Analyst, Cybercrime Intelligence Analysis

Role overview

This role sits at the intersection of cyber intelligence and cybersecurity, with a focus on researching cybercriminal ecosystems, emerging threats, and attacker behavior. The position is based in Germany and is handled by a partner company that manages all applications and follow-up steps.

You will turn information gathered from diverse sources into practical intelligence that supports security teams in understanding adversaries, prioritizing risks, and responding to threats more effectively. The work includes investigating underground activity, intrusion campaigns, and evolving tactics used by cyber threat actors. You will also help create well-structured intelligence reports, briefings, and tactical assessments for global security stakeholders.

The job is well suited to someone who enjoys deep analytical work, can connect patterns across complex data, and is genuinely interested in intelligence-led defense against cybercrime.

Key responsibilities

• Study cyber adversaries, new threat activity, intrusion campaigns, and criminal operations to generate intelligence that can be acted on.
• Gather, assess, and combine information from multiple sources to build tactical intelligence outputs and threat findings.
• Examine attacker tactics, techniques, and procedures in detail to better understand how intrusions and criminal operations are carried out.
• Carry out attribution work and trace relationships between threat actors, infrastructure, and related activity clusters.
• Apply intelligence tools, platforms, and structured research methods to improve the quality and reliability of analysis.
• Provide prompt, independent intelligence support for customer questions, investigations, and custom threat intelligence needs.
• Contribute to data collection efforts and support automated as well as AI-assisted intelligence processes.
• Prepare briefings, bulletins, and reports on adversaries, regional threats, and risks affecting specific industries.
• Work with a globally distributed intelligence team to maintain consistency, quality, and shared knowledge across outputs.
• Assist with internal and external briefings that help communicate findings and support awareness and go-to-market efforts.

Requirements

• Strong grasp of cyber threat intelligence and how it supports security operations and risk reduction.
• Exposure to, or familiarity with, functions such as SOC, incident response, threat hunting, vulnerability management, or fraud prevention.
• Working knowledge of tools and technologies such as SIEM, SOAR, EDR/XDR, TIP platforms, firewalls, IPS, IAM, and cloud security controls.
• Good understanding of the cybercriminal landscape, including malware activity, phishing, fraud, and underground services.
• Ability to research effectively using OSINT methods and related analytical tools.
• Awareness of established intelligence frameworks such as MITRE ATT&CK, Cyber Kill Chain, Diamond Model, or Pyramid of Pain.
• Experience using structured analysis, critical thinking, and techniques to reduce cognitive bias.
• Comfort working on your own while also collaborating in a remote, globally distributed team.
• Excellent written and spoken communication skills with the ability to produce clear, organized intelligence documentation.
• Prior work in threat intelligence, incident response, malware analysis, red teaming, or penetration testing is strongly preferred.
• Strong planning and time-management skills with the ability to juggle several intelligence tasks at once.
• A curious, proactive mindset and a genuine interest in tracking evolving cyber threats.

Benefits

• Compensation aligned competitively with the market.
• Fully remote-friendly setup available within Europe.
• Opportunities for professional growth and ongoing learning.
• Recognition programs designed to support engagement and performance.
• Well-being and wellness-focused initiatives.
• An inclusive, mission-driven environment centered on collaboration, integrity, and innovation.
• The chance to contribute to cybercrime intelligence work that supports global security operations.

Application and hiring process

This opportunity is presented through a partner company, which is responsible for handling applications and the next stages of the process. Applications are reviewed using an AI-assisted matching approach so candidates can be screened quickly, consistently, and fairly against the role’s core requirements. The strongest matches are forwarded to the hiring company, whose internal team manages the final decision, interviews, and assessments.

Data privacy and AI notice

By applying, you agree that your personal data may be processed to evaluate your candidacy and to share relevant details with the hiring employer. This is based on legitimate interest and pre-contractual steps under applicable data protection laws, including GDPR. You may exercise your rights to access, correct, delete, or object to processing at any time.

Artificial intelligence tools may be used during parts of the hiring process, including reviewing applications, analyzing resumes, or checking responses for inconsistencies or verification signals. These tools support the recruitment team and do not replace human judgment. Final hiring decisions are made by people. If you want more information about how your data is handled, you can contact the team directly.