Cyber Threat Intelligence Analyst

Stuttgart, Baden-Württemberg, Germany

Applications have closed
Spinvi logo

Posted 6 months ago

The candidate will be responsible for providing analysis on relevant threats to the customer environment in support of the overall defensive effort. They will be a key component in providing additional tactical context surrounding adversarial TTPs and support to the Network Security Monitoring and Incident Response teams. The primary responsibility of the candidate is to analyze various sources of threat related data using standard toolsets and methodologies and providing risk related recommendations for action.


  • Perform daily review of cyber threat warnings, bulletins, alerts, and incident reporting documentation
  • Conduct research on emerging security threats and provide correlation and trending of cyber incident activity
  • Maintain knowledge of adversary activities, including intrusion set tactics, techniques and procedures (TTPs)
  • Communicate events to agencies regarding intrusions and compromises to network infrastructure, applications and operating systems
  • Provide cyber threat assessments based on threat analysis, coordinate cyber threat tracking with other organizations and the government
  • Compile detailed investigation and analysis reports
  • Compile and maintain internal standard operating procedure (SOP) documentation
  • Ensure associated documentation and capabilities remain compliant with CJCSM 6510.01b and other applicable policy directives
  • Participates in program reviews, product evaluations, and onsite certification evaluations


Required Skills:

  • Ability to write finished products based off of highly technical subject matter and analysis for dissemination to a less technical or non-technical audience
  • Experience with collecting, analyzing, and interpreting qualitative and quantitative data for the purposed of documenting results and analyzing finding to provide meaningful products
  • Experience with Cyber, defensive or offensive Cyber operations, information operations or information warfare, or topical Cyber expertise
  • Ability to develop specific expertise, discerns patterns of complex threat actor behavior, and communicates a comprehension of current and developing Cyber threats
  • Ability to leverage online research tools to identify and navigate online forums, specialized websites, social media, and traditional sources
  • Knowledge of TCP/IP network communication protocols
  • Self-motivated and passionate
  • Possess excellent oral and written communication skills, including briefing to senior leadership and agency groups on a regular basis

Highly Desired:

  • Experience with analytic tool, including Augury, Splunk, TAC, Palantir, Shodan, Analyst Notebook or other threat intelligence platform preferred
  • Experience collaborating and coordinating with intelligence community partners on Cyber issues and topics

Clearance Required:

  • Minimum of a Secret Clearance, with ability to obtain TS/SCI.


  • Mid-Level: 3 - 5 Years’ experience in Cybersecurity Service Provider (CSSP) environment or similar area
  • Senior Level: 5+ Years’ experience in CSSP environment or similar area

Recommended Education:

  • Bachelor’s degree or higher from accredited university/technical college


  • 8570 Classification IAT –II & CSSP Certification

Additional Information:

  • Authorized to update signatures and view alerts of IDS/ IPS
  • Authorized to view audit records on Central Log Server
  • Authorized to modify auditable events on Central Log Server
  • Overtime may be required as needed to support incident response actions (Surge)


  • Possible Travel 15%


  • Long Term Disability
  • Basic Life Insurance
  • Basic Accidental Death & Dismemberment Insurance
  • Direct Payroll Deposit
  • Leave Accrual
  • Holidays

Optional Benefits

  • Short Term Disability
  • Additional (Voluntary) Life Insurance
  • Additional (Voluntary) AD&D Insurance
  • 401(k)
  • Medical Coverage
  • Dental Coverage
  • Vision Care Plan
  • Flexible Spending Account Plan
  • Online Training
  • AFLAC Supplementary Insurances

AAP/EEO Statement

Spinvi is an Equal Opportunity Employer. Spinvi does not discriminate on the basis of race, religion, color, sex, gender identity, sexual orientation, age, non-disqualifying physical or mental disability, national origin, veteran status or any other basis covered by appropriate law. All employment is decided on the basis of qualifications, merit, and business need.

Spinvi provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, Spinvi complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

Spinvi expressly prohibits any form of workplace harassment based on race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. Improper interference with the ability of Spinvi’s employees to perform their job duties may result in discipline up to and including discharge.

Job tags: Clearance Clearance Required IDS Incident response IPS Network security Splunk TCP/IP Threat intelligence TTPs
Job region(s): Europe
Job stats:  29  3  0