Overview
NVISO is here to protect European society from potentially devastating cyber attacks. We offer cyber security services to private and governmental organizations to help them better prepare for, prevent, detect and respond to cyber security incidents. Our values are: Proud, We Break Barriers, We Care and No BS.
Your role
Principal Threat Intelligence Consultant (m/w/d) is responsible for executing complex threat intelligence engagements and projects with a high degree of autonomy. You will independently deliver work under the direction of clients or the NVISO Threat Intelligence Manager, while acting as a trusted senior advisor to clients.
You will manage stakeholder relationships, lead discussions with technical and executive audiences, ensure delivery of high-quality threat intelligence services, and support junior team members to contribute to the professional growth of the Threat Intelligence team.
The role spans strategic, operational and tactical intelligence, capability building, threat landscapes and intelligence-driven incident response support. TIBER-EU and TLPT-style assessments are important parts of the role.
Your responsibilities
* Execute threat intelligence engagements and project-related tasks independently, based on guidance from the Threat Intelligence Manager.
* Act as engagement lead or primary analyst on advanced TI engagements, including TIBER-EU, TLPT, and other intelligence-led security assessments.
* Manage stakeholder relationships throughout engagements, serving as the primary threat intelligence point of contact for clients, regulators, and internal teams.
* Coach and mentor junior threat intelligence analysts, providing technical guidance, reviewing deliverables, and supporting their professional development.
* Produce and deliver threat landscape reports (generic and targeted), capability maturity assessments, strategic intelligence briefings, and threat actor analysis tailored to client sectors and risk profiles.
* Conduct dark web monitoring assessments, identifying exposed credentials, leaked data and other digital risks beyond conventional security perimeters.
* Provide threat intelligence support during incident response engagements, including threat actor attribution, TTP analysis, and intelligence-driven containment and remediation recommendations.
* Deliver threat-based briefings and security awareness sessions for managerial and technical audiences, leveraging NVISO's incident response and threat intelligence experience.
* Drive continuous improvement of NVISO's threat intelligence processes, methodologies and service offerings, ensuring alignment with regulatory requirements and industry best practices.
* Support the Threat Intelligence Manager with service strategy definition, business development activities and proposals/client engagement planning.
* Maintain current knowledge of threat landscapes across key sectors, including TTPs of advanced persistent threat actors, emerging attack techniques, and evolving regulatory requirements.
* Support cross-functional collaboration with NVISO's incident response, red team and SOC teams to provide integrated threat intelligence services.
Requirements
* You hold citizenship in one of the 32 NATO member states.
* 5+ years of experience in Cyber Security and at least 3+ years in cyber threat intelligence, including production of intelligence assessments, threat reporting, and client-facing delivery.
* Demonstrated experience delivering threat intelligence for TIBER-EU and/or TLPT assessments within the financial services sector.
* Strong understanding of threat landscapes across financial services, technology, and critical infrastructure sectors, including relevant threat actors, attack patterns, and regulatory requirements.
* Proven experience establishing or improving threat intelligence capabilities, processes, and programs within organizations.
* Strong analytical and research skills, with proficiency in intelligence collection from open-source, dark web, and commercial threat intelligence platforms.
* Expertise in threat actor profiling, TTP analysis, and mapping to frameworks such as MITRE ATT&CK, Kill Chain and Diamond model.
* Experience supporting incident response activities with threat intelligence, including threat actor attribution and intelligence-driven recommendations.
* Proven ability to produce high-quality written intelligence products for technical and executive audiences.
* Strong stakeholder management and coaching skills, with experience presenting to senior executives, regulators, and technical teams, and mentoring junior analysts.
* Self-starter who takes ownership of deliverables and can work independently to execute complex projects under customer or manager direction.
* Language: German and English at C1+ proficiency for client-facing work across DACH.
Your availability
* Standard business hours with occasional flexibility required during active client engagements and incident response support.
Travel
* Some limited travel within DE/AT/CH (~10%) for onsite engagements, workshops, and stakeholder meetings.
Benefits
NVISO offers a highly competitive remuneration package with financial and non-financial components:
* Access to a team of leading cyber security professionals and opportunities for deep technical certifications (e.g., GSE, GXPN, GREM, GCFA, OSCP).
* Entrepreneurial and agile environment that supports new initiatives while providing a fun culture.
* Regular team-building and fun events.
* Personal coaching within the team to support well-being and career growth.
* Training budget of 10,000 EUR plus 10 days paid time off rolling over two years.
* Annual gross base salary between 91,000 EUR and 118,000 EUR, depending on experience.
* Flexible working hours and home office possibilities (including working abroad within the EU).
* Reimbursement of Deutschlandticket and BahnCard 50 1st Class, plus options for a Company Bike Leasing.
* Company Pension Scheme and 30 holidays per year.
Disclaimer on the Use of AI Tools in the Application Process
Please note that the use of AI-powered tools to create and submit application documents is limited. Applications should authentically reflect your qualifications, personality and motivation. AI can be used for spell-checking or improving wording, but fully generated documents without personal adaptation are not permitted. Do not upload NVISO information to external AI tools. We may exclude applications that are clearly AI-generated with no recognizable personal input.
#J-18808-Ljbffr