Ideal Candidate
We are looking for a Threat Intelligence Analyst / Engineer passionate about cybersecurity and threat analysis, to contribute to the identification, monitoring and investigation of malicious actors, attack campaigns and emerging vulnerabilities. The role involves technical research, OSINT/CTI analysis and the development of processes and automation to improve cyber defense capabilities.
Job Description
responsibility
- Collecting, analyzing and correlating information about cyber threats from OSINT sources, CTI feeds and specialized platforms.
- Continuous monitoring of threat actors, malware, TTPs, and active campaigns.
- Preparing technical and executive reports on identified threats and their impact on the organization.
- Analysis of indicators of compromise (IOC) and identification of attack patterns.
- Development and optimization of detection rules for SIEM, EDR and other security solutions.
- Collaborating with SOC, Incident Response and Blue Team teams to investigate security incidents.
- Automate data collection and processing processes using scripting and API integrations.
- Participation in threat hunting activities and attack simulations.
- Maintaining good technical documentation and contributing to the improvement of internal security processes.
- Research and development on new attack techniques and defense methods.
Mandatory
Technical Requirements
- Knowledge of cybersecurity and threat intelligence concepts.
- Experience with frameworks such as MITRE ATT&CK, Cyber Kill Chain or Diamond Model.
- Familiarity with SIEM/EDR platforms (e.g. Splunk, Microsoft Sentinel, QRadar, CrowdStrike, etc.).
- Experience in OSINT analysis and use of CTI platforms.
- Knowledge of networking, protocols and network traffic analysis.
- Basic/intermediate scripting experience (Python, Bash, or PowerShell).
- Understanding malware analysis and IOC investigation techniques is an advantage.
- Experience with Linux and Windows environments.
- Ability to interpret security logs and events.
Soft Skills
- Analytical thinking and attention to detail.
- Good research and problem-solving skills.
- Communication and technical writing skills.
- Ability to work in a team and collaborate cross-functionally.
- Continuous desire to learn and adapt to new cyber threats.
Nice to Have
- Experience with TIP (Threat Intelligence Platform) platforms.
- Certifications such as Security+, CySA+, GCTI, CEH or similar.
- Experience in SOAR automation.
- Knowledge of YARA, Sigma Rules or malware reverse engineering.
- Participation in CTFs, research projects or cybersecurity communities.
What do we offer?
- Complex and modern projects
- Mentoring from senior engineers and structured growth
- Technical freedom
- Flexibilitate remote/hybrid
- Access to modern infrastructure
- Competitive salary
Candidates’ CVs can be sent to the email address: office@sysblue.ro
Company Description
Sysblue is a company founded in 2018 and headquartered in Romania, operating in the field of information security consulting and managed cybersecurity services. We help clients solve information security challenges based on risk, not fear. We have an extensive portfolio of clients across the country, from small businesses to large corporations. Our team of certified professionals is made up of highly qualified personnel, all experts in the fields of IT security, including key industry veterans and leaders in the mobile security business, with over 10 years of international experience and multidisciplinary expertise:
- Security specialists
- Digital forensics
- IT audit experts
- Web developers
- Legal consultants
