Cybersecurity Intelligence Lead, Hybrid

Description

Cybersecurity Intelligence Lead Cybersecurity Intelligence Lead What do we need? **Education:** Bachelor’s or Master’s degree in Computer Science, Telecommunications, or related fields **Knowledge and/or experience:** Experience leading Threat Intelligence, Digital Surveillance, and Cyber Fraud teams. Knowledge of cloud infrastructures and TTPs used by threat actors to compromise such architectures. At least 10 years’ experience in threat identification, modeling, and management. Analytical and research capabilities, as well as incident response skills. Experience in malware analysis, TTP identification, and IOC extraction. Experience producing technical and executive reports. Experience defining Threat Identification and Management frameworks. Digital forensic analysis of clients affected by digital fraud. Experience designing and implementing automated IOC management and blocking systems. Knowledge of the latest technological threats and fraud trends in the banking sector, including identification of relevant threat groups and APTs. Advanced knowledge of MITRE ATT&CK and MITRE D3FEND. OSINT research for identifying threat actors and threats. Intelligence collection and adversary infiltration to understand adversary TTPs. Knowledge and experience deploying, sizing, and managing TIP architectures (MISP, Minemeld, Maltiverse, SocRadar...). Experience with Hunting on XDR and/or SIEM platforms (Splunk, QRadar, XSIAM, Cortex XDR, ElasticSearch...). Knowledge and experience sizing, deploying, and managing BAS architectures (Mandiant, Cymulate...) and rule creation. Knowledge of Vulnerability Management platforms (Qualys, Nessus...) Intermediate/advanced knowledge of process automation. Intermediate/advanced knowledge of Python development. Experience building and executing YARA rules. Intermediate knowledge of operating systems and virtualization, containerization, and/or orchestration platforms (Linux, Windows, Docker, Kubernetes, Openshift...). Intermediate/advanced English proficiency. Knowledge of network protocols and technologies. Desirable knowledge of LLM and AI models. Desirable experience in environments subject to financial system regulations (DORA, SWIFT, PCI...) **Competencies:** Security certifications (CEH, CTIA, SANS, FOR578\...) Teamwork capability is mandatory. Critical thinking with strong observational and analytical skills. Strong written and verbal communication skills. Good planning ability and orientation toward both objectives and processes. Attitude and orientation toward quality and attention to detail. What will your responsibilities be? Coordinate the department and its members Report Threat Intelligence information to senior management and disseminate it across other involved and/or interested departments (Fraud, Asset Protection, Cyber Networks...). Define measurable departmental goals and KPIs. Develop threat and actor research lines and potential trends. Coordinate Hunting activities across the organization’s platforms. Investigate threats, IoCs, and TTPs Analyze indicators and techniques used by malicious actors to support threat hunting, signature development, and the TIP platform. Maintain the organization’s current Threat Identification and Management framework. Maintain the organization’s automated IOC blocking system. Manage integration projects for security platforms focused on Threat Intelligence, Digital Surveillance, and/or Fraud. Support cybersecurity assessments Conduct technical analyses and issue recommendations for various organizational levels. Participate in incident response Evaluate and improve technical intelligence Review and optimize technical data to maximize its utility in cyber defense. Cybersecurity, MITRE, MISP, Minemeld, Maltiverse,