Senior- / Mid-level Cyber Threat Intelligence Analyst

At WithSecure™, we protect businesses all over the world. Our SaaS solutions safeguard against modern cyber threats, and our innovative Co-security approach reflects our belief that true protection requires collaboration and shared expertise. No one can solve every cyber security problem alone. Our vision is to become Europe’s flagship in cyber security. Every day, our talented teams work to prevent cyber extortion, secure critical infrastructure, and prevent misuse of sensitive data. At WithSecure, it’s our people who make us exceptional – a diverse community that values passion, purpose, and a commitment to workplace well-being. If you’re ready to make an impact with a company that’s transforming cybersecurity, we’d love to hear from you.

About The Role

We are seeking a Cyber Threat Intelligence Analyst to capture and explain the evolution of the cyber threat landscape for our customers and the wider market. Your primary focus will be strategic and thematic intelligence: bringing together complex threat signals and research, then turning them into clear, well-reasoned insights that inform leadership decisions and help customers set the right priorities. You will also produce research-backed, publishable analysis and communicate it effectively to both internal and external audiences.

You will work closely with incident response, threat hunting, MDR/SOC, and product development teams to ensure your work reflects real-world observations. This is not a monitoring or feed-processing role. It is a forward-looking role focused on providing decision advantage, guiding priorities, and producing intelligence that has meaningful impact.

What You’ll Do

• Track the threat landscape end‑to‑end. Continuously monitor global and regional threat activity, emerging vulnerabilities and TTPs, and attacker tradecraft to identify what matters most to our business and customers.
• Research and profile adversaries and campaigns. Identify, track, and assess sophisticated threat actors by analyzing their capabilities, infrastructure, objectives, and TTPs.
• Produce strategic & thematic intelligence. Create recurring and ad‑hoc intelligence products such as threat landscape updates, thematic deep dives, actor profiles, ransomware/ecosystem reports, and risk assessments.
• Translate signals into decisions. Correlate OSINT, partner/vendor feeds, telemetry, and technical artifacts (e.g., malware, IOCs) to generate actionable insights and concrete recommendations.
• Brief and present. Prepare and deliver written reports, slide decks, and presentations for technical teams, leadership, customers, and partners; comfortably adapt narrative and depth to the audience.
• Collaborate with industry, LEA and other institutions. Engage with industry partners, participate in collaborative efforts to disrupt threat actor activities, represent WithSecure in trusted forums and events.
• Improve CTI practice. Contribute to collection plans and PIRs, strengthen analytic workflows and knowledge bases, and (at senior level) mentor other analysts.
  
  

What You Bring

Required (mid‑level)

• 3–6 years of experience in CTI, SOC/MDR, incident response, threat hunting, malware analysis, or a closely related security role.
• Proven ability to analyze attacker behavior using structured frameworks (MITRE ATT&CK, Kill Chain, Diamond Model) and to assess impact and risk.
• Strong intelligence writing skills: you can turn complex technical findings into clear, well‑structured reports.
• Confident presenter and communicator, comfortable briefing mixed technical and non‑technical audiences.
• Familiarity with common CTI toolchains and methods: TIPs, SIEM/EDR data, OSINT collection, indicator handling (STIX/TAXII), and basic automation.
• Strong proficiency in AI technologies and tools.
• Proven experience in applying AI solutions to solve real-world business or technical challenges.
• Ability to collaborate with cross-functional teams to implement AI-driven initiatives.
• Strong problem-solving skills, analytical thinking, and continuous learning mindset to keep up with evolving AI technologies.
  
  

Additional For Senior Level

• 6+ years of relevant experience, including ownership of strategic/thematic intel programs and stakeholder engagement.
• Demonstrated ability to set intelligence priorities (PIRs), drive narratives, and influence security or product decisions.
• Experience representing CTI externally — customer briefings, webinars, industry sharing groups, or conference speaking.
  
  

Nice to have

• Deep experience in one or more areas: ransomware, financially‑motivated threat groups, cyber‑espionage/APT activity, cloud or identity threats, supply‑chain attacks.
• Scripting/data skills (Python, KQL/SPL, basic graph or link analysis) to scale research and reporting.
• Relevant certifications such as GCTI, GCIA, CISSP, or similar.