Cyber Threat Intelligence Analyst (Threat Research & Classification)

Posted Yesterday
Be an Early Applicant
Hiring Remotely in Spain
Remote
Mid level
Analytics • Pharmaceutical
The Role
Analyze malicious domains, URLs, phishing, malware, and threat infrastructure to identify relationships and patterns across large datasets. Define and maintain threat taxonomies and classification frameworks, produce structured intelligence, and collaborate with data scientists and engineers to scale automation, AI/ML, and detection capabilities.
Summary Generated by Built In
Description
  • Location: Spain
  • Work model: Remote, with occasional on-site presence in Madrid.

We are looking for a Cyber Threat Intelligence Analyst to help build the next generation of threat intelligence capabilities.

This is not a traditional SOC, monitoring, or incident-response role. We are looking for someone who enjoys understanding how threats are designed, operated, and interconnected across the broader threat landscape.

You will work with malicious domains, URLs, phishing infrastructure, malware activity, and enriched threat intelligence data to uncover relationships between threats, identify recurring patterns, and help define how threat activity should be classified and understood at scale.

The role involves working with a multilayered intelligence model that contains thousands of attributes across infrastructure, behavioral signals, and enrichment sources. The challenge is not collecting data but extracting meaning from complexity, connecting seemingly unrelated indicators, identifying what groups them together, and understanding what they reveal about attacker tactics and operations.

As part of a small and highly specialized team, you will work closely with a data engineer and a data scientist to transform analytical knowledge into scalable intelligence frameworks. Your expertise will help shape future automation, AI-assisted analysis, machine learning models, and real-time detection capabilities.

Because the team is still growing, the role comes with a high level of ownership and visibility. There are no large hierarchical structures or multiple management layers. The person joining will have the opportunity to become a key cyber intelligence reference inside the company and help shape the direction of the capability from an early stage.

We believe the best cyber analysts create the most value when they have the time and autonomy to think deeply about challenges. Our focus is on analytical depth, innovation, and long-term impact rather than operational overload, excessive bureaucracy, or ticket-driven work.

Responsibilities

  • Analyze malicious domains, URLs, phishing campaigns, malware infrastructure, and other cyber threats.
  • Identify relationships, patterns, and behaviors across large-scale intelligence datasets.
  • Investigate emerging threats and contribute to threat intelligence research.
  • Correlate indicators, infrastructure, and campaigns to improve threat understanding and classification.
  • Define and maintain threat taxonomies, analytical methodologies, and classification frameworks.
  • Produce structured intelligence outputs and actionable insights.
  • Collaborate with data scientists and engineers to improve automation and intelligence workflows.
  • Contribute to the development of AI-assisted analysis, machine learning models, and future detection capabilities.
  • Support initiatives related to threat enrichment, classification, and threat identification.
Requirements
  • 3–5+ years of experience in Cyber Threat Intelligence, Threat Analysis, Cyber Intelligence, Threat Research, or closely related cybersecurity roles.
  • Strong experience investigating phishing campaigns, malicious domains, URLs, malware, digital fraud, or threat infrastructure using large-scale intelligence datasets—not only individual IOC investigations or incident-driven analysis.
  • Experience identifying relationships between indicators, campaigns, infrastructure, or threat activity beyond individual observables.
  • Strong analytical skills, including the ability to identify patterns, interpret distributions, recognize anomalies, and derive meaningful conclusions from large datasets.
  • Experience using threat intelligence platforms and tools such as VirusTotal, MISP, OpenCTI, Recorded Future, or similar.
  • Good understanding of cyber threats, threat actors, attack techniques, and infrastructure design patterns, with the ability to recognize how they manifest in real-world data.
  • Comfortable working with structured datasets and multi-attribute analytical environments.
  • Basic understanding of data structures and analytical models (e.g., how multiple attributes are combined, clustering logic at a high level).
  • Ability to communicate findings clearly through structured analysis and reporting.
  • Proactive, curious, and adaptable mindset, with a strong interest in improving methodologies and exploring new approaches to threat analysis.
  • Experience working in CERTs, telecom cybersecurity, cybersecurity vendors, threat intelligence teams, or similar environments.

Why Join Us

  • Work on real-world cyber threats at scale.
  • Help build and shape a growing cyber intelligence capability from an early stage.
  • Collaborate directly with engineering specialists and data science while supporting services for security product owners worldwide.
  • Influence how future automation, AI-assisted analysis, and machine learning capabilities are developed.
  • Opportunity to contribute to next-generation threat detection and enrichment initiatives.
  • High ownership, visibility, and impact from day one.
  • Opportunity to become a key cyber intelligence reference within the organization.
  • Environment focused on analytical depth, innovation, collaboration, and sustainable growth.

Skills Required

  • 3-5+ years of experience in Cyber Threat Intelligence, Threat Analysis, Cyber Intelligence, Threat Research, or closely related cybersecurity roles.
  • Strong experience investigating phishing campaigns, malicious domains, URLs, malware, digital fraud, or threat infrastructure using large-scale intelligence datasets.
  • Experience identifying relationships between indicators, campaigns, infrastructure, or threat activity beyond individual observables.
  • Strong analytical skills: identify patterns, interpret distributions, recognize anomalies, and derive conclusions from large datasets.
  • Experience using threat intelligence platforms and tools such as VirusTotal, MISP, OpenCTI, Recorded Future, or similar.
  • Good understanding of cyber threats, threat actors, attack techniques, and infrastructure design patterns.
  • Comfortable working with structured datasets and multi-attribute analytical environments.
  • Basic understanding of data structures and analytical models (e.g., how multiple attributes are combined, clustering logic at a high level).
  • Ability to communicate findings clearly through structured analysis and reporting.
  • Proactive, curious, and adaptable mindset with interest in improving methodologies and exploring new approaches.
  • Experience working in CERTs, telecom cybersecurity, cybersecurity vendors, threat intelligence teams, or similar environments.
Am I A Good Fit?
beta
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company
HQ: Hod HaSharon
10 Employees
Year Founded: 2014

What We Do

We’re an innovative and forward-thinking Commercial Pharma analytics startup based in the UK. Since 2014 we’ve been focusing our efforts on providing cutting edge input to pharmaceutical organisations throughout Europe and North America. By combining years of experience in healthcare, pharmaceutical and data , we provide a powerful tool for acquiring real actionable insights to Commercial strategy, Formulary status, Salesforce effectiveness, targeting & segmentation, Sales analytics and many more.

Similar Jobs

Affirm Logo Affirm

Senior Software Engineer

Big Data • Fintech • Mobile • Payments • Financial Services
Easy Apply
Remote
Spain
2200 Employees
86K-122K Annually

Nexthink Logo Nexthink

Security Engineer

Artificial Intelligence • Big Data • Cloud • Information Technology • Machine Learning • Software
Remote or Hybrid
Madrid, Comunidad de Madrid, ESP
1200 Employees
72K-110K Annually

Zapier Logo Zapier

Manager or Sr. Manager, Sales Assist

Artificial Intelligence • Productivity • Software • Automation
Remote
30 Locations
800 Employees
Remote
26 Locations
393 Employees
179K-179K Annually

Similar Companies Hiring

Prolaio Thumbnail
Artificial Intelligence • Big Data • Healthtech • Mobile • Wearables • Analytics
Chicago, IL
82 Employees
Northslope Thumbnail
Artificial Intelligence • Information Technology • Software • Analytics • Consulting • Generative AI
London, GB
100 Employees
Scotch Thumbnail
Artificial Intelligence • eCommerce • Fintech • Payments • Retail • Software • Analytics
US
35 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account