Threat Intelligence Expert

About the Role 

We are looking for an experienced Cyber Intelligence Expert to join the Cyber Security organization, reporting to the Head of Detection & Response under the CISO. 

This role is responsible for leading cyber threat intelligence activities across the organization, with a focus on understanding the evolving threat landscape, identifying threats relevant to Nebius, and providing actionable intelligence to improve the organization’s security posture. 

You will monitor threat actor activity, dark web forums, underground communities, and emerging attack trends while working closely with SOC, Incident Response, Security Engineering, and leadership teams to support proactive defense and risk reduction efforts. 

Responsibilities 

• Monitor and analyze the global cyber threat landscape, with a focus on threats relevant to Nebius and its business operations. 

• Conduct research on threat actors, attack campaigns, tactics, techniques, and procedures (TTPs). 

• Track emerging threats, vulnerabilities, ransomware groups, and trends across the cyber security ecosystem. 

• Monitor dark web forums, underground communities, and intelligence sources for indicators related to the organization, customers, or technologies. 

• Identify potential threats, data leaks, compromised credentials, or targeted attack activity affecting the organization. 

• Produce actionable intelligence reports, threat assessments, and executive-level summaries for technical and non-technical stakeholders. 

• Support SOC and Incident Response teams with threat context, attribution, indicators of compromise (IOCs), and enrichment. 

• Develop and maintain threat intelligence processes, workflows, and knowledge repositories. 

• Collaborate with Detection Engineering teams to improve detection capabilities based on threat intelligence insights. 

• Research adversary behaviors and map threats to frameworks such as MITRE ATT&CK. 

• Support proactive threat hunting initiatives and identification of gaps in defensive coverage. 

• Evaluate and integrate threat intelligence feeds, tools, and external intelligence sources. 

• Contribute to the organization’s overall cyber defense strategy and threat-informed security posture. 

Required Qualifications 

• 4+ years of experience in Cyber Threat Intelligence, SOC, Incident Response, or related cyber security roles. 

• Strong understanding of cyber threat actors, attack methodologies, and threat intelligence practices. 

• Experience researching and analyzing threat campaigns, ransomware groups, and adversary TTPs. 

• Hands-on experience working with threat intelligence platforms, OSINT, dark web monitoring, or intelligence feeds. 

• Strong understanding of MITRE ATT&CK and modern threat landscapes. 

• Experience supporting SOC, Detection Engineering, or Incident Response teams with actionable intelligence. 

• Strong analytical and research skills with attention to detail. 

• Excellent written and verbal communication skills in Hebrew and English. 

Preferred Qualifications 

• Experience with threat intelligence platforms and tooling. 

• Familiarity with malware analysis or reverse engineering concepts. 

• Experience with threat hunting methodologies and IOC development. 

• Knowledge of cloud and SaaS threat landscapes. 

• Experience in enterprise or cloud-native environments. 

• Relevant certifications such as GCTI, GCIA, CISSP, or equivalent. 

• BSc in Computer Science, Information Security, Intelligence, or a related field. 

Soft Skills 

• Strong analytical and investigative mindset. 

• Ability to translate technical intelligence into actionable business insights. 

• Curious, proactive, and research-driven approach. 

• Comfortable working in cross-functional teams in a dynamic environment.