45 Threat Intelligence jobs in the United Arab Emirates

Role: Threat Intelligence Manager

Location: Abu Dhabi

Role Purpose:

• Reporting to the Head of Information Security Cyber Defense Operations the Threat Intelligence Manager will be responsible for leading and managing the threat intelligence function to identify collect analyze and report on potential and existing cyber threats.
• This role will focus on understanding the threat landscape developing proactive strategies and delivering intelligence-driven insights to protect ADIBs information assets and reputation.
• The Threat Intelligence Manager will collaborate closely with internal stakeholders and external intelligence communities to continuously enhance threat detection analysis and reporting capabilities.
• This role demands exceptional leadership skills strategic thinking and the ability to provide actionable intelligence to key decision-makers.

Key accountabilities of the role:

• Manage the Threat Intelligence function in alignment with ADIBs strategic objectives and risk management practices.
• Develop and manage a comprehensive Threat Intelligence program that proactively identifies analyzes and disseminates critical actional intelligence.
• Continuously improve intelligence-gathering techniques and methodologies to enhance detection and response capabilities.
• Foster a proactive approach to identifying new and emerging threats that could impact ADIBs business operations.
• Conduct threat profiling to identify and analyze threat actors their tactics techniques and procedures (TTPs).
• Perform malware analysis and reverse engineering to understand threat behavior and develop countermeasures.
• Conduct forensic investigations ensuring accurate collection preservation and analysis of digital evidence.
• Integrate threat intelligence outputs with SOC and incident response processes.
• Develop actionable intelligence products including reports briefs and presentations for technical and executive audiences.
• Maintain strong relationships with internal and external stakeholders including FS-ISAC and intelligence-sharing communities.
• Coordinate with SOC and Incident Response teams for joint threat mitigation efforts.
• Maintain the chain of custody and evidence integrity throughout the investigation lifecycle
• Generate forensic investigation reports presenting findings and recommended actions to management and stakeholders
• Work closely with SOC and Incident Response teams to investigate analyze and respond to cyber incidents.
• Lead the deployment and maintenance of Threat Intelligence Platforms (TIPs) to aggregate correlate and analyze threat data.
• Oversee third-party vendors and ensure their compliance with security standards.

Experience and skills / technical knowledge required for this role:

• 10 years of experience in threat intelligence and cyber threat analysis preferably within large financial institutions.
• Hands-on experience in malware analysis reverse engineering and digital forensics investigations.
• Experience in collecting preserving and analyzing digital evidence in compliance with legal and regulatory standards.
• Proficiency with forensic tools and techniques such as EnCase.
• Strong knowledge of threat intelligence platforms (TIPs) and their integration within SOC environments.
• Deep understanding of cyber threat frameworks such as MITRE ATT&CK Cyber Kill Chain and Diamond Model of Intrusion Analysis.
• Familiarity with OSINT techniques and commercial threat feeds for gathering intelligence.
• Knowledge of cybersecurity standards and regulations (ISO 27001 NESA PCI DSS SWIFT).
• Bachelors or Masters degree in engineering IT or a related technical discipline.
• Relevant certifications such as GCTI (GIAC Cyber Threat Intelligence) CTIA (Certified Threat Intelligence Analyst) CISSP CISM GCFA GREM EnCase Certified Examiner (ENCE).

Required Experience:

Manager

Role: Threat Intelligence Manager

Location: Abu Dhabi

Role Purpose:

• Reporting to the Head of Information Security Cyber Defense Operations the Threat Intelligence Manager will be responsible for leading and managing the threat intelligence function to identify collect analyze and report on potential and existing cyber threats.
• This role will focus on understanding the threat landscape developing proactive strategies and delivering intelligence-driven insights to protect ADIBs information assets and reputation.
• The Threat Intelligence Manager will collaborate closely with internal stakeholders and external intelligence communities to continuously enhance threat detection analysis and reporting capabilities.
• This role demands exceptional leadership skills strategic thinking and the ability to provide actionable intelligence to key decision-makers.

Key accountabilities of the role:

• Manage the Threat Intelligence function in alignment with ADIBs strategic objectives and risk management practices.
• Develop and manage a comprehensive Threat Intelligence program that proactively identifies analyzes and disseminates critical actional intelligence.
• Continuously improve intelligence-gathering techniques and methodologies to enhance detection and response capabilities.
• Foster a proactive approach to identifying new and emerging threats that could impact ADIBs business operations.
• Conduct threat profiling to identify and analyze threat actors their tactics techniques and procedures (TTPs).
• Perform malware analysis and reverse engineering to understand threat behavior and develop countermeasures.
• Conduct forensic investigations ensuring accurate collection preservation and analysis of digital evidence.
• Integrate threat intelligence outputs with SOC and incident response processes.
• Develop actionable intelligence products including reports briefs and presentations for technical and executive audiences.
• Maintain strong relationships with internal and external stakeholders including FS-ISAC and intelligence-sharing communities.
• Coordinate with SOC and Incident Response teams for joint threat mitigation efforts.
• Maintain the chain of custody and evidence integrity throughout the investigation lifecycle
• Generate forensic investigation reports presenting findings and recommended actions to management and stakeholders
• Work closely with SOC and Incident Response teams to investigate analyze and respond to cyber incidents.
• Lead the deployment and maintenance of Threat Intelligence Platforms (TIPs) to aggregate correlate and analyze threat data.
• Oversee third-party vendors and ensure their compliance with security standards.

Experience and skills / technical knowledge required for this role:

• 10 years of experience in threat intelligence and cyber threat analysis preferably within large financial institutions.
• Hands-on experience in malware analysis reverse engineering and digital forensics investigations.
• Experience in collecting preserving and analyzing digital evidence in compliance with legal and regulatory standards.
• Proficiency with forensic tools and techniques such as EnCase.
• Strong knowledge of threat intelligence platforms (TIPs) and their integration within SOC environments.
• Deep understanding of cyber threat frameworks such as MITRE ATT&CK Cyber Kill Chain and Diamond Model of Intrusion Analysis.
• Familiarity with OSINT techniques and commercial threat feeds for gathering intelligence.
• Knowledge of cybersecurity standards and regulations (ISO 27001 NESA PCI DSS SWIFT).
• Bachelors or Masters degree in engineering IT or a related technical discipline.
• Relevant certifications such as GCTI (GIAC Cyber Threat Intelligence) CTIA (Certified Threat Intelligence Analyst) CISSP CISM GCFA GREM EnCase Certified Examiner (ENCE).

Required Experience:

Manager

Leadership / Supervisory Experience

1. 5+ years of demonstrable management experience within Cyber Threat Intelligence.
2. Experience in training and providing mentorship to team members.
3. Performance management skills, including conducting performance evaluations.

Education

1. Bachelor's degree in Computer Information Systems or a related discipline, or equivalent experience.
2. Preferred certifications: CISSP, CISM, or similar Information Security certifications.
3. Desired certifications: Malware analysis or threat intelligence related certifications such as GCIH, GREM, GCTI, etc.

Technical Skills

1. Operating System Knowledge: Windows, Linux/Unix, Mac/OSX.
2. Scripting skills: Shell, Python, R, etc.
3. Big Data analysis experience.

Join to apply for the Cyber Threat Intelligence Analyst role at DTS Solution - A Beyon Cyber Company

Join to apply for the Cyber Threat Intelligence Analyst role at DTS Solution - A Beyon Cyber Company

Get AI-powered advice on this job and more exclusive features.

Continue with Google Continue with Google

Continue with Google Continue with Google

Continue with Google Continue with Google

• Work as a Cyber Threat Intel Analyst in DTS Solution – HawkEye CSOC cyber command center.
• Analyze and research known indicators, correlate events, identify malicious activity, and discover new sources to provide early warning related to a variety of Cyber threats.
• Monitor Open Source information feeds and threat actor activity to identify activity levels and indicators for Cyber threats and Cyber-attacks.
• Identify Open Source Intelligence (OSINT) threats relevant to the DTS Solution - HawkEye CSOC customer’s environment and develop relevant reports.
• Provide daily (business day) collections, reviews, analysis and filtering of Open Source Intelligence (OSINT) and SOCMINT (Social Media Intelligence)
• Identify and investigate malicious actors with the interest and capability to target client and its infrastructure.
• Develop and provide a Cyber Threat Intelligence Report, Monthly Report and Quarterly Report and an Annual Report.
• Reviews all current threat intelligence feeds in use, categorizes and prioritizes by relevancy.
• Provide proactive APT hunting, incident response support, and advanced analytic capabilities.
• Analyze threat information reports and intelligence summaries, trends, gaps, and methods of operation.
• Review audit logs and identify any unusual or suspect behavior.
• Initiates ad-hoc threat intelligence work parcel assignments for Tier I/II analysts and reviews/expands the SOC daily recurring activity SOP’s.
• Develops reports that can be sent for awareness to various groups and levels of leadership.
• Engage constructively in cross-functional projects designed to improve DTS Solution - HawkEye CSOC and its customers’ security postures.
• Understanding of geo-political dynamics and how they affect the wider cyber threat landscape.
• Experience using Cyber Kill Chain.
• Expertise on in using Threat Intelligence Platforms (Recorded Future, Flashpoint, Blueliv, Anomali, ThreatIQ etc.)
• Expertise in using Digital Risk Management platforms that looks for dark web activities, breaches,
• Have a curated list of important threat intel fusion across various sources
• Knowledge on dark web and accessing dark web forums, IRCs, chat groups etc.
• Knowledge on APT groups and monitoring all activities through handlers
• Curate newsletter and social media weekly posts based on weekly activities in the cyberspace.
  

• Work as a Cyber Threat Intel Analyst in DTS Solution – HawkEye CSOC cyber command center.
• Analyze and research known indicators, correlate events, identify malicious activity, and discover new sources to provide early warning related to a variety of Cyber threats.
• Monitor Open Source information feeds and threat actor activity to identify activity levels and indicators for Cyber threats and Cyber-attacks.
• Identify Open Source Intelligence (OSINT) threats relevant to the DTS Solution - HawkEye CSOC customer’s environment and develop relevant reports.
• Provide daily (business day) collections, reviews, analysis and filtering of Open Source Intelligence (OSINT) and SOCMINT (Social Media Intelligence)
• Identify and investigate malicious actors with the interest and capability to target client and its infrastructure.
• Develop and provide a Cyber Threat Intelligence Report, Monthly Report and Quarterly Report and an Annual Report.
• Reviews all current threat intelligence feeds in use, categorizes and prioritizes by relevancy.
• Provide proactive APT hunting, incident response support, and advanced analytic capabilities.
• Analyze threat information reports and intelligence summaries, trends, gaps, and methods of operation.
• Review audit logs and identify any unusual or suspect behavior.
• Initiates ad-hoc threat intelligence work parcel assignments for Tier I/II analysts and reviews/expands the SOC daily recurring activity SOP’s.
• Develops reports that can be sent for awareness to various groups and levels of leadership.
• Engage constructively in cross-functional projects designed to improve DTS Solution - HawkEye CSOC and its customers’ security postures.
• Understanding of geo-political dynamics and how they affect the wider cyber threat landscape.
• Experience using Cyber Kill Chain.
• Expertise on in using Threat Intelligence Platforms (Recorded Future, Flashpoint, Blueliv, Anomali, ThreatIQ etc.)
• Expertise in using Digital Risk Management platforms that looks for dark web activities, breaches,
• Have a curated list of important threat intel fusion across various sources
• Knowledge on dark web and accessing dark web forums, IRCs, chat groups etc.
• Knowledge on APT groups and monitoring all activities through handlers
• Curate newsletter and social media weekly posts based on weekly activities in the cyberspace.
  

• 4+ years of experience on extract and disseminate open source intelligence (OSINT)
• Regional expertise as applied to threat actors
• Familiarity with alternative analysis techniques and predictive analysis methodology
• Experience with conducting intelligence investigations and familiarity with investigative tools, including Maltego, DomainTools, and VirusTotal
• Familiarity with Threat Rating Methodology
• Experience using Threat Intelligence Platforms (TIPs)
• Active memberships with associations across the security and intelligence community
  

• Certified Ethical Hacker (CEH)
• SANS Certified Intrusion Analyst (GCIA)
• SANS Certified Cyber Threat Intelligence GCTI
  

• Seniority levelMid-Senior level

• Employment typeFull-time

• Job functionInformation Technology
• IndustriesComputer and Network Security

Referrals increase your chances of interviewing at DTS Solution - A Beyon Cyber Company by 2x

Get notified about new Threat Intelligence Analyst jobs in Dubai, Dubai, United Arab Emirates.

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

• Work as a Cyber Threat Intel Analyst in DTS Solution HawkEye CSOC cyber command center.
  
• Analyze and research known indicators, correlate events, identify malicious activity, and discover new sources to provide early warning related to a variety of Cyber threats.
  
• Monitor Open Source information feeds and threat actor activity to identify activity levels and indicators for Cyber threats and Cyber-attacks.
  
• Identify Open Source Intelligence (OSINT) threats relevant to the DTS Solution - HawkEye CSOC customer s environment and develop relevant reports.
  
• Provide daily (business day) collections, reviews, analysis and filtering of Open Source Intelligence (OSINT) and SOCMINT (Social Media Intelligence)
  
• Identify and investigate malicious actors with the interest and capability to target client and its infrastructure.
  
• Develop and provide a Cyber Threat Intelligence Report, Monthly Report and Quarterly Report and an Annual Report.
  
• Reviews all current threat intelligence feeds in use, categorizes and prioritizes by relevancy.
  
• Provide proactive APT hunting, incident response support, and advanced analytic capabilities.
  
• Analyze threat information reports and intelligence summaries, trends, gaps, and methods of operation.
  
• Review audit logs and identify any unusual or suspect behavior.
  
• Initiates ad-hoc threat intelligence work parcel assignments for Tier I/II analysts and reviews/expands the SOC daily recurring activity SOP s.
  
• Develops reports that can be sent for awareness to various groups and levels of leadership.
  
• Engage constructively in cross-functional projects designed to improve DTS Solution - HawkEye CSOC and its customers security postures.
  
• Understanding of geo-political dynamics and how they affect the wider cyber threat landscape.
  
• Experience using Cyber Kill Chain.
  
• Expertise on in using Threat Intelligence Platforms (Recorded Future, Flashpoint, Blueliv, Anomali, ThreatIQ etc.)
  
• Expertise in using Digital Risk Management platforms that looks for dark web activities, breaches,
  
• Have a curated list of important threat intel fusion across various sources
  
• Knowledge on dark web and accessing dark web forums, IRCs, chat groups etc.
  
• Knowledge on APT groups and monitoring all activities through handlers
  
• Curate newsletter and social media weekly posts based on weekly activities in the cyberspace.
  

• 4+ years of experience on extract and disseminate open source intelligence (OSINT)
  
• Regional expertise as applied to threat actors
  
• Familiarity with alternative analysis techniques and predictive analysis methodology
  
• Experience with conducting intelligence investigations and familiarity with investigative tools, including Maltego, DomainTools, and VirusTotal
  
• Familiarity with Threat Rating Methodology
  
• Active memberships with associations across the security and intelligence community
  

Disclaimer: Naukrigulf.com is only a platform to bring jobseekers & employers together. Applicants are advised to research the bonafides of the prospective employer independently. We do NOT endorse any requests for money payments and strictly advice against sharing personal or bank related information. We also recommend you visit Security Advice for more information. If you suspect any fraud or malpractice, email us at

Help AG is looking for a talented and enthusiastic individual to join as a Senior Threat Intelligence Specialist who will analyze, curate, and operationalize threat intelligence to enhance cyber defense strategies. This role focuses on integrating intelligence with security systems, providing actionable insights, and optimizing Threat Intelligence Platforms (TIPs) for maximum efficiency. The specialist will apply advanced expertise to stay ahead of evolving threats, ensuring that intelligence is effectively leveraged to improve organizational security posture. This high-impact position requires both technical acumen and strategic vision to continuously adapt to the dynamic threat landscape

Responsibilities

• Apply intelligence tradecraft techniques to gather, analyze, and disseminate actionable threat intelligence to support cybersecurity operations.

• Operate and manage Threat Intelligence Platforms (TIPs)for ingesting, enriching, and correlating threat data from multiple internal and external sources.

• Conduct detailed threat assessments to evaluate the relevance, credibility, and potential impact of threats on organizational assets and operations.

• Produce timely and well-structured threat intelligence reports for both technical and non-technical stakeholders.

• Collaborate with SOC, IR, and vulnerability management teams to operationalize threat intelligence in detecting and mitigating threats.

• Monitor open-source intelligence (OSINT), dark web, and commercial feeds to identify emerging threats and trends.

• Recommend improvements to threat intelligence workflows and data integration strategies.

• Maintain awareness of evolving threat actor TTPs (tactics, techniques, and procedures) through frameworks like MITRE ATT&CK.

• Monitor and manage threat intelligence artefacts and data hosted on one or more Threat Intelligence Platforms (TIPs).

• Tune and optimize TIPs as necessary, ensuring they remain effective for the detection and analysis of emerging threats.

• Develop and adhere to detailed processes and procedures for analyzing, escalating, and disseminating threat intelligence.

• Correlate threat intelligence using TIPs and other systems, focusing on prioritizing and increasing the relevance of the information to internal clients.

• Oversee the lifecycle of threat intelligence, ensuring it is properly categorized, stored, and updated throughout its lifespan.

• Respond promptly to inbound requests for technical assistance regarding threat intelligence-related queries or tasks.

• Address tickets and cases related to threat intelligence, incidents, and support, ensuring timely resolution within established SLAs.

• Document actions and findings clearly to communicate information effectively within the organization and to external clients.

• Review customer reports to ensure quality, accuracy, and relevance.

• Maintain a high level of awareness of both global and regional threat landscapes, including tracking threat actors, emerging tactics, techniques, and procedures (TTPs).

• Stay updated on geopolitical events and their impact on the security posture of the organization, particularly concerning critical infrastructure and national interests.

• Collaborate with other teams, including threat hunting, Global Security Operations Center (GSOC), and incident response teams, to provide timely and actionable intelligence.

• Participate in internal knowledge-sharing initiatives, including writing technical articles, guidelines, and SOPs for threat intelligence processes.

• Collect and analyze threat intelligence from a variety of sources such as OSINT (Open-Source Intelligence), threat feeds, IOCs (Indicators of Compromise), TTPs, and external advisories.

• Track and monitor relevant threat actors and geopolitical developments, using tools like the dark web and social media channels to gather intelligence.

• Proactively conduct investigations into potential threats, including analyzing incidents related to intellectual property or geopolitical events affecting the organization.

• Provide continuous updates through detailed reports and briefings for relevant stakeholders.

• Assist in creating and refining departmental manuals, guidelines, and standard operating procedures (SOPs) for incident management, security monitoring, and threat response.

Qualifications and Skills

• A Degree in computer science, information systems, electrical engineering or a closely related degree.

• Minimum 6-7 years of experience in Threat Intelligence.

• Strong knowledge and hands-on experience with Threat Intelligence Platforms (TIPs) such as MISP, ThreatConnect, Anomali, Recorded Future, etc.

• Familiarity with intelligence tradecraft methodologies (collection, analysis, validation, and dissemination of intelligence).

• Proficiency in conducting threat assessments and producing intelligence products tailored to different audiences (executive, technical, operational).

• Good understanding of threat actor profiling, TTPs, and frameworks such as MITRE ATT&CK, Diamond Model, and Kill Chain.

• Experience in working with or integrating feeds from OSINT, commercial, and dark web sources.

• An active, demonstrable interest in cyber security, cyber threat detection and cyber threat intelligence.

• Demonstrable experience analyzing and interpreting threat intelligence indicators, TTPs and threat actors.

• A solid understanding of IT systems and network security concepts.

• A sound knowledge of IT security best practices, common attack types and detection / prevention methods.

• Demonstrable experience of analyzing and interpreting system, security and application logs.

• Knowledge of the type of events that both Firewalls, IDS/IPS and other security related devices produce.

• TCP/IP knowledge, networking and security product experience.

• Possible attack activities, such as scans, man in the middle, sniffing, DoS, DDoS, etc. and possible abnormal activities, such as worms, Trojans, viruses, etc.

• Industry certifications such as GIAC Cyber Threat Intelligence (GCTI), CEH, CISSP, or Security+ are preferred.

• Exclusive focus and vast experience in IT.

• Strong analytical and problem-solving skills.

• A motivated, self-managed, individual who can demonstrate above average analytical skills and work professionally with peers and customers even under pressure.

• Strong written and verbal skills.

• Strong interpersonal skills with the ability to collaborate well with others

  
  Benefits
  

• Health insurance with one of the leading global providers for medical insurance.

• Career progression and growth through challenging projects and work.

• Employee engagement and wellness campaigns activities throughout the year.

• Excellent learning and development opportunities.

• Inclusive and diverse working environment.

• Flexible/Hybrid working environment.

• Annual flight to home country.

• Open door policy.

About Us Help AG is the cybersecurity arm of e& enterprise (formerly Etisalat Digital) and provides leading enterprise businesses across the Middle East with strategic consultancy combined with tailored information security solutions and services that address their diverse requirements, enabling them to evolve securely with a competitive edge.

Present in the Middle East since 2004, Help AG was strategically acquired by e& (formerly Etisalat Group) in 2020, hence creating a cybersecurity and digital transformation powerhouse in the region.

Help AG has firmly established itself as the region's trusted IT security advisor by remaining vendor-agnostic, trustworthy, independent, and maintaining its focus on all aspects of cybersecurity.

With best of breed technologies from industry-leading vendor partners, expertly qualified service delivery teams and a state-of-the-art consulting practice, Help AG delivers unmatched value to its customers by strengthening their cyber defenses and safeguarding their business.

Help AG is looking for a talented and enthusiastic individual to join as a Senior Threat Intelligence Specialist who will analyze, curate, and operationalize threat intelligence to enhance cyber defense strategies. This role focuses on integrating intelligence with security systems, providing actionable insights, and optimizing Threat Intelligence Platforms (TIPs) for maximum efficiency. The specialist will apply advanced expertise to stay ahead of evolving threats, ensuring that intelligence is effectively leveraged to improve organizational security posture. This high-impact position requires both technical acumen and strategic vision to continuously adapt to the dynamic threat landscape

Responsibilities

• Apply intelligence tradecraft techniques to gather, analyze, and disseminate actionable threat intelligence to support cybersecurity operations.

• Operate and manage Threat Intelligence Platforms (TIPs)for ingesting, enriching, and correlating threat data from multiple internal and external sources.

• Conduct detailed threat assessments to evaluate the relevance, credibility, and potential impact of threats on organizational assets and operations.

• Produce timely and well-structured threat intelligence reports for both technical and non-technical stakeholders.

• Collaborate with SOC, IR, and vulnerability management teams to operationalize threat intelligence in detecting and mitigating threats.

• Monitor open-source intelligence (OSINT), dark web, and commercial feeds to identify emerging threats and trends.

• Recommend improvements to threat intelligence workflows and data integration strategies.

• Maintain awareness of evolving threat actor TTPs (tactics, techniques, and procedures) through frameworks like MITRE ATT&CK.

• Monitor and manage threat intelligence artefacts and data hosted on one or more Threat Intelligence Platforms (TIPs).

• Tune and optimize TIPs as necessary, ensuring they remain effective for the detection and analysis of emerging threats.

• Develop and adhere to detailed processes and procedures for analyzing, escalating, and disseminating threat intelligence.

• Correlate threat intelligence using TIPs and other systems, focusing on prioritizing and increasing the relevance of the information to internal clients.

• Oversee the lifecycle of threat intelligence, ensuring it is properly categorized, stored, and updated throughout its lifespan.

• Respond promptly to inbound requests for technical assistance regarding threat intelligence-related queries or tasks.

• Address tickets and cases related to threat intelligence, incidents, and support, ensuring timely resolution within established SLAs.

• Document actions and findings clearly to communicate information effectively within the organization and to external clients.

• Review customer reports to ensure quality, accuracy, and relevance.

• Maintain a high level of awareness of both global and regional threat landscapes, including tracking threat actors, emerging tactics, techniques, and procedures (TTPs).

• Stay updated on geopolitical events and their impact on the security posture of the organization, particularly concerning critical infrastructure and national interests.

• Collaborate with other teams, including threat hunting, Global Security Operations Center (GSOC), and incident response teams, to provide timely and actionable intelligence.

• Participate in internal knowledge-sharing initiatives, including writing technical articles, guidelines, and SOPs for threat intelligence processes.

• Collect and analyze threat intelligence from a variety of sources such as OSINT (Open-Source Intelligence), threat feeds, IOCs (Indicators of Compromise), TTPs, and external advisories.

• Track and monitor relevant threat actors and geopolitical developments, using tools like the dark web and social media channels to gather intelligence.

• Proactively conduct investigations into potential threats, including analyzing incidents related to intellectual property or geopolitical events affecting the organization.

• Provide continuous updates through detailed reports and briefings for relevant stakeholders.

• Assist in creating and refining departmental manuals, guidelines, and standard operating procedures (SOPs) for incident management, security monitoring, and threat response.

Qualifications and Skills

• A Degree in computer science, information systems, electrical engineering or a closely related degree.

• Minimum 6-7 years of experience in Threat Intelligence.

• Strong knowledge and hands-on experience with Threat Intelligence Platforms (TIPs) such as MISP, ThreatConnect, Anomali, Recorded Future, etc.

• Familiarity with intelligence tradecraft methodologies (collection, analysis, validation, and dissemination of intelligence).

• Proficiency in conducting threat assessments and producing intelligence products tailored to different audiences (executive, technical, operational).

• Good understanding of threat actor profiling, TTPs, and frameworks such as MITRE ATT&CK, Diamond Model, and Kill Chain.

• Experience in working with or integrating feeds from OSINT, commercial, and dark web sources.

• An active, demonstrable interest in cyber security, cyber threat detection and cyber threat intelligence.

• Demonstrable experience analyzing and interpreting threat intelligence indicators, TTPs and threat actors.

• A solid understanding of IT systems and network security concepts.

• A sound knowledge of IT security best practices, common attack types and detection / prevention methods.

• Demonstrable experience of analyzing and interpreting system, security and application logs.

• Knowledge of the type of events that both Firewalls, IDS/IPS and other security related devices produce.

• TCP/IP knowledge, networking and security product experience.

• Possible attack activities, such as scans, man in the middle, sniffing, DoS, DDoS, etc. and possible abnormal activities, such as worms, Trojans, viruses, etc.

• Industry certifications such as GIAC Cyber Threat Intelligence (GCTI), CEH, CISSP, or Security+ are preferred.

• Exclusive focus and vast experience in IT.

• Strong analytical and problem-solving skills.

• A motivated, self-managed, individual who can demonstrate above average analytical skills and work professionally with peers and customers even under pressure.

• Strong written and verbal skills.

• Strong interpersonal skills with the ability to collaborate well with others

  
  Benefits
  

• Health insurance with one of the leading global providers for medical insurance.

• Career progression and growth through challenging projects and work.

• Employee engagement and wellness campaigns activities throughout the year.

• Excellent learning and development opportunities.

• Inclusive and diverse working environment.

• Flexible/Hybrid working environment.

• Annual flight to home country.

• Open door policy.

About Us
Help AG is the cybersecurity arm of e& enterprise (formerly Etisalat Digital) and provides leading enterprise businesses across the Middle East with strategic consultancy combined with tailored information security solutions and services that address their diverse requirements, enabling them to evolve securely with a competitive edge.

Present in the Middle East since 2004, Help AG was strategically acquired by e& (formerly Etisalat Group) in 2020, hence creating a cybersecurity and digital transformation powerhouse in the region.

Help AG has firmly established itself as the region's trusted IT security advisor by remaining vendor-agnostic, trustworthy, independent, and maintaining its focus on all aspects of cybersecurity.

With best of breed technologies from industry-leading vendor partners, expertly qualified service delivery teams and a state-of-the-art consulting practice, Help AG delivers unmatched value to its customers by strengthening their cyber defenses and safeguarding their business.

We are seeking a highly skilled and experienced MSS Threat Intelligence Lead who will be responsible for leading the threat intelligence and brand monitoring functions within our Managed Security Services (MSS) offering. This role is critical in providing proactive actionable intelligence to protect client environments and digital assets from emerging cyber threats. The individual will coordinate closely with key stakeholders including SOC teams, MSS Engineering, Service Delivery Managers (SDMs), Incident Response, Legal and Compliance teams to ensure that intelligence operations are aligned with client requirements and overall business objectives.

The role also involves overseeing threat intelligence collection, analysis, and dissemination as well as leading efforts in digital brand protection, threat actor tracking, and the integration of threat intelligence into operational security workflows.

• Develop and drive the threat intelligence vision, roadmap, and operational strategy across MSS services.
  
• Establish processes for proactive threat hunting, intelligence collection, analysis, and dissemination.
  
• Align threat intelligence practices with industry frameworks such as MITRE ATT&CK, NIST, and ISO 27001.
  

• Lead efforts to detect, analyze, and respond to digital threats targeting client brands (e.g., domain spoofing, phishing, impersonation, and social media abuse).
  
• Monitor dark web, surface web, and deep web sources for brand-related threats using threat intelligence and DRP platforms.
  
• Coordinate takedowns and legal escalations for fraudulent domains, fake profiles, and leaked sensitive data.
  

• Identify emerging threats, IOCs, and TTPs targeting key industries and clients.
  
• Analyze intelligence from OSINT, commercial feeds, industry ISACs, and proprietary MSS telemetry.
  
• Correlate threat data with internal incidents and SOC use cases to enhance detection capabilities.
  

• Deliver strategic, operational, and tactical intelligence reports for internal teams and MSS clients.
  
• Create weekly threat landscape updates, actor profiles, sector-specific threat advisories, and executive briefings.
  
• Establish and maintain intelligence dashboards and alerting mechanisms.
  

• Evaluate and optimize threat intelligence and brand protection platforms.
  
• Work with MSS Engineering to automate threat ingestion, enrichment, and correlation within SIEM and SOAR platforms.
  
• Ensure seamless integration of threat intelligence feeds into detection and response workflows.
  

• Identify intelligence gaps, process inefficiencies, and operational risks related to threat intelligence and brand monitoring.
  
• Establish governance for threat intel validation, classification, and dissemination policies.
  

• Support incident response teams with threat context, adversary attribution, and post-incident retrospectives.
  
• Incorporate lessons learned from incidents into threat models and operational procedures.
  
• Continuously improve threat intelligence operations based on client feedback, evolving threats, and internal audits.
  

8 years in threat intelligence, security operations, or digital risk protection with a focus on brand monitoring, threat analysis, and leadership of cyber intelligence functions.
Strong understanding of threat intelligence lifecycle, SIEM, SOAR, dark web monitoring, phishing detection, log analysis, and security frameworks (MITRE ATT&CK, NIST, ISO 27001).

Proven experience managing intelligence-driven initiatives using ITIL, Agile, or PMPaligned methodologies with a track record of cross-functional stakeholder coordination.

Ability to communicate complex threat intelligence concepts clearly to both technical analysts and non-technical executives, including delivering briefings, reports, and threat advisories.

Excellent analytical and investigative skills to identify emerging threats, detect anomalies, and drive proactive mitigation strategies.

Bachelor's degree in computer science, Information Security, or a related field.

Join to apply for the MSS Threat Intelligence Lead role at CyberGate Defense .

We are seeking a highly skilled and experienced MSS Threat Intelligence Lead responsible for leading threat intelligence and brand monitoring within our Managed Security Services (MSS). This role is crucial in providing proactive, actionable intelligence to safeguard client environments and digital assets from emerging cyber threats. The individual will coordinate with stakeholders including SOC teams, MSS Engineering, Service Delivery Managers (SDMs), Incident Response, Legal, and Compliance teams to align intelligence operations with client needs and business goals.

The role involves overseeing threat intelligence collection, analysis, dissemination, and leading efforts in digital brand protection, threat actor tracking, and integrating threat intelligence into security workflows.

Key Responsibilities and Accountabilities :

• Threat Intelligence Strategy & Leadership

Develop and implement threat intelligence vision, roadmap, and operational strategy for MSS services. Establish processes for threat hunting, intelligence collection, analysis, and dissemination. Align practices with industry frameworks like MITRE ATT&CK, NIST, and ISO 27001.

• Digital Brand Monitoring & Protection

Lead detection, analysis, and response to digital threats targeting client brands. Monitor dark web, surface web, and deep web sources for threats using threat intelligence platforms. Coordinate takedowns and legal actions for fraudulent domains, fake profiles, and data leaks.

Identify emerging threats, IOCs, TTPs; analyze intelligence from OSINT, commercial feeds, ISACs, and MSS telemetry. Correlate threat data with internal incidents to improve detection capabilities.

Deliver intelligence reports, including threat landscape updates, actor profiles, and advisories. Create dashboards and alert mechanisms.

• Tooling, Automation & Integration

Evaluate and optimize threat platforms. Work with MSS Engineering to automate threat ingestion and correlation within SIEM and SOAR. Ensure seamless integration of threat feeds into detection workflows.

Identify gaps, inefficiencies, and risks in threat intelligence and brand monitoring. Establish governance policies for validation, classification, and dissemination.

• Post-Incident Intelligence & Continuous Improvement

Support incident response with threat context and attribution. Incorporate lessons learned into operations and continuously improve based on feedback and evolving threats.

Qualifications :

• 8+ years in threat intelligence, security operations, or digital risk protection, with a focus on brand monitoring and leadership.
• Strong understanding of threat intelligence lifecycle, SIEM, SOAR, dark web monitoring, phishing detection, log analysis, and frameworks like MITRE ATT&CK, NIST, ISO 27001.
• Proven experience managing initiatives using ITIL, Agile, or PMP methodologies, with cross-functional stakeholder coordination.
• Excellent communication skills to present complex concepts to technical and non-technical audiences.
• Analytical and investigative skills to identify threats and drive mitigation strategies.

Bachelor’s degree in Computer Science, Information Security, or related field.

• Seniority level : Mid-Senior level
• Employment type : Full-time
• Job function : Information Technology
• Industry : Computer and Network Security

J-18808-Ljbffr

Mss Threat Intelligence Lead • Abu Dhabi, Abu Dhabi Emirate, United Arab Emirates