Full-Time
Senior Threat Intelligence Automation Engineer
Galvanick
11-50 employees
Industrial cybersecurity XDR platform and services
Compensation Overview
$100k - $180k/yr
No H1B Sponsorship
Seattle, WA, USA
In Person
Relocation assistance is available; office-based role in Seattle.
US Citizenship, US Top Secret Clearance, Canada Citizenship, Canada Top Secret Clearance, UK Citizenship, UK Top Secret Clearance Required
 IT & Security (1) |
|---|
- Experience in threat intelligence, with deep expertise in consuming, analyzing, and operationalizing intelligence for security operations or detection engineering.
- Strong technical background implementing threat intelligence platforms (TIPs) and STIX/TAXII frameworks, with Python (or Go) proficiency for automating intelligence workflows.
- Proven ability to translate strategic intelligence requirements into technical implementations. You have experience designing and building intelligence programs from the ground up.
- Experience working with intelligence sharing communities, ISACs, and government intelligence sources, with an understanding of TLP and intelligence handling requirements.
- Demonstrated expertise investigating malware, phishing, web attacks, insider threats, and advanced persistent threats.
- To conform to US Government export regulations, including the International Traffic in Arms Regulations (ITAR) you must be a US citizen, lawful permanent resident of the US, protected individual as defined by 8 U.S.C. 1324b(a)(3), or eligible to obtain the required authorizations from the US Department of State.
- Define and implement Galvanick's comprehensive threat intelligence strategy, establishing processes for consuming, analyzing, and producing actionable intelligence specific to OT/ICS environments.
- Drive integration of threat intelligence sources directly into our detection engineering workflow, ensuring new detections are informed by the latest adversary tactics, techniques, and procedures.
- Design and define technical requirements for our threat intelligence platform and system of record, selecting and implementing tools that scale with our growth.
- Operationalize threat intelligence at runtime, ensuring real-time correlation between intelligence feeds and active threat detection across customer environments.
- Build relationships with intelligence sharing communities, government agencies, and industry partners to enhance our understanding of threats targeting critical infrastructure.
- Develop intelligence products and reports informing internal teams and customer decision-making. You will translate complex threat landscapes into actionable insights.
- Experiment with and iterate on intelligence integration methods, continuously improving how we transform raw intelligence into high-fidelity detections and hunting hypotheses.
- Experience with industrial control systems, SCADA, or operational technology environments and understanding of threats specific to critical infrastructure.
- Active involvement in the threat intelligence community with established relationships in industry and government intelligence circles.
- Published research, conference presentations, or contributions to open-source intelligence projects.
- Experience working in startup environments where you've had to build capabilities with limited resources while maintaining high quality standards.
- Numerous Detection Engineers have sent you “Yes!” memes or outright high-fived you at various points in your career.
Galvanick provides end-to-end cybersecurity protection for industrial operators by delivering an Extended Detection & Response (XDR) platform. The system continuously monitors industrial IT and OT environments, correlates signals from multiple sources, detects threats, and automates or guides responses to protect operations. It targets early-stage industrial companies (pre-Series B or under 100 employees) with a subscription or service-based model, offering scalable security that grows with the customer. Galvanick differentiates itself through its focused focus on industrial environments, a strong cybersecurity pedigree from a founder with National Security Council leadership experience, and a business model built on ongoing protection and platform development. The company aims to give industrial operators a reliable, scalable security layer that reduces risk and downtime by detecting and responding to threats quickly.
Company Size
11-50
Company Stage
Seed
Total Funding
$16M
Headquarters
Los Angeles, California
Founded
2021
Simplify's Take
What believers are saying
- OT cyberattacks tripled since 2021, boosting demand for XD/OT platform.
- $10M seed funding from Founders Fund signals strong investor confidence.
- Seattle office expansion targets aerospace, telecom manufacturers' growth.
What critics are saying
- Dragos erodes clients with ExxonMobil contracts via superior ICS protocols.
- Nozomi Guardian undercuts pricing 30% lower, causing mining client switches.
- CISA NIST 800-82r3 mandate disqualifies passive monitoring from federal bids.
What makes Galvanick unique
- Galvanick XD/OT reduces false positives 100x versus legacy OT solutions.
- Co-founded by NSC Cyber Senior Director Joshua Steinman for industrial expertise.
- Armada partnership enables edge AI without cloud for disconnected OT sites.
Help us improve and share your feedback! Did you find this helpful?
Your Connections
People at Galvanick who can refer or advise you
Benefits
Health Insurance
Dental Insurance
Vision Insurance
Wellness Program
Company Equity
Relocation Assistance
Growth & Insights and Company News
6 month growth
↑ 0%1 year growth
↑ 0%2 year growth
↑ 4%Galvanick, Armada partner to deliver edge-based OT cybersecurity. Industrial cybersecurity platform company Galvanick has partnered with Armada, a hyperscaler for edge computing, to provide integrated edge computing and operational technology, or OT, security capabilities for global industrial operations. What does the galvanick-armada partnership offer? Galvanick said Tuesday the collaboration combines its continuous monitoring and threat detection tools with Armada's Edge Platform to address OT cyberattacks, which have tripled since 2021. The joint platform allows advanced AI deployment at industrial sites without reliance on cloud connectivity, bandwidth or infrastructure modifications. The integrated system provides complete visibility, autonomous protection with zero-trust architecture and immediate threat context through behavioral analysis. Which sectors does the joint platform support? The platform supports energy, mining, defense and federal infrastructure sectors. It enables real-time monitoring of remote or legacy systems, ensures operational continuity in disconnected environments and aligns with regulatory frameworks, helping organizations detect anomalies and protect critical operations without downtime. What did the Armada & Galvanick ceos say about the collaboration? "Every industrial operator faces an impossible choice: modernize and become vulnerable, or stay offline and become obsolete. With Galvanick integrated directly into AEP, that false choice disappears. Now you can run advanced AI anywhere in the world while maintaining mission-critical security," said Dan Wright, CEO of Armada. "Our joint solution with Armada delivers protection built for the realities of industrial operations: legacy systems, intermittent connectivity and zero tolerance for downtime," said Galvanick CEO Joshua Steinman.
Inside the attic where Galvanick got its start. From left: Josh Steinman; Brandon Park; and Feliks Pleszczynski. (Galvanick Photo)Josh Steinman spent four years working as a senior director inside the National Security Council at the White House. One of his biggest takeaways from that experience was the vulnerability of industrial operations that were becoming more digitized — and more susceptible to cyberattacks. Steinman is now the CEO of Galvanick, a startup that describes itself as an industrial cybersecurity company. Manufacturers in the aerospace and telecom sector are using Galvanick to help monitor their work environments for any potential breaches
Co-founded by former Senior Director for Cyber on the National Security Council, Galvanick provides an end-to-end cybersecurity platform for industrial operators. The company announces $10 million in seed funding for its industrial cybersecurity platform.
European Cybersecurity Workforce Initiative : ISACA, a global professional association, is teaming with the European Commission to grow and empower the cybersecurity workforce in Europe.