Cybersecurity Threat Intelligence Analyst

Cyber Threat Intelligence (CTI) Analyst

Requirements

Minimum Bachelor's degree in Computer Science, Information Systems, Cyber Security, Information Technology, or a related field.

Minimum 8 years of experience in IT Cyber Security.

Hands-on experience in:

Threat Intelligence

Threat Hunting

Malware Analysis

MITRE ATT&CK Framework

Experience with the following tools:

Sandbox solutions

IOC (Indicators of Compromise) validation tools

Surface, Deep, and Dark Web monitoring tools

Strong soft skills, including:

Analytical thinking

Reporting and documentation

Strategic communication with management

Domain knowledge in:

Financial services industry

Fraud intelligence

Brand protection

Proven experience in managing the end-to-end Intelligence Lifecycle, including collection, analysis, dissemination, and evaluation.

Ability to gather data from various sources (surface, deep, dark web, open-source, commercial, and internal) and optimize data aggregation processes.

Scope of Work

Dedicated Cyber Threat Intelligence (CTI) Analyst responsible for managing the end-to-end Intelligence Lifecycle to protect Bank Danamon's digital assets, brand reputation, and operational ecosystem. This role focuses on transforming raw data from multiple sources (Surface, Deep, and Dark Web) into actionable insights to mitigate risks before they evolve into incidents.

Key Responsibilities

Intelligence Operations & Monitoring

Intelligence Collection

Manage and optimize data aggregation from multiple intelligence sources, including commercial, open-source, and internal sources.

Deep & Dark Web Monitoring

Conduct active monitoring of hacking forums, underground marketplaces, and hidden communication channels to detect customer data leaks (BIN information), employee credentials, or planned cyberattacks.

Alert Triage & Validation

Validate Indicators of Compromise (IOCs) using data triangulation techniques to ensure a high confidence level before escalation.

Technical Analysis & Threat Hunting

Proactive Threat Hunting

Independently perform threat hunting activities beyond the bank's perimeter based on global and regional threat trends relevant to the financial sector.

Malware Analysis Support

Conduct preliminary malware analysis using sandbox environments to understand threat actors' Tactics, Techniques, and Procedures (TTPs).

MITRE ATT&CK Mapping

Map threat findings to the MITRE ATT&CK framework to provide technical context for the Security Operations Center (SOC) team.

Brand Protection & Digital Risk Management

Brand Protection

Identify and facilitate the takedown process for phishing websites, fraudulent mobile applications, and brand impersonation activities across social media and messaging platforms (WhatsApp, Telegram).

Anti-Fraud Intelligen

Monitor indications of bank account misuse for illegal activities such as online and mule account trading.

Reporting & Strategic Advisory

Intelligence Reporting

Prepare routine reports (Daily, Monthly, Quarterly) and ad-hoc reports related to critical cybersecurity incidents.

Vulnerability Con

Provide additional insights into Vulnerability Assessment findings by identifying vulnerabilities that are actively being exploited in the wild.

Executiv Briefing

Present threat landscape analysis and intelligence findings to management and the CISO to support strategic decision-making.