Senior Threat Intelligence Specialist

Help AG is looking for a talented and enthusiastic individual to join as a Senior Threat Intelligence Specialist who will analyze, curate, and operationalize threat intelligence to enhance cyber defense strategies. This role focuses on integrating intelligence with security systems, providing actionable insights, and optimizing Threat Intelligence Platforms (TIPs) for maximum efficiency. The specialist will apply advanced expertise to stay ahead of evolving threats, ensuring that intelligence is effectively leveraged to improve organizational security posture. This high-impact position requires both technical acumen and strategic vision to continuously adapt to the dynamic threat landscape

Responsibilities

• Apply intelligence tradecraft techniques to gather, analyze, and disseminate actionable threat intelligence to support cybersecurity operations.
• Operate and manage Threat Intelligence Platforms (TIPs)for ingesting, enriching, and correlating threat data from multiple internal and external sources.
• Conduct detailed threat assessments to evaluate the relevance, credibility, and potential impact of threats on organizational assets and operations.
• Produce timely and well-structured threat intelligence reports for both technical and non-technical stakeholders.
• Collaborate with SOC, IR, and vulnerability management teams to operationalize threat intelligence in detecting and mitigating threats.
• Monitor open-source intelligence (OSINT), dark web, and commercial feeds to identify emerging threats and trends.
• Recommend improvements to threat intelligence workflows and data integration strategies.
• Maintain awareness of evolving threat actor TTPs (tactics, techniques, and procedures) through frameworks like MITRE ATT&CK.
• Monitor and manage threat intelligence artefacts and data hosted on one or more Threat Intelligence Platforms (TIPs).
• Tune and optimize TIPs as necessary, ensuring they remain effective for the detection and analysis of emerging threats.
• Develop and adhere to detailed processes and procedures for analyzing, escalating, and disseminating threat intelligence.
• Correlate threat intelligence using TIPs and other systems, focusing on prioritizing and increasing the relevance of the information to internal clients.
• Oversee the lifecycle of threat intelligence, ensuring it is properly categorized, stored, and updated throughout its lifespan.
• Respond promptly to inbound requests for technical assistance regarding threat intelligence-related queries or tasks.
• Address tickets and cases related to threat intelligence, incidents, and support, ensuring timely resolution within established SLAs.
• Document actions and findings clearly to communicate information effectively within the organization and to external clients.
• Review customer reports to ensure quality, accuracy, and relevance.
• Maintain a high level of awareness of both global and regional threat landscapes, including tracking threat actors, emerging tactics, techniques, and procedures (TTPs).
• Stay updated on geopolitical events and their impact on the security posture of the organization, particularly concerning critical infrastructure and national interests.
• Collaborate with other teams, including threat hunting, Global Security Operations Center (GSOC), and incident response teams, to provide timely and actionable intelligence.
• Participate in internal knowledge-sharing initiatives, including writing technical articles, guidelines, and SOPs for threat intelligence processes.
• Collect and analyze threat intelligence from a variety of sources such as OSINT (Open-Source Intelligence), threat feeds, IOCs (Indicators of Compromise), TTPs, and external advisories.
• Track and monitor relevant threat actors and geopolitical developments, using tools like the dark web and social media channels to gather intelligence.
• Proactively conduct investigations into potential threats, including analyzing incidents related to intellectual property or geopolitical events affecting the organization.
• Provide continuous updates through detailed reports and briefings for relevant stakeholders.
• Assist in creating and refining departmental manuals, guidelines, and standard operating procedures (SOPs) for incident management, security monitoring, and threat response.
  
  
  

Qualifications And Skills

• A Degree in computer science, information systems, electrical engineering or a closely related degree.
• Minimum 6-7 years of experience in Threat Intelligence.
• Strong knowledge and hands-on experience with Threat Intelligence Platforms (TIPs) such as MISP, ThreatConnect, Anomali, Recorded Future, etc.
• Familiarity with intelligence tradecraft methodologies (collection, analysis, validation, and dissemination of intelligence).
• Proficiency in conducting threat assessments and producing intelligence products tailored to different audiences (executive, technical, operational).
• Good understanding of threat actor profiling, TTPs, and frameworks such as MITRE ATT&CK, Diamond Model, and Kill Chain.
• Experience in working with or integrating feeds from OSINT, commercial, and dark web sources.
• An active, demonstrable interest in cyber security, cyber threat detection and cyber threat intelligence.
• Demonstrable experience analyzing and interpreting threat intelligence indicators, TTPs and threat actors.
• A solid understanding of IT systems and network security concepts.
• A sound knowledge of IT security best practices, common attack types and detection / prevention methods.
• Demonstrable experience of analyzing and interpreting system, security and application logs.
• Knowledge of the type of events that both Firewalls, IDS/IPS and other security related devices produce.
• TCP/IP knowledge, networking and security product experience.
• Possible attack activities, such as scans, man in the middle, sniffing, DoS, DDoS, etc. and possible abnormal activities, such as worms, Trojans, viruses, etc.
• Industry certifications such as GIAC Cyber Threat Intelligence (GCTI), CEH, CISSP, or Security+ are preferred.
• Exclusive focus and vast experience in IT.
• Strong analytical and problem-solving skills.
• A motivated, self-managed, individual who can demonstrate above average analytical skills and work professionally with peers and customers even under pressure.
• Strong written and verbal skills.
• Strong interpersonal skills with the ability to collaborate well with others
  
  
  

Benefits

• Health insurance with one of the leading global providers for medical insurance.
• Career progression and growth through challenging projects and work.
• Employee engagement and wellness campaigns activities throughout the year.
• Excellent learning and development opportunities.
• Inclusive and diverse working environment.
• Flexible/Hybrid working environment.
• Annual flight to home country.
• Open door policy.
  
  
  

About Us

Help AG is the cybersecurity arm of e& enterprise (formerly Etisalat Digital) and provides leading enterprise businesses across the Middle East with strategic consultancy combined with tailored information security solutions and services that address their diverse requirements, enabling them to evolve securely with a competitive edge.

Present in the Middle East since 2004, Help AG was strategically acquired by e& (formerly Etisalat Group) in 2020, hence creating a cybersecurity and digital transformation powerhouse in the region.

Help AG has firmly established itself as the region's trusted IT security advisor by remaining vendor-agnostic, trustworthy, independent, and maintaining its focus on all aspects of cybersecurity.

With best of breed technologies from industry-leading vendor partners, expertly qualified service delivery teams and a state-of-the-art consulting practice, Help AG delivers unmatched value to its customers by strengthening their cyber defenses and safeguarding their business.