Cyber Threat Intelligence Analyst

🕒 May 6

Apply Now
Find Similar Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Logo of AI2CYBER

AI2CYBER

11 - 50 employees

Founded 2023

🔒 Cybersecurity

🤖 Artificial Intelligence

Cybersecurity • Artificial Intelligence • Technology

AI2CYBER is an innovative technology startup specializing in AI-driven cybersecurity solutions. The company focuses on developing advanced tools for dynamic threat mitigation, leveraging artificial intelligence to enhance threat detection and response capabilities. With a commitment to staying ahead of evolving cyber threats, AI2CYBER equips organizations with continuous threat monitoring and proactive defense strategies, ensuring comprehensive protection for their digital assets and privacy.

📋 Description

• Analyze threat actor activity, campaigns, malware families, and TTP evolution. • Produce actionable intelligence reports for SOC, IR, and leadership. • Conduct threat landscape assessments and sector-specific risk analysis. • Track and profile APT groups, financially motivated actors, and emerging threats. • Extract and correlate IOCs (domains, IPs, hashes, infrastructure patterns). • Map adversary techniques to MITRE ATT&CK. • Analyze malware behavior reports and sandbox outputs. • Review PCAPs, logs, and telemetry to identify patterns and anomalies. • Support detection rule development (Sigma, YARA, Splunk, EDR queries). • Work with STIX/TAXII feeds and threat intelligence platforms. • Assist in automation of ingestion, normalization, and correlation pipelines. • Contribute to intelligence scoring models (risk scoring, actor confidence, exploit maturity). • Validate intelligence through internal telemetry and honeypot data (if applicable). • Support SOC during active investigations. • Provide adversary insights during incident response. • Contribute to purple-team exercises and threat emulation scenarios. • Present findings to technical and executive stakeholders.

🎯 Requirements

• This position in available only for Greek residents. • Strong understanding of adversary TTPs. • Kill Chain & MITRE ATT&CK framework. • IOC lifecycle & enrichment techniques. • Experience with Threat Intelligence Platforms (TIPs). • Malware analysis reports. • Log analysis (Splunk, ELK, etc.). • OSINT collection techniques. • Knowledge of STIX/TAXII. • YARA / Sigma rule creation. • Network protocols & traffic analysis. • Windows & Linux security telemetry. • Scripting capability (Python preferred) for data processing and automation. • Experience tracking specific threat actors (APT28, Lazarus, FIN7, etc.). • Familiarity with exploit development trends and CVE weaponization timelines. • Experience with honeypots and telemetry-driven intelligence. • Understanding of ransomware ecosystems & initial access brokers. • Knowledge of ML-assisted threat detection (bonus). • Strong hypothesis-driven analytical thinking. • Ability to differentiate noise from signal. • Clear technical writing skills. • Ability to brief senior leadership concisely. • Operational security awareness. • Nice to Have Certifications: GIAC (GCTI, GCIA, GCED), OSCP / OSCE, CISSP, SANS CTI-related certifications.

🏖️ Benefits

• Highly competitive salary reviewed upwards on a regular basis. • Working from home: Hit your goals from the comfort of your home because we value performance, not the place. • Participation in state-of-the-art project and tech challenges and participation in large-scale projects. • Personal and professional development, amongst industry experts and talented people. • Continuous learning, having access to board resources. • Onboarding plan and training so that you have a smooth induction and feel confident and ready to take over your new role. • Equipment support so you have all the tools to do effectively and efficiently your work. • No dress code as we want you to be as comfortable as possible.

Apply Now