Cyber Threat Intelligence (CTI) Analyst at AI2CYBER

Athens, Attica, Greece -

Full Time

Start Date

Immediate

Expiry Date

23 May, 26

Salary

0.0

Posted On

22 Feb, 26

Experience

10 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Threat Actor Activity Analysis, MITRE ATT&CK, IOC Extraction, Malware Analysis, Detection Engineering, Sigma Rule Creation, YARA Rule Creation, Splunk, EDR Queries, STIX/TAXII, Python Scripting, Log Analysis, OSINT, Network Traffic Analysis, Threat Intelligence Platforms, Adversary Emulation

Industry

technology;Information and Internet

Description

Level: Senior / Expert We are seeking a highly skilled Cyber Threat Intelligence (CTI) Analyst based in Greece to join our Threat Intelligence team. The ideal candidate is technically strong, analytically rigorous, and deeply familiar with adversary tradecraft. This role goes beyond monitoring feeds. You will analyze adversary behavior, correlate multi-source intelligence, map activity to MITRE ATT&CK, and produce actionable intelligence that drives detection engineering, incident response, and strategic security decisions. You will operate at the intersection of intelligence analysis, detection engineering, and adversary emulation. Responsibilities Strategic & Tactical Intelligence Analyze threat actor activity, campaigns, malware families, and TTP evolution. Produce actionable intelligence reports for SOC, IR, and leadership. Conduct threat landscape assessments and sector-specific risk analysis. Track and profile APT groups, financially motivated actors, and emerging threats. Technical Analysis Extract and correlate IOCs (domains, IPs, hashes, infrastructure patterns). Map adversary techniques to MITRE ATT&CK. Analyze malware behavior reports and sandbox outputs. Review PCAPs, logs, and telemetry to identify patterns and anomalies. Support detection rule development (Sigma, YARA, Splunk, EDR queries). Intelligence Engineering & Automation Work with STIX/TAXII feeds and threat intelligence platforms. Assist in automation of ingestion, normalization, and correlation pipelines. Contribute to intelligence scoring models (risk scoring, actor confidence, exploit maturity). Validate intelligence through internal telemetry and honeypot data (if applicable). Cross-Team Collaboration Support SOC during active investigations. Provide adversary insights during incident response. Contribute to purple-team exercises and threat emulation scenarios. Present findings to technical and executive stakeholders. Required Technical Skills Strong understanding of: Adversary TTPs Kill Chain & MITRE ATT&CK framework IOC lifecycle & enrichment techniques Experience with: Threat Intelligence Platforms (TIPs) Malware analysis reports Log analysis (Splunk, ELK, etc.) OSINT collection techniques Knowledge of: STIX/TAXII YARA / Sigma rule creation Network protocols & traffic analysis Windows & Linux security telemetry Scripting capability (Python preferred) for data processing and automation. Preferred / Advanced Qualifications Experience tracking specific threat actors (APT28, Lazarus, FIN7, etc.) Familiarity with exploit development trends and CVE weaponization timelines Experience with honeypots and telemetry-driven intelligence Understanding of ransomware ecosystems & initial access brokers Knowledge of ML-assisted threat detection (bonus) Analytical & Soft Skills Strong hypothesis-driven analytical thinking Ability to differentiate noise from signal Clear technical writing skills Ability to brief senior leadership concisely Operational security awareness Nice to Have Certifications GIAC (GCTI, GCIA, GCED) OSCP / OSCE CISSP SANS CTI-related certifications Benefits Highly competitive salary reviewed upwards on a regular basis. Working from home: Hit your goals from the comfort of your home because we value performance, not the place. Participation in state-of-the-art project and tech challenges and participation in large-scale projects. Personal and professional development, amongst industry experts and talented people. Continuous learning, having access to board resources. Onboarding plan and training so that you have a smooth induction and feel confident and ready to take over your new role. Equipment support so you have all the tools to do effectively and efficiently your work. No dress code as we want you to be as comfortable as possible. At AI2CYBER, we are a cybersecurity firm dedicated to providing cutting-edge solutions to protect businesses and individuals from evolving cyber threats. Our mission is to empower organisations to navigate the complex cybersecurity landscape with confidence. We believe that by combining robust security solutions, continuous improvement, and a proactive mindset, we can help our clients stay one step ahead of cyber attackers. We are committed to building a safer digital world and are passionate about making a positive impact in the industry. This is a full-time position with competitive salary and benefits. If you have a passion for cyber threat intelligence and are looking for an exciting opportunity to work with cutting-edge technology, we would love to hear from you! Note: All applications will be treated with strict confidentiality. To apply, please send us your CV at careers@ai2cyber.com This position in available only for Greek residents.

Responsibilities

The analyst will analyze threat actor activity, campaigns, and TTP evolution to produce actionable intelligence reports for SOC, IR, and leadership. This involves technical analysis of IOCs, mapping techniques to MITRE ATT&CK, and supporting the development of detection rules.