Threat Intelligence Analyst

We are looking for a Threat Intelligence Analyst to join our cybersecurity team and strengthen the company’s proactive defense capabilities.

This role combines cyber threat intelligence, proactive investigations, and risk-oriented analysis. We are looking for a specialist who can identify emerging threats, analyze attacker behavior and TTPs, assess their relevance to the business environment, and help improve the organization’s detection and response capabilities.

You will work closely with SOC, IT, and Risk Management teams to transform threat intelligence into actionable security insights and recommendations.
 

Responsibilities

• Collect, analyze, enrich, and contextualize cyber threat intelligence from multiple sources, including OSINT, CERTs, vendors, and industry feeds
• Monitor emerging threats, attacker activity, vulnerabilities, and adversary TTPs relevant to the organization
• Conduct proactive threat hunting activities across SIEM, EDR/XDR, cloud environments, and other telemetry sources
• Develop and validate hypotheses based on threat intelligence and behavioral patterns
• Support investigations related to incidents, suspicious activity, and threat intelligence findings
• Identify gaps in detection and response capabilities and provide recommendations for improvement
• Assess potential business impact and risk associated with identified threats
• Prepare analytical reports, threat assessments, and actionable recommendations for technical and non-technical stakeholders
• Collaborate with SOC and IT teams to improve detection logic, monitoring, and security processes
   

Requirements

• 2+ years of experience in Threat Intelligence, Threat Hunting, SOC L2/L3, DFIR, or Incident Response
• Strong understanding of MITRE ATT&CK framework
• Hands-on experience with SIEM platforms (Microsoft Sentinel, Splunk, QRadar, etc.)
• Experience working with EDR/XDR solutions
• Understanding of cyber threat intelligence processes and proactive threat hunting methodologies
• Strong analytical and investigative skills
• Ability to work with incomplete or ambiguous information
• Understanding of security risks and attack vectors
• Strong communication skills and ability to explain technical findings clearly
   

Nice to have

• Experience with Purple Team activities
• Understanding of cloud security (Azure / AWS / GCP)
• Experience with KQL, Python, Sigma, or detection engineering
• Experience with threat modeling or risk management processes
• Familiarity with automation and detection-as-code approaches