Threat Intelligence Analyst

About Us: Founded in 2003 and headquartered in Singapore, Group-IB is a leading creator of cybersecurity technologies to investigate, prevent, and fight digital crime. Combating cybercrime is in the company’s DNA, shaping its technological capabilities to defend businesses, and citizens, and support law enforcement operations. Group-IB’s Digital Crime Resistance Centers (DCRCs) are located in the Middle East, Europe, Central Asia, and Asia-Pacific to help critically analyze and promptly mitigate regional and country-specific threats. These mission-critical units help Group-IB strengthen its contribution to global cybercrime prevention and continually expand its threat-hunting capabilities. Each of us can help make the world a safer place. Join us! About the role: Group-IB is a partner of INTERPOL, Europol, and a cybersecurity solutions provider, recommended by SWIFT and OSCE. Such partnerships give us advantages in our everyday duties. We do deep research on malware and public presentation of complex research. We participate in IR and perform as experts at conferences and in the mass media. Our reports are used by thousands of people all over the world. And we invite you to our global team. Tasks to solve: Research activities of various cyber threat groups, collecting IoCs and TTPs. Work on client requests from the European region, including analysing malicious and phishing campaigns, investigating attackers' infrastructure, and creating detection and hunting rules. Research malicious campaigns, attacker infrastructure, and related activities. Perform analytical work during research to attribute campaigns and tools to specific threat groups, identify common patterns in malicious infrastructure, and create hunting and detection rules. Prepare detailed reports summarising the results of research. Contribute to the continuous improvement of company products. Create public articles and presentations for events, including cybersecurity community conferences. Apply for this role if you have: Up to 3 years of experience in a similar area. Graduated in Cybersecurity, Computer Science, Information Technology, or a related field (or have equivalent experience). Have an understanding of cybersecurity fundamentals, including cyber threat landscapes, attack vectors, TTPs, and malware types. Knowledge of Python and Bash (this last one, it is preferable) Extensive knowledge of concepts such as the MITRE ATT&CK framework, Cyber Kill Chain, and TTPs. Have excellent OSINT and analytical skills, with the ability to recognize patterns and trends, connect the dots, and draw reasonable conclusions. Understand OPSEC principles. Have basic knowledge of scripting languages. Understand common network protocols. Have a basic understanding of the cyber threat industry. Are proficient in technical language and capable of writing technical reports. Why choose Group-IB: Your happiness is important to us: We want every single team member to be happy. Continuing professional development: At Group-IB, you can choose from various paths to growth: progress as an expert, advance to a management position, try your hand in another department, relocate abroad, or launch a new business area at Group-IB. A team with extensive international expertise: Do you have experience but are looking for exciting challenges? By choosing us, you will be choosing complex tasks and continuously improving your skills in a fast-growing international company. Globally recognized technologies: Group-IB's members are located in 25 countries and our products and services are sold in 60 countries. What’s more, Gartner, IDC, and Forrester have ranked our technologies among the best in their class. We work with over 450 international partners and about 500 clients. A culture created by each of us: Group-IB’s employees speak many different languages and understand one another. We respect each other's beliefs, share common values, and strive toward the happiness of every employee. Economic stability: Group-IB's sustainable growth helps rapidly develop careers that would take years to progress as far as most other companies. What else should you know: Flexible schedule: Group-IB does not have fixed working hours. You choose your own schedule. We adhere to the principle advocated by Steve Jobs: “We have to work not 12 hours, and head.” Health. If anything goes wrong, don’t worry — we offer health insurance. Certificates and training courses: Group-IB specialists hold over 1,000 professional certificates, including CEH, CISSP, OSCP, GIAC, MCFE, BSI, as well as some rare ones that would be a source of pride for experts in forensics, penetration testing, and reverse engineering worldwide. We have an incentive program that helps employees achieve certifications at the company's expense. Challenges: A wide selection of GIB programs helps you improve soft skills, gain new competencies, and receive monetary rewards. The initiative is rewarded: At Group-IB, you can bring your most daring ideas to life. The company encourages technical blogging, writing articles, building sports teams, and other creative activities.

Location: Amsterdam, NL

Posted Date: 5/31/2025