to convert threat Client into actionable detections.
Guide hypothesis-driven threat hunts based on current intelligence and adversary behaviors.
Maintain a technical understanding of adversary TTPs, attack surface management, and risk-based prioritization.
Collaborate with detection engineering, SOC, and incident response teams to align intelligence and testing efforts with operational needs.
Partner with IT, OT, and business units to ensure threat intelligence and testing activities support enterprise and industrial environments.
Communicate threat trends, testing outcomes, and risk insights effectively to both technical and executive stakeholders.
Ensure intelligence and testing practices support compliance with internal policies and external regulatory requirements.
Qualifications
Bachelor's or Master's degree in Cybersecurity, Intelligence Studies, or related field
Solid experience in threat intelligence, red/purple teaming, or adversary emulation
Extensive experience in cyber threat intelligence lifecycle management, including collection, analysis, dissemination, and operationalization.
Skilled in profiling threat actors, mapping TTPs to MITRE
Proficient in designing and executing red and purple team exercises using tools like Cobalt Strike, Caldera, and Atomic Red Team.
Strong understanding of threat intelligence platforms, STIX/TAXII protocols, and integration with SIEM/SOAR.
Experienced in adversary emulation, control validation, and threat-informed defense strategies across IT and OT environments.
Effective at translating threat intelligence into detection logic, hunting hypotheses, and executive-level risk narratives.
Proven ability to lead cross-functional testing initiatives and influence detection and response strategies through intelligence insights.
Familiar with regulatory and compliance frameworks (e.g., NIST, ISO, CMMC) and their intersection with threat intelligence programs.
Strong knowledge of threat actor profiling, TTP mapping, and intelligence lifecycle management
Experience with threat intelligence platforms (TIPs), STIX/TAXII, and integrating intelligence into SOC and IR workflows
Strong communication and reporting skills, with the ability to translate technical findings into business risk language
Certifications such as GCTI, CTIA, OSCP, or CRTO are highly valued
Benefits & Perks
Medical insurance
Vision insurance
401(k)
Tuition assistance
Disability insurance
Contact Senior IT Recruiter at PRI Technology
Email: lori.sklarski@pritechnology.com
Phone: 973-732-5454 x27
Office: 973.732.5454 x27
Cell: 973.432.9968
Website:
www.pritechnology.com
#J-18808-Ljbffr