Senior Threat Intelligence Analyst

About Atos Group

Atos Group is a global leader in digital transformation with c. 70,000 employees and annual revenue of c. € 10 billion, operating in 67 countries under two brands — Atos for services and Eviden for products. European number one in cybersecurity, cloud and high-performance computing, Atos Group is committed to a secure and decarbonized future and provides tailored AI-powered, end-to-end solutions for all industries. Atos is a SE (Societas Europaea) and listed on Euronext Paris.

The purpose of Atos is to help design the future of the information space. Its expertise and services support the development of knowledge, education and research in a multicultural approach and contribute to the development of scientific and technological excellence. Across the world, the Group enables its customers and employees, and members of societies at large to live, work and develop sustainably, in a safe and secure information space.

Your life as a Senior Threat Intelligence Analyst

As a Senior Threat Intelligence Analyst in our Threat Research Team, you will play a key role in uncovering and analyzing emerging cyber threats. Your work will focus on deep research into threat actors, malware campaigns, and evolving TTPs, using both open-source and proprietary intelligence sources. This role requires a strong analytical mindset, technical expertise and a passion for continuous discovery. If you're driven by curiosity and thrive in a research-driven environment, we’d love to hear from you.

What is TRC?

Threat Research Center is an independent part of Cybersecurity Services in Atos, that aims to conduct research initiatives to find vulnerabilities or emerging threats.

What is ahead of you?

• Working in Security – one of the most dynamically developing areas in IT.
• We also offer great development opportunities including financing of world class trainings and certifications.
• Expanding your threat knowledge by taking part in conferences, lectures and exercises.
• Engaging in real-world threat intelligence operations, including dark net monitoring and actor profiling.
• Continuous work with emerging TTPs, threat actor tradecrafts, and evolving attack surfaces across industries.
• Involvement in advanced threat research projects under Threat Research Center umbrella.

How do we work?

• Full-time contract of employment.
• Minimizing amount of meetings.
• Strong emphasis on core technical responsibilities.
• Elastic approach to working hours (standard is 8 a.m. – 6 p.m.).

Certificates we value

• GIAC Cyber Threat Intelligence (GCTI).
• CREST Registered Threat Intelligence Analyst (CRTIA).
• EC-Council Certified Threat Intelligence Analyst (C|TIA).

Expected Skills

• Ability to navigate the entire CTI lifecycle - from intelligence collection and processing to deep analysis and strategic dissemination.
• Understanding of the Diamond Model and Cyber Kill Chain, with the ability to pivot across diamond vertices and map threat actor behaviors throughout all phases.
• Strong proficiency in analyzing and correlating threat data from diverse external sources such like VirusTotal, URLScan.io, GreyNoise, DomainTools, Shodan, Censys etc.
• Ability to extract actionable intelligence from raw signals/indicators and enrich research with multi-source context.
• Experience in malware analysis and creating and using YARA rules for conducting research across external sources, with the ability to identify patterns, classify malicious artifacts, and enrich intelligence through behavioral signatures.
• Hands-on expertise with CTI tools (e.g., MISP, ThreatConnect, Recorded Future, ZeroFox, CybelAngel, HudsonRock).
• Practical experience in identifying and tracking threat actors, campaigns, and emerging trends, with deep knowledge of evolving threats and the current modus operandi of adversaries.
• Proactive and self-motivated, with a passion for innovation and continuous learning in the evolving landscape of emerging threats and adversaries TTPs.
• Skilled in navigating dark web marketplaces, forums, and leak sites to identify threat actor activity and extract actionable intelligence.

What We Offer

• Work in a dynamic environment, as part of an international team.
• Opportunities to challenge yourself and sate your curiosity.
• Management without constant nagging and endless meetings.
• Benefits package and a competitive salary.
• Hybrid working model (max. 2 times per month based on a location).

The company follows an equal opportunity policy and does not permit any form of discrimination based on gender, disability, age, origin, sexual orientation, or any other protected characteristic. All employment decisions are made solely on the basis of competence and qualifications.

Please, attach your CV in English!

If you have any questions, please contact Vanesa Yordanova or Aleksander Pawlicki.

Let’s grow together.

We take care of your personal data privacy. More information about processing your data within recruitment process you can find on our website https://eviden.com/privacy-policy/

Nasze przedsiębiorstwo przestrzega zasad ochrony sygnalistów ustanowionych w dedykowanej procedurze zgodnie z ustawą z dnia 14 czerwca 2024 r. o ochronie sygnalistów (Dz.U. z 2024 r. poz. 928), zapewniając wszystkim pracownikom oraz osobom ubiegającym się o zatrudnienie lub świadczenie usług pełną poufność i ochronę w zakresie zgłaszania naruszeń prawa.

Let’s grow together.

The company follows an equal opportunity policy and does not permit any form of discrimination based on gender, disability, age, origin, sexual orientation, or any other protected characteristic. All employment decisions are made solely on the basis of competence and qualifications.

Here at Atos, diversity and inclusion are embedded in our DNA. Read more about our commitment to a fair work environment for all.

Atos is a recognized leader in its industry across Environment, Social and Governance (ESG) criteria. Find out more on our CSR commitment.

Choose your future. Choose Atos.

Key skills/competency

• CTI Lifecycle
• Threat Actor Analysis
• Malware Analysis
• YARA Rules
• Dark Web Monitoring
• TTPs (Tactics, Techniques, Procedures)
• Open-Source Intelligence (OSINT)
• Threat Data Correlation
• Cyber Kill Chain
• Diamond Model