This list contains only the countries for which job offers have been published in the selected language (e.g., in the French version, only job offers written in French are displayed, and in the English version, only those in English).
The Specialist, Cyber Threat Intelligence is responsible for proactively identifying, analyzing, and disrupting cyber threats targeting the organization. This role blends strategic and tactical threat intelligence with hands-on threat hunting, enabling early detection of advanced adversaries, emerging attack techniques, and targeted campaigns.
Job Responsibility
Collect, analyze, validate, and contextualize cyber threat intelligence from multiple sources including OSINT, dark web forums, commercial feeds, ISACs, industry partners, and internal telemetry to identify emerging threats, adversary TTPs, and sector-specific risks
Drive and continuously mature the strategy, governance, and operational execution of the Cyber Threat Intelligence (CTI) program, establishing a formal intelligence lifecycle that ensures actionable intelligence is effectively collected, enriched, analyzed, disseminated, and operationalized within security functions
Track, profile, and conduct deep analysis of threat actors targeting the organization’s industry, technology stack, and supply chain, including long-term campaign tracking, infrastructure reuse, malware evolution, and adversary behavior patterns
Conduct intelligence-led and hypothesis-driven threat hunting across enterprise systems to identify stealthy, advanced, or previously undetected adversary activity
Support and participate in incident response, forensic analysis, and post-incident investigations, providing adversary attribution assessments, likely next-step analysis, and intelligence-based scope expansion
Serve as a bridge between fraud prevention, SOC, and intelligence teams to ensure comprehensive coverage of threats. Facilitate information sharing and collaboration to strengthen the organization’s overall security posture
Create detailed technical reports, threat advisories, and early warning alerts on emerging threats and incidents for technical and non-technical stakeholders
Requirements
A relevant University degree/technical certification, and/or relevant experience commensurate to the role
5+ years of hands-on professional experience in Cyber Threat Intelligence and Threat Hunting within large enterprise or critical infrastructure environments
Deep, applied understanding of adversary tradecraft, including intrusion kill chains, MITRE ATT&CK, Diamond Model, malware families, exploitation techniques, persistence mechanisms, and threats targeting aviation and critical infrastructure sectors
Demonstrated experience conducting intelligence-led and hypothesis-driven threat hunts
Strong hands-on experience with threat intelligence platforms (TIPs), including IOC ingestion, enrichment, scoring, aging, and operational deployment
Proven ability to perform malware and campaign analysis, correlating samples, infrastructure, C2 patterns, payload behavior, delivery mechanisms, and underground chatter into cohesive adversary assessments
Experience with dark web monitoring, closed forums, leak sites
Advanced log analysis and data correlation skills to identify low-signal, stealthy, or novel adversary activity
Hands-on experience developing automation pipelines, scripts, or tooling (Python, PowerShell, APIs, SOAR, etc.) to support intelligence collection, normalization, enrichment, and dissemination
Experience with query languages and analytics (KQL, SPL, SQL, etc.) to support threat hunting, detections, and investigations
Experience building custom intelligence and threat dashboards (Splunk, Kibana, Grafana, Power BI) to track adversary campaigns, infrastructure, trends, and risk indicators
Ability to translate raw intelligence into actionable detections
Proven capability to work independently on complex investigations, prioritize competing intelligence requirements
Relevant security certifications preferred (e.g., GCTI, GIAC), or equivalent demonstrated expertise through operational experience
Adaptability and Flexibility
Accountability and Credibility
Customer Orientation
Results Orientation
Forward Thinking
Fostering Teamwork
Analytical Thinking
Interpersonal Effectiveness
Demonstrate punctuality and dependability
Nice to have
Relevant security certifications preferred (e.g., GCTI, GIAC), or equivalent demonstrated expertise through operational experience
Based on equal qualifications, preference will be given to bilingual candidates