CrawlJobs Logo
Hornetsecurity Logo Hornetsecurity · IT - Software Development

Cyber Threat Intelligence Specialist

North Macedonia, Skopje Employment contract · Job Posted June 16, 2026
Apply Position
Job Link Share

Job Description

Join our mission to fight cybercrime and become a key member of our Threat Intelligence Lab Team. We are looking for an experienced Cyber Threat Intelligence Specialist to join us full-time in our office in Skopje as soon as possible. In this role, you will transform cyber threat intelligence into consistent, relevant, and actionable insights that help protect our clients. You will investigate detected threats, identify TTPs, indicators of compromise, and tools used by adversaries, while keeping our intelligence tools up to date and sharing your expertise with fellow analysts.

Job Responsibility

  • Lead the management of Threat Intelligence within our CTI platform. Verify and ensure the accuracy and reliability of data within the platform
  • Develop and maintain threat intelligence processes and procedures
  • Continuously monitor and analyze Cyber Threat Intelligence from various sources including open-source intelligence, commercial feeds and internal data
  • Identify and assess potential threats and vulnerabilities to our clients
  • Provide actionable intelligence insights to support relevant teams for incident response
  • Evaluate and recommend new tools and technologies to improve threat intelligence capabilities
  • Produce detailed reports and briefings on cyber threats, trends and incidents for technical and non-technical stakeholders
  • Collaborate with internal and external cybersecurity associations on behalf of Hornetsecurity, representing the company at industry events and conferences

Requirements

  • Strong understanding of fundamental cybersecurity concepts, including the CIA triad (Confidentiality, Integrity, Availability), vulnerability management, Advanced Persistent Threats (APT), as well as security frameworks and standards such as NIST, ISO 27001 and MITRE ATT&CK
  • Advanced understanding of tools, tactics, techniques and Procedures (TTPs) utilized by threat actors and ability to identify behavioural or recurrent patterns
  • Proficiency with threat intelligence platforms such as OpenCTI, MISP or ThreatConnect
  • Familiarity with programming and scripting languages (e.g., Python, PowerShell)
  • Proficiency in network protocols and packet analysis, with a deep understanding of TCP/IP, DNS, HTTP/HTTPS, and other relevant protocols
  • Proficiency in using SIEM solutions (e.g., Splunk, QRadar), and other security tools
  • Strong analytical and problem-solving skills to assess complex threat information
  • Excellent written and verbal communication skills to effectively convey threat intelligence to both technical and non-technical audiences
  • Ability to work collaboratively in a team environment and build strong relationships with stakeholders
  • Strong attention to detail to identify subtle indicators of compromise and emerging threats
  • Ability to adapt to rapidly changing threat landscapes and respond to new challenges
  • Commitment to continuous learning and staying updated with the latest cybersecurity trends and developments
  • Fluent in spoken and written English

What we offer

  • Room for innovation and autonomy in a fast-growing international company
  • Temporary Employee Exchange Program – we provide the ability for you to work at our global office locations and explore the world (e.g. Berlin, Madrid, Malta, Montréal, Washington D.C.)
  • Flexible working hours and the option to work from home
  • Permanent contracts – we’re in it for the long haul and hope you are too!
  • Team events like Laser Tag, Office Movie Nights, Foodie Fridays and much more – let yourself be surprised!
  • FitKit subscription and private insurance for your health!
  • Referral Bonus: we pay 1500€ for each referral who is successfully hired by us!
Hornetsecurity - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Cyber Threat Intelligence Specialist

8 matching positions

Cyber Threat Intelligence Specialist

To reduce Vodafone’s cyber risk exposure by delivering timely, actionable threat...
Location
Location
United Kingdom , Newbury
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong understanding of active nation‑state and financially motivated threat actors targeting telecoms, enterprise networks, and critical national infrastructure, with focus on actor tactics, techniques and procedures (TTP's)
  • Hands‑on experience producing and applying operational threat intelligence, including indicator development, attack pattern analysis, and supporting detection, response, and remediation activities
  • Ability to triage, correlate, and integrate multiple intelligence sources (telemetry, open source, vendor, and partner intelligence) into clear, actionable outputs
  • Effective stakeholder engagement skills across SOC, Incident Management and cyber defence teams, with the ability to communicate threat information clearly to technical audiences under operational pressure
  • Experience working with external intelligence communities and information‑sharing groups to enrich situational awareness and support operational security outcomes
Job Responsibility
Job Responsibility
  • Deliver operational and tactical threat intelligence on active threat actors, campaigns, and techniques impacting Vodafone's networks, IT environment, and services, with a focus on supporting detection and mitigation of threats
  • Support live incidents, investigations, and Threat Action Groups by monitoring adversary activity, providing timely intelligence updates, and maintaining situational awareness throughout operational events
  • Analyse threat reporting, tooling, and external intelligence to identify actionable indicators, attack patterns, and detection opportunities, feeding directly into CSOC, Incident Management, and defensive teams
  • Track intelligence outcomes by assessing whether intelligence contributed to detection improvements, response actions, vulnerability remediation, or threat disruption, and feed lessons learned back into operational processes
What we offer
What we offer
  • Yearly bonus: 10%
  • Annual leave: 28 days + bank holidays + the opportunity to buy/sell/carry over 5 days/year
  • Charity days: 5 days/year
  • Maternity leave: 52 weeks: the first 13 weeks are fully paid, followed by 26 weeks of half pay
  • Private pension: You can contribute up to 5% of your basic pay with 2:1 matching from Vodafone up to 10%
  • Access to: private medical, private dental, free health assessments, share save scheme
  • Additional discounts: Vodafone retail, gym, cinema, cycle to work, season ticket loan
  • Fulltime
Read More
Arrow Right

Strategic Threat Intelligence Specialist

To reduce Vodafone’s cyber risk exposure by delivering forward-looking, strategi...
Location
Location
United Kingdom , Newbury
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong understanding of nation-state and financially motivated threat actors targeting telecoms and critical national infrastructure
  • Experience in building or maturing intelligence-sharing processes, including defining requirements, standardising outputs, and measuring impact
  • Ability to combine multiple intelligence sources into clear, defensible strategic assessments
  • Strong stakeholder management skills across technical and executive audiences
  • Experience engaging with external intelligence communities and leveraging trusted relationships to enhance internal security posture
Job Responsibility
Job Responsibility
  • Produce strategic intelligence assessments on priority threat actors, campaigns, and emerging risks impacting telco, network and IT infrastructure
  • Mature and structure Vodafone’s intelligence-sharing relationships across internal stakeholders to ensure intelligence is actionable and consistently drives risk reduction
  • Strengthen and grow external intelligence partnerships with entities such as NCSC, ISACs, peer telcos, and intelligence providers
  • Establish feedback loops to measure whether shared intelligence results in detection improvements, vulnerability remediation, control uplift, or mission activity
  • Translate geopolitical developments, sector targeting trends, and adversary evolution into clear risk implications for Vodafone’s networks, platforms, estate, and supply chain
  • Brief senior leadership and stakeholders with concise, risk-based reporting that supports strategic decision-making
  • Support the development of structured threat missions aligned to priority adversaries, ensuring intelligence requirements are clearly defined and outcomes are tracked
What we offer
What we offer
  • Yearly bonus: 10%
  • Annual leave: 28 days + bank holidays + the opportunity to buy/sell/carry over 5 days/year
  • Charity days: 5 days/year
  • Maternity leave: 52 weeks: the first 13 weeks are fully paid, followed by 26 weeks of half pay
  • Private pension: You can contribute up to 5% of your basic pay with 2:1 matching from Vodafone up to 10%
  • Access to: private medical, private dental, free health assessments, share save scheme
  • Additional discounts: Vodafone retail, gym, cinema, cycle to work, season ticket loan
Read More
Arrow Right

Specialist, Cyber Intelligence - ISSO

L3Harris is dedicated to recruiting and developing high-performing talent who ar...
Location
Location
United States , Waco
Salary
Salary:
Not provided
l3harris.com Logo
L3Harris
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s Degree and minimum 4 years of prior relevant experience. Graduate Degree and a minimum of 2 years of prior related experience. In lieu of a degree, minimum of 8 years of prior related experience
  • Minimum Security+ certification required
  • This position requires a TS with SCI eligibility security clearance. Security clearances may only be granted to U.S. citizens
Job Responsibility
Job Responsibility
  • Responsible for the development, deployment and execution of controls and defenses to ensure the security of company technology, information systems, and system deliverables
  • Supports secure systems operations and maintenance
  • Assesses and mitigates system security threats and risks throughout the program life cycle
  • Performs system certification and accreditation planning, testing, and validation activities in coordination with government customers
  • Executes first level responses and addresses reported or detected incidents
  • Interprets, analyzes, and reports all events and anomalies in accordance with directives, to include initiating, responding, and reporting discovered events
  • Safeguards information against unauthorized use, infiltration, exfiltration, modification, destruction or disclosure of national security information
  • Notify the ISSM of changes affecting the ATO. Coordinate any changes to hardware, software, or firmware with the ISSM prior to any change
  • Building Aircraft disk pack sets, along with keeping them maintained and updated, as necessary to support our test team, and the Air Force as required
  • Willing to Travel 25% of the time to support offsite test events
  • Fulltime
Read More
Arrow Right

Cyber Threat Specialist

Critical role within the Cyber Threat Intelligence Team. As a Threat Specialist ...
Location
Location
Australia , Victoria
Salary
Salary:
Not provided
woolworths.com.au Logo
Woolworths Supermarkets
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of tested cyber security experience within high-pressure environments, including SOC, NOC, and CIRT ecosystems
  • Expert-level mastery in network intrusion, detection, and response, with a current and sharp understanding of the modern threat landscape
  • Deep-seated intuition for malicious code, with the specialised skills required to understand the anatomy of an attack
  • Seamlessly applying the MITRE ATT&CK® framework and Cyber Kill Chain methodology to map adversary behavior and anticipate the 'next move'
  • Broad spectrum confidence across an array of security applications, ensuring the right tool is leveraged for the right threat at the right time
  • Advanced proficiency in Open Source Intelligence, turning public data into actionable defensive strategies
  • A rare ability to translate complex cyber risks into tangible business outcomes, ensuring security initiatives drive organisational value rather than just technical compliance
  • Comprehensive end-to-end exposure to Incident Response (IR), from initial triage through to post-mortem and long-term hardening
  • Equally effective as an individual contributor or a collaborative team player, maintaining peak performance in both autonomous and integrated environments
Job Responsibility
Job Responsibility
  • Maintain awareness of the cyber threat landscape by conducting research to contribute to formal threat reports and curate actionable intelligence
  • Triage, tune, and customise threat alerts while incorporating curated Indicators of Compromise (IOCs) into the existing threat framework
  • Identify and prioritise detection opportunities using SIEM and EDR tools, mapped against the Mitre ATT&CK framework for comprehensive coverage
  • Conduct threat hunting, trigger incident response workflows, and provide dedicated intelligence support during major security incidents
  • Proactively raise security risks and recommend appropriate controls to strengthen the organisation's defensive posture
  • Assist with the zero-day vulnerability process and ensure all technical documentation remains current and accurate
  • Drive continuous improvement by streamlining workflows through the strategic use of automation and advanced tooling
  • Fulltime
Read More
Arrow Right
New

Senior Cyber Threat Hunting Specialist

The Senior Cyber Threat Hunting Specialist supports the Missile Defense Agency (...
Location
Location
United States , Redstone Arsenal, Huntsville
Salary
Salary:
149000.00 - 158000.00 USD / Year
amentum.com Logo
Amentum
Expiration Date
June 22, 2026
Flip Icon
Requirements
Requirements
  • Must have 6 years of combined experience in Defensive Cyber Operations (DCO), to include enterprise-level security monitoring, incident response, and threat hunting
  • Must have 2 years of experience in management or leadership in a team environment
  • Must have experience applying the MITRE ATT&CK framework to security operations or intelligence analysis
  • Must have one, or more, of the following certifications: CFR, CySA+, GCFA, GCIA, GICSP
  • Must have an active DoW Top Secret with SCI Eligibility
  • Have experience with MS Office 365 suite applications (Word, Excel, PowerPoint, Visio, etc.)
  • Be able to multi-task and prioritize various projects and assignments in a dynamic work environment to meet scheduled/unscheduled customer requests
  • Be willing to travel up to 25% of the time
  • Be willing to support teams in a 24/7 operational environment and respond quickly to emergencies as needed
  • Have excellent communication skills, with the ability to translate complex technical findings into concise and actionable intelligence for senior leadership and non-technical stakeholders
Job Responsibility
Job Responsibility
  • Serve as the primary Subject Matter Expert (SME) on advanced threats for the MDA Cyber Security Service Provider (MDA CSSP), collaborating with Defensive Cyber Operations, Cyber Threat Intelligence (CTI), Cyber Threat Emulation (CTE), and Forensics teams to drive unified defensive strategies
  • Develop and execute intelligence-driven hunt hypotheses to detect Advanced Persistent Threats (APTs) and anomalies that bypass traditional security controls
  • Map adversary Tactics, Techniques, and Procedures (TTPs) using the MITRE ATT&CK framework and integrate tactical threat intelligence into hunt operations
  • Analyze network traffic, host-based logs, and endpoint telemetry utilizing SIEM, EDR, and packet capture tools
  • Correlate asset, threat, and vulnerability data against known adversary exploits and techniques to determine impact and improve network defensive posture
  • Leverage actionable Cyber Threat Intelligence data to search for indicators of compromise and assist in the development of SIEM content/signatures to detect known attack patterns and make recommendations to improve detection capabilities, tune alerts, and close security gaps
  • Coordinate with CSSP subscribers to develop current configurations, rules, and signatures for cyber security related toolsets
  • Coordinate with CSSP subscribers to notify, investigate, and remediate discrepancies in security logging and CSSP alignment
  • Transition confirmed threats to Defensive Cyber Operations, providing forensic artifacts, root cause analysis, and actionable intelligence during active investigations
  • Create and maintain custom scripts (e.g., PowerShell, Bash, Elastic KQL, ES|QL) to automate data parsing, log aggregation, and routine hunt tasks
What we offer
What we offer
  • Health, dental, and vision insurance
  • Paid time off and holidays
  • Retirement benefits (including 401(k) matching)
  • Educational reimbursement
  • Parental leave
  • Employee stock purchase plan
  • Tax-saving options
  • Disability and life insurance
  • Pet insurance
  • Fulltime
!
Read More
Arrow Right

Cyber Threat Hunting Specialist

At Vodafone, we’re not just shaping the future of connectivity for our customers...
Location
Location
United Kingdom , Newbury
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Threat Research Expertise
  • You are an experienced security analyst who operates well beyond alert-driven workflows
  • You have a deep understanding of adversary tactics, techniques, and procedures
  • Analytical Thinking
  • You are comfortable working with incomplete, ambiguous, or conflicting data
  • Tool Proficiency
  • You are highly proficient in querying and analysing large-scale security data
  • Data Source Fluency
  • You are confident working across diverse telemetry, including endpoint, identity, network, and cloud data
  • Collaborative Communication
Job Responsibility
Job Responsibility
  • Proactively search for signs of cyber threats across systems and networks
  • Proactive Threat Hunting
  • Drive proactive threat hunting across Vodafone’s environment
  • Own complex investigations end-to-end
  • Rule Development for Security Operations
  • Translate your hunting outcomes into robust, production-ready detection logic
  • Challenge existing detections, identifying gaps in coverage, and refining logic
  • Threat Intelligence Integration
  • Work closely with Cyber Threat Intelligence to turn intelligence into actionable outcomes
  • Assess, validate, and challenge intelligence by mapping it to real telemetry and observed behaviours
What we offer
What we offer
  • Yearly bonus: 10%
  • Annual leave: 28 days + bank holidays + the opportunity to buy/sell/carry over 5 days/year
  • Charity days: 5 days/year
  • Maternity leave: 52 weeks: the first 13 weeks are fully paid, followed by 26 weeks of half pay
  • Private pension: You can contribute up to 5% of your basic pay with 2:1 matching from Vodafone up to 10%
  • Access to: private medical, private dental, free health assessments, share save scheme
  • Additional discounts: Vodafone retail, gym, cinema, cycle to work, season ticket loan
  • Fulltime
Read More
Arrow Right

Head of cyber threat exposure and attack surface management

Lead the enterprise-wide Continuous Threat Exposure Management (CTEM) strategy, ...
Location
Location
United Kingdom , Knutsford
Salary
Salary:
Not provided
barclays.co.uk Logo
Barclays
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience in cybersecurity with direct exposure to vulnerability management, red teaming, or threat exposure reduction
  • Proven track record leading programs integrating CSPM, SSPM, ASM, BAS, or exposure correlation technologies
  • Strong understanding of attack paths, adversary emulation, and continuous validation concepts
Job Responsibility
Job Responsibility
  • Own and drive the global CTEM strategy, establishing a continuous, threat-driven exposure management lifecycle aligned with NIST, MITRE, and CISA Secure-by-Design principles
  • Lead and develop a high-performing CTEM team, fostering collaboration, technical excellence, and an outcome-driven culture
  • Integrate and oversee key exposure management technologies, including Cloud Security Posture Management (CSPM), SaaS Security Posture Management (SSPM), Attack Surface Management (ASM), Breach & Attack Simulation (BAS), and other exposure correlation platforms
  • Correlate assets, identity, vulnerability, and configuration to identify high-impact, exploitable attack paths and inform prioritized remediation strategies
  • Collaborate with Application Security, Vulnerability Management, Red Team, and Security Operations to synchronize discovery, validation, and remediation of exposures across the enterprise
  • Align CTEM outputs with real-world adversary behaviors, leveraging Red Team and Threat Intelligence input to validate attack paths and focus on exploitable conditions
  • Drive automation and AI-enabled analytics to continuously map, assess, and measure reductions in the organization’s attack surface
  • Translate technical findings into business risk language, enabling senior leadership and risk committees to make data-driven investment decisions
  • Define and lead CTEM governance and operating models, ensuring exposure assessments, validation, and remediation tracking are embedded in operational processes
  • Establish clear KRIs and maturity metrics that demonstrate continuous improvement in visibility, validation, and response effectiveness
What we offer
What we offer
  • Competitive holiday allowance
  • Life assurance
  • Private medical care
  • Pension contribution
  • Fulltime
Read More
Arrow Right

Artificial Intelligence Security Specialist EMEA

Citi, the leading global bank, has approximately 200 million customer accounts a...
Location
Location
United Kingdom , London; Belfast
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-7+ years for Assistant Vice President (C12 Mid - Senior Level)
  • 8-10+ years for Vice President (C13 Senior - Lead/Staff Level)
  • 10+ years for Senior Vice President (C14 Lead/Staff - Principal Level)
  • Depth in at least one of AI/ML engineering, offensive security, detection engineering, software engineering, or security research
  • Hands-on LLM API experience (context management, tool use, evaluation, failure modes) for AI/ML Engineering
  • Agentic systems design
  • AI safety at the infrastructure level
  • Vulnerability research, exploit development, or pen testing with real depth for Cyber Security
  • Detection engineering for novel attack patterns
  • Threat modelling (STRIDE, ATT&CK)
Job Responsibility
Job Responsibility
  • Depends on team: Offensive Security & Vulnerability Management — AI-assisted pen testing at a scale previously impossible
  • Automated exploit validation
  • Bridge the gap from 'AI found a vulnerability' to 'the application team has a PR to fix it'
  • AI & Emerging Technology Security — Define how the bank deploys AI safely
  • Security architecture and assurance for new implementations
  • Building the next generation of AI-powered tools for CISO colleagues
  • Test new models at the cutting edge of creation and influence
  • Cyber Security AI Services — Own the AI products CISO depends on in production — security assurance, cyber security operations, governance and controls, vulnerability assessment
  • Keep them reliable, evolve them fast
  • Cyber Security Operations — Detection, triage, and response for a world where adversaries use AI to find and exploit vulnerabilities faster than traditional detection can keep up
What we offer
What we offer
  • Business casual workplace
  • Hybrid working model (up to 2 days working at home per week)
  • Competitive base salary (annually reviewed)
  • 27 days annual leave (plus bank holidays)
  • Discretional annual performance related bonus
  • Private Medical Care & Life Insurance
  • Employee Assistance Program
  • Pension Plan
  • Paid Parental Leave
  • Special discounts for employees, family, and friends
  • Fulltime
Read More
Arrow Right