threat intelligence analyst

We are looking for a detail-oriented and highly analytical Threat Intelligence Analyst to join our information security operations team.

The Thread Intelligence Analyst will actively contribute to the preparation and dissemination of intelligence requests at the strategic, operational and tactical level. The threat intelligence function supports actions and decision-making of senior leadership, guides improvements to threat detection capabilities, informs risk assessments and supports vulnerability management and incident response efforts. The role also involves assisting with the administration of threat intelligence platforms and triage of relevant alerts and notifications.

The main responsibilities of the position include:

• Monitors open-source intelligence (OSINT), threat feeds, dark web forums, and other sources to identify emerging threats and vulnerabilities

• Performs in-depth threat analysis, including tactics, techniques, and procedures (TTPs) used by threat actors

• Produces actionable intelligence reports and briefings for technical and non-technical audiences

• Collaborates with the threat detection and threat response teams to improve detection and response capabilities

• Maintains threat intelligence platforms and updates indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs)

• Tracks threat actors and campaigns relevant to the Group's industry and risk profile

• Contributes to threat modelling and risk assessments by providing contextual threat intelligence

• Supports incident response efforts by providing contextual threat intelligence and enrichment

Main requirements:

• BSc/MSc in Information Security or any other related field

• Minimum 3 years working experience in security operations, threat intelligence, incident response

• Solid understanding of incident response

• Solid understanding of the cyber threat intelligence lifecycle, the cyber kill-chain, diamond model and MITRE ATT&CK framework

• Good knowledge of security technologies such as firewalls, IPS, WAF, and VPNs

• Knowledge of various information system technologies (Windows/Linux systems, Active Directory, VMware, databases, etc.)

• Hands on experience with threat intelligence platforms, SIEM and XDR/EDR solutions

• Methodical problem solver and critical thinker

• Very good analytical skills

• Very good verbal and written communication skills

• Ability to work autonomously with minimal supervision

• Strong teamworking skills

• Self-motivated, organized, and proactive

• Comfortable presenting to senior members of the organization and to large audiences

• Ability to learn new technologies quickly and in depth

The following will be considered an advantage:

• Holding one of the following certifications is considered an advantage: GCFA, GCFE, GCIH, GREM, GCIA, GMON, GCFR, eCIR

• Experience with threat hunting and/or threat modelling is considered an advantage

• Good knowledge of security technologies such as firewalls, IPS, WAF, and VPNs

• Basic scripting and programming skills (e.g. Python, PowerShell)

• Experience developing detection rules (YARA, Sigma, Snort) and querying in SIEM platforms (Splunk, Sentinel, Elastic)

Benefit from:

• Attractive remuneration package

• Private health insurance

• Corporate pension fund

• Intellectually stimulating work environment

• Continuous personal development and international training opportunities