[TEST TEST TEST] This is a test job board, used for internal testing. Applications received here will not be received. Job post description opening Job description [TEST TEST TEST] This is a test job board, used for internal testing. Applications received here will not be received. Job post description closed

Make a difference. Be happy. Grow your career. The Role The CTI Engineer Level IV, Team Lead is responsible for the strategic direction, operational leadership, and continuous maturation of the organization’s Cyber Threat Intelligence program. This is a lead position requiring the ability to operate across all three intelligence tiers, tactical, operational, and strategic, while serving as the primary interface between the CTI team and executive stakeholders including the CISO, CTI Steering Committee, and business leadership. The Team Lead is responsible for the intelligence lifecycle from planning and requirements through collection, analysis, dissemination, and feedback. They are accountable for the quality, relevance, and timeliness of all CTI program outputs, the professional development of the CTI team, and the program’s ongoing alignment with organizational risk priorities, regulatory obligations, and the evolving threat landscape. The ideal candidate brings deep technical intelligence tradecraft combined with the leadership maturity to translate complex threat data into executive-level risk context. Experience in the healthcare sector and familiarity with its regulatory environment, including HIPAA, HITECH, HITRUST, PCI-DSS, and GDPR for international operations, is preferred. Nordic, Best in KLAS IT Services Firm and solely serving the healthcare industry, strives to empower healthcare providers to leverage technology and to realize digital transformation. All Nordic staff embrace Nordic’s maxims and mission to serve our customers who care so well for us. Key Responsibilities Program Leadership & Governance - Lead the CTI program strategy, roadmap, and continuous maturation plan, driving the program from a foundational state toward advanced and leading practices across all CTI Framework domains. - Chair the CTI Working Group and serve as the primary CTI representative to the CTI Steering Committee, presenting program performance, intelligence outcomes, and KPI results to the CISO and executive stakeholders on the established cadence. - Maintain and annually refresh the Intelligence Requirements Document (IRD) and Priority Intelligence Requirements (PIRs) across all three intelligence tiers ensuring collection and production remain aligned with evolving organizational risk priorities and stakeholder needs. - Define, track, and report program KPIs including PIR collection coverage, intelligence utilization rates, SLA adherence, stakeholder satisfaction scores, and strategic intelligence production metrics, providing transparent performance visibility to leadership. - Support CTI program budget planning and manage vendor relationships and platform licensing in coordination with the CISO and procurement, ensuring capital assets are maintained, optimized, and protected. Intelligence Production & Quality - Provide oversight and quality assurance across all CTI intelligence products, ensuring tactical, operational, and strategic outputs meet defined standards for accuracy, relevance, timeliness, and actionability. - Lead production of high-complexity strategic intelligence products including Quarterly Threat Landscape Reports, Annual Threat Assessments, Executive Risk Briefings, and geopolitical risk analyses relevant to the U.S. and Ireland enterprise footprint. - Direct and review operational intelligence products including threat actor profiles, campaign analyses, and TTP assessments targeting the healthcare sector, ensuring findings are integrated into SOC detections, IR playbooks, and vulnerability management prioritization workflows. - Establish and enforce intelligence quality standards, structured analytical techniques, and production SLAs across all team outputs; conduct periodic product reviews and drive continuous improvement through Engineer feedback and stakeholder input. - Maintain authoritative expertise in adversary TTPs, healthcare-sector threat actors, and emerging attack methodologies, applying frameworks such as MITRE ATT&CK, Cyber Kill Chain and Diamond Model. Collection Management & Technology - Oversee and optimize the CTI collection ecosystem including commercial threat feeds, open-source intelligence (OSINT), dark web monitoring, H-ISAC and relevant ISAC participation, and internal telemetry ingestion from other sources such as SIEM, EDR, and firewall sources. - Govern Threat Intelligence Platform (TIP) architecture and integration health, ensuring data flows between the TIP and SIEM, SOAR, and EDR platforms are operational, documented, and continuously monitored. - Manage information sharing relationships with H-ISAC, peer healthcare organizations, and public sector partners (CISA, FBI), ensuring reciprocal intelligence exchange and compliance with Traffic Light Protocol (TLP) classification standards and applicable sharing agreements. - Drive automation and integration initiatives to reduce manual collection and processing burden, improve intelligence velocity, and expand program coverage. Team Leadership & Development - Lead, mentor, and develop a team of CTI Engineers, providing technical guidance, structured feedback, and career development support to build individual tradecraft and collective program capability. - Establish and maintain a structured Engineer onboarding curriculum covering CTI lifecycle, tools, collection procedures, analysis methodologies, and report writing standards; support Engineer pursuit of industry certifications such as GCTI and CTIA. - Foster a culture of analytical rigor, continuous learning, and intelligence-led thinking; encourage application of structured analytical techniques. - Collaborate on platform development, automation pipelines, and technical infrastructure, providing programmatic direction and ensuring technical work is aligned with intelligence requirements and program objectives. Stakeholder Engagement & Cross-Functional Integration - Serve as the senior CTI point of contact for SOC, Incident Response, Vulnerability Management, Risk, Compliance, Legal, Third-Party Risk teams, and others ensuring CTI outputs are consumed, acted upon, and providing measurable value across security and business functions. - Lead CTI engagement in active incident response investigations, providing attribution analysis, actor context, predictive next-step assessments, and post-incident intelligence review to improve detection and response for future events. - Provide intelligence support to brand protection, third-party risk management, and compliance initiatives, translating threat intelligence into risk context relevant to each function’s decision-making needs. - Deliver regular stakeholder briefings and education sessions to ensure intelligence consumers across SOC, leadership, and business units understand how to interpret CTI products, submit intelligence requirements, and provide structured feedback. Compliance & Documentation - Ensure all CTI activities, products, and data handling practices comply with applicable governance, including HIPAA, HITECH, HITRUST, PCI-DSS, NIST 800-53/61/150, and GDPR requirements. - Maintain comprehensive program documentation including SOPs, platform runbooks, collection management frameworks, sharing agreements, and governance records; ensure documentation is current, accessible, and audit ready. - Support internal audits, regulatory examinations, and third-party assessments requiring evidence of CTI program operations, controls, and effectiveness. Skills and Experience - Proven experience leading a CTI team or program, including stewardship of intelligence requirements, program strategy, KPI reporting, and stakeholder management at the executive level. - Expert-level knowledge of the intelligence lifecycle across all three tiers: tactical (IOC production, detection engineering support), operational (threat actor tracking, campaign analysis), and strategic (threat landscape assessment, executive risk briefing). - Deep applied knowledge of MITRE ATT&CK, Cyber Kill Chain, and Diamond Model including ability to apply and teach these frameworks in operational contexts. - Hands-on experience with Threat Intelligence Platforms (TIPs), SIEM tools, EDR platforms, SOAR integration, OSINT methodologies, malware analysis (static and dynamic), network traffic analysis (NETFLOW, PCAP), and dark web monitoring. - Demonstrated experience managing external intelligence partnerships including ISAC participation, government stakeholder relationships (CISA, FBI, MS-ISAC), and commercial vendor management. - Strong written and verbal communication skills with the proven ability to produce and present executive-level intelligence products and risk briefings to non-technical audiences including CISO, and business leadership. - Healthcare sector experience including working knowledge of healthcare-specific threat actors, attack patterns, and the regulatory environment (HIPAA, HITECH, HITRUST, PCI-DSS). - Familiarity with GDPR and EU data protection requirements relevant to intelligence operations supporting international business units. Required Minimum Education - Bachelor's or master's degree in Computer Science, Cybersecurity, Information Security, Intelligence Studies, or related discipline. Licensure/Certification Preferred - GCTI (GIAC Cyber Threat Intelligence) or equivalent intelligence-focused certification. - CISM, CISSP, GCIH, GCFA, GDAT, CEH, or equivalent advanced security certifications. Minimum Years and Type of Experience - Generally, requires a Bachelor's degree and 12 years of related experience or a Master's degree and 8 years of related experience. - 10+ years of progressive experience in cyber threat intelligence, information security, or related fields, with demonstrated advancement from Engineer to senior practitioner to program leadership responsibilities. Other Knowledge, Skills and Abilities Preferred - Experience building or significantly maturing a CTI program from foundational to advanced practices, including development of governance structures, PIR frameworks, and intelligence product taxonomies. - Proficiency in scripting and automation (Python, PowerShell, or equivalent) for threat data enrichment, collection automation, and reporting pipelines. - Experience with TLP governance, formal intelligence sharing agreements, and operating within trusted community frameworks (H-ISAC, FS-ISAC, or equivalent sector ISACs). - Familiarity with capital program management, budget management support, and vendor contract management in an enterprise security context. Additional details - May require availability outside of normal business hours in response to critical threat events or time-sensitive intelligence requirements that demand senior CTI leadership involvement. - High degree of integrity, discretion, and judgment in handling sensitive threat intelligence, organizational risk data, and confidential stakeholder information. - Ability to manage competing priorities in a fast-paced environment, balancing tactical daily operations with strategic program development responsibilities. Nordic is an equal opportunity employer. We are committed to creating an inclusive environment for all employees and applicants. We do not discriminate on the basis of race, color, religion, sex, national origin, age, disability, genetic information, marital or veteran status, or any other protected status under applicable federal, state, or local laws. We encourage individuals of all backgrounds to apply, including women, minorities, individuals with disabilities, and veterans.

Job Title: Azure Local Customer Engineer Job Description Title Azure Local Customer Engineer Role type As a Customer Engineer, you will collaborate directly with customer teams to provide expert advisory services across a range of technologies. By leveraging structured intellectual property (MIP) engagements, you will establish trusted advisor relationships and guide customers towards achieving a healthy and secure state. Relevant MIP/VBD Titles Azure Local Workshop On Demand Assessment – Hyper-V On Demand Assessment – Windows Server WorkshopPLUS - Azure Arc with Labs WorkshopPLUS - Azure Virtual Desktop WorkshopPLUS - Windows Server 2022 and Azure Hybrid Features Skills Required This role requires deep knowledge (300 – 400 level) in the following technology areas: Azure Local Deployment and configuration: - Software Defined Networking Deployments and Configuration - Network ATC - Storage Spaces Direct Deployments and Configuration - Storage Provisioning - Azure ARC for Servers - Azure Virtual Desktop - Virtual Machines - Azure Update Manager - Azure Monitor Windows Server (Windows Server 2012 R2-2025 = advanced level) : - Virtualization (Azure Stack HCI/Local, Hyper-V, VMware) - System Center Virtual Machine Manager - SCVMM Azure Hybrid Services: - Azure Backup and Site Recovery - Azure Migrate - Azure ARC - Azure Monitor - Azure Virtual Machine - VM - Azure Virtual Desktop - AVD Backup and migration tools (SCDPM, Veeam, Commvault, Carbonite, …) General Azure IaaS platform (networking, storage, etc.) Optional Skills Entra ID (RBAC, AuthN/AuthZ, Hybrid identity, Entra ID Domain Services) Azure Kubernetes Services – AKS Azure PaaS Services (Function App, APIM, Automation) Infrastructure as code (Bicep/ARM or Terraform) Azure Network security (NSG, BGP routing, ExpressRoute and Gateway) Relevant Certifications Microsoft Certified Systems Engineer (MCSE) or equivalent Microsoft Certified Trainer – MCT or equivalent Microsoft Certified Windows Server Hybrid Administrator Associate AZ800/AZ801 Microsoft Certified Azure Solutions Architect Expert – AZ305 Microsoft Certified Azure Administrator – AZ104 Microsoft Certified: Azure Virtual Desktop Specialty – AZ140 Location: ESP Work-at-Home Language Requirements: Time Type: Full time

Job Title: Azure IaaS Customer Engineer Job Description Azure IaaS Customer Engineer Technical skills: Broad knowledge of Azure infrastructure with deep understanding of the following: Azure virtual machines Azure Arc Azure Backup Azure Site Recovery Azure Networking Azure Storage Azure Monitor Azure Insights Azure Policy Well architected framework (and implementation of concepts) Cloud adoption framework (and implementation of concepts) Well rounded skills in other general areas of Azure infrastructure (IaaS, PaaS, SaaS, etc) Nice to have: Understanding of competitor clouds and how they compare to Azure Technical experience with hybrid infrastructures, architecture designs, and technology management. 8+ years experience with customer facing roles in systems architecture, administration, operations, software support, IT consulting, on-premises and cloud support or consulting for enterprise and/or government customer base, and advanced troubleshooting Understanding of Microsoft’s Modern IT Architecture and Strategy Proven track record in successfully planning, deploying, operating, and optimizing cloud environments Azure certifications (Azure Solutions Architect Expert; Azure Security Engineer Associate; Azure Administrator Associate) Candidates must be able to work independently. Characteristics of importance include but are not limited to customer service, problem solving, communication skills, and the ability to read/interpret the needs/wants of customer executives and leaders. Advanced Microsoft certifications are preferred. BA/BS (or higher) in Information Technology or equivalent experience Expert level of Microsoft enterprise software product offerings Excellent demonstrated customer service skills Role type: Advisory - architecture, consulting, and support to help customers drive solutions and resolutions Location: ESP Work-at-Home Language Requirements: Time Type: Full time