Threat Intelligence Specialist (Anomali / Splunk)

Role Overview

Owns end-to-end delivery of threat intelligence onboarding and integration using Anomali, including architecture, data ingestion, enrichment, correlation, and integration with Splunk SIEM and Splunk SOAR to enhance detection, investigation, and automated response capabilities.

Key Responsibilities

· Lead solution architecture and detailed design (HLD / LLD) for threat intelligence integration

· Deploy, configure, and optimize Anomali Threat Intelligence Platform

· Onboard threat intelligence feeds and manage lifecycle, scoring, and confidence tuning

· Integrate Anomali with Splunk SIEM for enrichment, correlation, and detection enhancement

· Integrate threat intelligence into Splunk SOAR playbooks for automated response

· Implement use cases aligned to SOC investigation and threat hunting workflows

· Validate data quality, mappings, and enrichment effectiveness

· Troubleshoot integration, data, and performance issues

· Produce operational documentation and conduct knowledge transfer to run teams

· Support stabilization and transition into BAU operations

Skills and Experience

· Strong hands-on experience with Anomali Threat Intelligence Platform

· Experience integrating threat intelligence with Splunk SIEM and Splunk SOAR

· Strong understanding of threat intelligence lifecycle, IOC management, and enrichment

· Knowledge of SOC operations, threat detection, and incident response

· Experience producing technical design and operational handover documentation

Key Deliverables

· Threat intelligence architecture and integration design documentation

· Configured Anomali TIP integrated with Splunk SIEM and SOAR

· Enrichment and correlation use cases implemented

· Runbooks, SOPs, and formal handover to operations

Pay: QAR12,000.00 - QAR14,000.00 per month

Education:

• Bachelor's (Required)

Experience:

• Anomali Threat Intelligence Platform: 3 years (Required)
• Splunk SIEM and Splunk SOAR: 3 years (Required)

Language:

• Arabic (Required)
• English (Required)

License/Certification:

• degree in computer science (Required)

Location:

• Doha (Required)

Work Location: In person