Browse
···
Log in / Register
Job Summary: Coordinator of the Threat Intelligence department, investigating and managing cyber threats, and developing defense strategies. Key Responsibilities: 1. Leads Threat Intelligence and Cyber Fraud teams. 2. Analyzes and manages threats, TTPs, and conducts digital forensic analysis. 3. Defines threat identification and management models, as well as IOC blocking mechanisms. Cybersecurity Intelligence Lead Cybersecurity Intelligence Lead What We Require? **Education:** Bachelor’s or Master’s degree in Computer Science, Telecommunications, or related fields **Knowledge and/or Experience:** Experience leading Threat Intelligence, Digital Surveillance, and Cyber Fraud teams. Knowledge of cloud infrastructures and TTPs used by threat actors to compromise such architectures. Minimum 10 years’ experience in threat identification, modeling, and management. Analytical and investigative capabilities, as well as incident response skills. Experience in malware analysis, TTP identification, and IOC extraction. Experience producing technical and executive reports. Experience defining Threat Identification and Management models. Digital forensic analysis of clients affected by digital fraud. Experience designing and implementing automated IOC management and blocking systems. Knowledge of latest technological threats and fraud trends in the banking sector, including identification of relevant threat groups and APTs. Advanced knowledge of MITRE ATT&CK and MITRE D3FEND. OSINT research for actor and threat identification. Information collection and infiltration to understand adversary TTPs. Knowledge and experience deploying, sizing, and managing TIP architectures (MISP, Minemeld, Maltiverse, SocRadar, etc.). Experience with Hunting on XDR and/or SIEM platforms (Splunk, QRadar, XSIAM, Cortex XDR, ElasticSearch, etc.). Knowledge and experience in sizing, deploying, and managing BAS architectures (Mandiant, Cymulate, etc.) and rule creation. Knowledge of Vulnerability Management platforms (Qualys, Nessus, etc.). Intermediate/advanced knowledge of process automation. Intermediate/advanced knowledge of Python development. Experience building and executing YARA rules. Intermediate knowledge of operating systems and virtualization, containerization, and/or orchestration platforms (Linux, Windows, Docker, Kubernetes, OpenShift, etc.). Intermediate/advanced English proficiency. Knowledge of network protocols and technologies. LLM and AI knowledge is desirable. Experience in environments subject to financial sector regulations (DORA, SWIFT, PCI, etc.) is desirable. **Competencies:** Security certifications (CEH, CTIA, SANS, FOR578\...) Strong teamwork capability is mandatory. Critical thinking with high observational and analytical capacity. Strong written and verbal communication skills. Good planning ability, with strong goal- and process-orientation. Quality- and detail-oriented attitude and approach. What Will You Do? Coordinate the department and its members Escalate Threat Intelligence information to senior management and disseminate it to other involved and/or interested departments (Fraud, Asset Protection, Cyber Networks, etc.). Define measurable objectives and KPIs for the department. Develop threat and actor research lines, as well as potential trends. Coordinate Hunting activities across the organization’s platforms. Investigate threats, IoCs, and TTPs Analyze indicators and techniques used by malicious actors to support threat hunting, signature development, and the TIP platform. Maintain the organization’s current Threat Identification and Management model. Maintain the organization’s automated IOC blocking system. Manage integration projects of security platforms related to Threat Intelligence, Digital Surveillance, and/or Fraud. Support cybersecurity assessments Perform technical analyses and issue recommendations for various organizational levels. Participate in incident response Evaluate and improve technical intelligence Review and optimize technical data to maximize its utility in cyber defense. Cybersecurity, MITRE, MISP, Minemeld, Maltiverse,
