Informacje o stanowisku

This role is responsible for driving intelligence-led cybersecurity operations by owning the full intelligence lifecycle — from structured data collection and enrichment to advanced analytical assessment and strategic intelligence sharing. The position plays a key role in strengthening the organization’s detection, prevention, and response capabilities through actionable, context-rich threat insights.

• Minimum 4–6 years of experience in Cyber Threat Intelligence, Threat Hunting, or advanced Security Operations roles.
• Proven experience managing and optimizing the full Cyber Threat Intelligence lifecycle (collection, enrichment, analysis, dissemination).
• Hands-on experience aggregating and correlating threat data from OSINT and commercial platforms such as VirusTotal, URLScan.io, GreyNoise, DomainTools, Shodan or similar.
• Strong analytical skills in transforming raw indicators (IOCs) into actionable, context-rich intelligence.
• Practical experience in threat hunting across endpoint, identity, cloud, and network telemetry.
• Solid understanding of adversary tactics, techniques, and procedures (TTPs) aligned with the MITRE ATT&CK framework.
• Experience tracking and attributing threat actors, campaigns, and emerging attack patterns.
• Hands-on experience in malware analysis (behavioral analysis, clustering malicious artifacts, detection improvement).
• Ability to translate intelligence findings into detection rules, security use cases, and operational recommendations.
• Experience supporting incident response and collaborating with advanced SOC / Tier 3 teams.
• Understanding of vulnerability management processes and risk-based prioritization.
• Ability to produce high-quality technical documentation and executive-level intelligence reports.
• Strong communication skills with the ability to present complex technical findings to both technical and non-technical stakeholders.
• High level of autonomy, analytical judgment, and structured problem-solving skills.
• Professional English proficiency (spoken and written).

This role is responsible for driving intelligence-led cybersecurity operations by owning the full intelligence lifecycle — from structured data collection and enrichment to advanced analytical assessment and strategic intelligence sharing. The position plays a key role in strengthening the organization’s detection, prevention, and response capabilities through actionable, context-rich threat insights.

,[Lead and continuously optimize the Cyber Threat Intelligence lifecycle, ensuring high-quality intelligence production and effective dissemination to relevant stakeholders., Aggregate, validate, and correlate threat data from multiple open-source and commercial intelligence platforms, including VirusTotal, URLScan.io, GreyNoise, DomainTools, and Shodan, transforming raw indicators into meaningful intelligence., Formulate and test threat hunting hypotheses by analyzing telemetry across endpoints, identity systems, cloud environments, and network infrastructure., Monitor, attribute, and track threat actors and campaigns, identifying patterns, operational behaviors, and emerging adversary techniques., Assess adversarial tactics and techniques in alignment with the MITRE ATT&CK framework and current global threat activity., Conduct malware investigations to identify behavioral traits, cluster malicious artifacts, and enhance detection capabilities through enriched intelligence., Collaborate closely with Tier 3 Analysts to support advanced threat hunting and incident response engagements., Provide intelligence-driven input to the Vulnerability Management function to support risk-based prioritization and remediation strategies., Translate intelligence findings into actionable detection rules, security use cases, and strategic recommendations., Produce high-quality technical documentation, executive-ready summaries, and post-incident analytical reports., Operate autonomously with strong analytical judgment while maintaining effective cross-team collaboration within Security., Communicate complex technical intelligence clearly to both technical teams and business stakeholders, ensuring shared situational awareness and informed decision-making. Requirements: Cyber Threat Intelligence, Threat Hunting, Security Operations roles, OSINT, VirusTotal, URLScan.io, GreyNoise, DomainTools, Shodan, IOCs, TTPs, MITRE ATT&CK Framework, Problem-Solving, Communication skills Tools: Agile, Scrum.

Praca Warszawa

Warszawa - Oferty pracy w okolicznych lokalizacjach