O pozici
We are looking for a highly motivated and technically skilled Threat Intelligence Engineer to join our Cyber Security team. The ideal candidate will combine strong analytical capabilities with hands-on engineering and automation skills to proactively identify, analyze, operationalize, and communicate cyber threats relevant to the organization.
This role focuses on transforming threat intelligence into actionable security outcomes by leveraging Threat Intelligence Platforms (TIPs), automation, adversary tracking, and close collaboration with SOC, Incident Response, Detection Engineering, and Security Operations teams.
The successful candidate will help mature the company’s Cyber Threat Intelligence (CTI) capabilities, improve visibility into emerging threats, and automate intelligence collection, enrichment, and distribution workflows.
Co budeš dělat
- Monitor and analyze the global threat landscape to identify threats relevant to the company, industry, assets, and business operations.
- Track emerging threat actors, malware campaigns, vulnerabilities, ransomware groups, phishing activity, and attacker TTPs.
- Collect, enrich, correlate, and operationalize Indicators of Compromise (IOCs) and threat intelligence from internal and external sources.
- Operate and maintain Threat Intelligence Platforms, including MISP and related integrations.
- Develop automated workflows for threat ingestion, enrichment, deduplication, scoring, and distribution.
- Integrate threat intelligence into SIEM, SOAR, EDR/XDR , ticketing systems, and detection pipelines through APIs and automation.
- Produce tactical, operational, and strategic intelligence reports for technical and non-technical stakeholders.
- Support Incident Response, Threat Hunting, Detection Engineering, and Purple Team activities with actionable intelligence.
- Conduct malware, infrastructure, and campaign analysis to identify attacker patterns and risks.
- Evaluate new intelligence sources, tools, and technologies to continuously improve CTI capabilities.
- Build dashboards, metrics, and reporting capabilities to measure intelligence effectiveness and threat trends.
Koho hledáme
- 3+ years of experience in Cyber Threat Intelligence, SOC, Detection Engineering, Incident Response, or similar cybersecurity roles.
- Hands-on experience with Threat Intelligence Platforms such as MISP, OpenCTI, ThreatConnect, or equivalent.
- Strong understanding of Cyber Threat Intelligence concepts, IOC lifecycle management, and intelligence-driven defense.
- Experience analyzing threat actors, malware, phishing campaigns, vulnerabilities, and adversary TTPs.
- Practical knowledge of MITRE ATT&CK f ramework.
- Experience with SIEM technologies such as Splunk, Microsoft Sentinel, Elastic, QRadar, or similar.
- Basic to intermediate scripting and automation skills using Python, Bash , or similar languages.
- Familiarity with STIX/TAXII and intelligence-sharing methodologies.
- Understanding of networking, operating systems, cloud environments, and modern attack techniques.
- Ability to communicate technical findings clearly to both technical and business audiences.
- Strong analytical mindset with attention to detail and prioritization skills.
Benefity
- Work on the development of large-scale services, serving and storing petabytes of data.
- Work with cutting-edge, modern technologies.
- A great work-life balance.
- Flexible working hours.
- Competitive salary plus bonus.
- Fantastic & talented people from 60+ countries worldwide.
