RemoteLeaf Logo
Log in Sign up

Cyber Threat Intelligence (CTI) Analyst

3 weeks ago
Greece
Full-time
Senior
Security Analyst
Cybersecurity
Machine Learning Python SIEM Splunk
Apply Now
AI2CYBER

AI2CYBER

AI2CYBER is a leading cybersecurity company that leverages AI technology to provide dynamic threat mitigation solutions. With a deep understanding of the constantly evolving security landscape, we proactively stay ahead of emerging challenges and equip...

Internet Software & Services
Founded 2014
View All Jobs 6

Description

  • Analyze threat actor activity, campaigns, malware families, and evolving adversary TTPs.
  • Produce actionable intelligence reports for SOC teams, incident response, and leadership.
  • Conduct threat landscape assessments and sector-specific risk analysis.
  • Track and profile APT groups, financially motivated actors, and emerging threats.
  • Extract, correlate, and enrich IOCs such as domains, IPs, hashes, and infrastructure patterns.
  • Map adversary techniques to MITRE ATT&CK and analyze malware behavior, sandbox outputs, PCAPs, logs, and telemetry.
  • Support detection rule development using Sigma, YARA, Splunk, and EDR queries.
  • Work with STIX/TAXII feeds and threat intelligence platforms to support ingestion, normalization, and correlation.
  • Contribute to intelligence scoring models and validate intelligence with internal telemetry and honeypot data.
  • Support SOC investigations, incident response, purple-team exercises, and present findings to technical and executive stakeholders.

Requirements

  • This position is available only for Greek residents.
  • Strong understanding of adversary TTPs, the Kill Chain, MITRE ATT&CK, and IOC lifecycle/enrichment techniques.
  • Experience with threat intelligence platforms, malware analysis reports, log analysis tools such as Splunk or ELK, and OSINT collection techniques.
  • Knowledge of STIX/TAXII, YARA or Sigma rule creation, network protocols, and traffic analysis.
  • Experience with Windows and Linux security telemetry.
  • Scripting capability, with Python preferred, for data processing and automation.
  • Preferred experience tracking specific threat actors such as APT28, Lazarus, or FIN7.
  • Preferred familiarity with exploit development trends and CVE weaponization timelines.
  • Preferred experience with honeypots, telemetry-driven intelligence, ransomware ecosystems, and initial access brokers.
  • Nice-to-have certifications include GIAC GCTI, GCIA, GCED, OSCP, OSCE, CISSP, or SANS CTI-related certifications.

Benefits

  • Highly competitive salary reviewed upward on a regular basis.
  • Work from home with a performance-focused, remote-friendly setup.
  • Participation in state-of-the-art projects, tech challenges, and large-scale initiatives.
  • Personal and professional development opportunities with industry experts.
  • Continuous learning with access to board resources.
  • Structured onboarding plan and training for a smooth induction.
  • Equipment support to ensure you have the tools needed to work effectively.
  • No dress code for maximum comfort.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Moniepoint

Fraud Desk Officer

Moniepoint 1K-5K Diversified Financial Services

Moniepoint is hiring a Fraud Desk Officer to investigate, analyze, and prevent fraudulent activity across its payment and banking platforms while coordinating case resolution with internal and external stakeholders.

Nigeria Full-time Junior Security Analyst
17 hours, 27 minutes ago
UpGuard

InfoSec Governance Risk and Compliance Lead

UpGuard 51-250 Professional Services

UpGuard is seeking an InfoSec Governance, Risk, and Compliance Lead to own cybersecurity compliance, vendor risk, and security governance for its rapidly scaling cloud-based cybersecurity platform.

United States Australia Full-time Senior Security Analyst
17 hours, 42 minutes ago
Dijital Team

Security Analyst

Dijital Team 11-50 Internet Software & Services

Level 1 Security Analyst at an Australian technology services provider, supporting multiple client environments in a managed services Security Operations team focused on continuous monitoring and incident response.

Sri Lanka Full-time Junior Security Analyst
Linux SIEM Splunk
17 hours, 57 minutes ago
GR8 Tech

Middle Information Security Access Specialist

GR8 Tech 251-1K IT Services

GR8_TECH is hiring an IAM-focused IT Security specialist to scale and automate user access management for its B2B iGaming platform, with the goal of strengthening zero-trust controls and operational efficiency across core systems.

Anywhere Full-time Junior Security Analyst
Active Directory AWS Azure Bash GCP PowerShell Python
1 day, 11 hours ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers