Cyber Threat Intelligence (CTI) Analyst

Level: Senior / Expert

We are seeking a highly skilled Cyber Threat Intelligence (CTI) Analyst based in Greece to join our Threat Intelligence team.
The ideal candidate is technically strong, analytically rigorous, and deeply familiar with adversary tradecraft. This role goes beyond monitoring feeds. You will analyze adversary behavior, correlate multi-source intelligence, map activity to MITRE ATT&CK, and produce actionable intelligence that drives detection engineering, incident response, and strategic security decisions. You will operate at the intersection of intelligence analysis, detection engineering, and adversary emulation.

Responsibilities

• Strategic & Tactical Intelligence
• Analyze threat actor activity, campaigns, malware families, and TTP evolution.
• Produce actionable intelligence reports for SOC, IR, and leadership.
• Conduct threat landscape assessments and sector-specific risk analysis.
• Track and profile APT groups, financially motivated actors, and emerging threats.

• Technical Analysis
• Extract and correlate IOCs (domains, IPs, hashes, infrastructure patterns).
• Map adversary techniques to MITRE ATT&CK.
• Analyze malware behavior reports and sandbox outputs.
• Review PCAPs, logs, and telemetry to identify patterns and anomalies.
• Support detection rule development (Sigma, YARA, Splunk, EDR queries).

• Intelligence Engineering & Automation
• Work with STIX/TAXII feeds and threat intelligence platforms.
• Assist in automation of ingestion, normalization, and correlation pipelines.
• Contribute to intelligence scoring models (risk scoring, actor confidence, exploit maturity).
• Validate intelligence through internal telemetry and honeypot data (if applicable).

• Cross-Team Collaboration
• Support SOC during active investigations.
• Provide adversary insights during incident response.
• Contribute to purple-team exercises and threat emulation scenarios.
• Present findings to technical and executive stakeholders.

Required Technical Skills

• Strong understanding of:
• Adversary TTPs
• Kill Chain & MITRE ATT&CK framework
• IOC lifecycle & enrichment techniques
• Experience with:
• Threat Intelligence Platforms (TIPs)
• Malware analysis reports
• Log analysis (Splunk, ELK, etc.)
• OSINT collection techniques
• Knowledge of:
• STIX/TAXII
• YARA / Sigma rule creation
• Network protocols & traffic analysis
• Windows & Linux security telemetry
• Scripting capability (Python preferred) for data processing and automation.

Preferred / Advanced Qualifications

• Experience tracking specific threat actors (APT28, Lazarus, FIN7, etc.)
• Familiarity with exploit development trends and CVE weaponization timelines
• Experience with honeypots and telemetry-driven intelligence
• Understanding of ransomware ecosystems & initial access brokers
• Knowledge of ML-assisted threat detection (bonus)

Analytical & Soft Skills

• Strong hypothesis-driven analytical thinking
• Ability to differentiate noise from signal
• Clear technical writing skills
• Ability to brief senior leadership concisely
• Operational security awareness

Nice to Have Certifications

• GIAC (GCTI, GCIA, GCED)
• OSCP / OSCE
• CISSP
• SANS CTI-related certifications

Benefits

• Highly competitive salary reviewed upwards on a regular basis.
• Working from home: Hit your goals from the comfort of your home because we value performance, not the place.
• Participation in state-of-the-art project and tech challenges and participation in large-scale projects.
• Personal and professional development, amongst industry experts and talented people.
• Continuous learning, having access to board resources.
• Onboarding plan and training so that you have a smooth induction and feel confident and ready to take over your new role.
• Equipment support so you have all the tools to do effectively and efficiently your work.
• No dress code as we want you to be as comfortable as possible.

At AI2CYBER, we are a cybersecurity firm dedicated to providing cutting-edge solutions to protect businesses and individuals from evolving cyber threats. Our mission is to empower organisations to navigate the complex cybersecurity landscape with confidence. We believe that by combining robust security solutions, continuous improvement, and a proactive mindset, we can help our clients stay one step ahead of cyber attackers. We are committed to building a safer digital world and are passionate about making a positive impact in the industry.

This is a full-time position with competitive salary and benefits. If you have a passion for cyber threat intelligence and are looking for an exciting opportunity to work with cutting-edge technology, we would love to hear from you!

Note: All applications will be treated with strict confidentiality.

To apply, please send us your CV at careers@ai2cyber.com

Requirements

This position in available onlyfor Greek residents.

Originally posted on Himalayas