Senior Threat Intelligence Specialist

Help AG is looking for a Senior Threat Intelligence Specialist who will be responsible for the day to day operations of our cyber threat intelligence and digital risk protection team. The Specialist will ensure delivery of all CTI and DRP services as per our contractual obligation to our customers. The Specialist will also bring new ideas for service enhancements and new service developments. This role is vital to the success of Help AG’s MSS services and to providing exceptional CTI and DRP services to our customers.

Responsibilities:

• Conduct strategic cyber‑threat analysis by monitoring global threat actors, TTPs, and emerging technologies to assess risks and produce intelligence-driven recommendations for senior leadership.
• Evaluate geopolitical trends and regional developments to identify potential impacts on organizational security, operational resilience, and long‑term strategic planning.
• Develop intelligence reports, threat forecasts, and executive briefings that synthesize cyber, geopolitical, and economic indicators into clear, actionable insights for decision‑makers.
• Collaborate with internal security, risk, and incident response teams to contextualize threats, support risk assessments, and inform proactive defensive strategies.
• Lead strategic horizon scanning and scenario planning exercises to anticipate shifts in the global threat landscape, enabling the organization to prepare for emerging cyber and geopolitical risks.
• Ensure quality service delivery of all CTI and DRP services.
• Conduct phishing attack investigations and provide TTP-based attribution reports
• Monitor social media, forums, and the dark web for indicators of targeted threats or brand impersonation
• Collaborate with internal security and fraud teams to recommend threat mitigation strategies
• Utilize Digital Risk Protection (DRP) platforms to detect external threats such as impersonation, domain spoofing, and data leakage
• Produce threat reports with actionable intelligence, including IoCs and strategic recommendations
• Stay up-to-date with evolving threat actor groups, phishing kits, and darknet marketplaces
• Create Threat advisories.
• Manage Threat Intelligence Platform (MISP) and service.
• Manage Digital Risk Protection Service.
• Manage takedown service.
• Create SOPs for existing and new services.
• Enhance existing services.
• Propose and create new services.
• Create and manage service reports.
• Participate in client meetings.
• Manage service escalations.
• Problem management of CTI and DRP services
  
  
  

Qualifications & Skills:

• Qualifications: Bachelor / Masters Degree in Computer Science, Cybersecurity, Information Systems, or a closely related degree;
• An active, demonstrable interest in Cyber Security, Cyber Threat Detection, and Cyber Threat Intelligence
• Hands-on experience in anti-phishing and impersonation attack analysis
• Strong OSINT/SOCMINT skills (e.g., using Maltego, SpiderFoot, ShadowDragon, etc.)
• Familiarity with dark web forums, marketplaces, and Tor-based threat research
• Understanding of digital risk protection technologies (e.g., ZeroFox, Constella, Digital Shadows, etc.)
• Working knowledge of cyber threat intelligence frameworks (e.g., MITRE ATT&CK, Diamond Model)
• Solid analytical writing and geopolitical awarenes
• Demonstrable experience analyzing and interpreting threat intelligence indicators, TTPs, and threat actors
• A solid understanding of IT systems and network security concepts
• Sound knowledge of IT security best practices, common attack types, and detection/prevention methods.
• Demonstrable experience in analyzing and interpreting system, security, and application logs
• Knowledge of the type of events that both Firewalls, IDS/IPS, and other security-related devices produce
• Experience in using SIEM tools such as Splunk, ArcSight, LogRythm, Qradar, NitroSecurity, etc.
• TCP/IP knowledge, networking, and security product experience
• Possible attack activities, such as scans, man-in-the-middle, sniffing, DoS, DDoS, etc., and possible abnormal activities, such as worms, Trojans, viruses, etc.
• CCNA, CISSP, GCIA, GCIH, and CEH certifications would be preferable.
• Outstanding Organizational Skills.
• Exclusive focus and vast experience in IT.
• Strong analytical and problem-solving skills.
• Ability to interface with, and influence, Pre-Sales and Sales teams, to achieve agreed business outcomes.
• Flexible work approach, based on the job requirements.
  
  
  

Benefits:

• Health insurance with one of the leading global providers for medical insurance.
• Career progression and growth through challenging projects and work.
• Employee engagement and wellness campaigns activities throughout the year.
• Excellent learning and development opportunities.
• Annual flights tickets.
• Inclusive and diverse working environment.
• Flexible/Hybrid working environment.
• Open door policy.
  
  
  

About Us:

Help AG is the cybersecurity arm of e& enterprise (formerly Etisalat Digital) and provides leading enterprise businesses across the Middle East with strategic consultancy combined with tailored information security solutions and services that address their diverse requirements, enabling them to evolve securely with a competitive edge.Present in the Middle East since 2004, Help AG was strategically acquired by e& (formerly Etisalat Group) in 2020, hence creating a cybersecurity and digital transformation powerhouse in the region.

Help AG has firmly established itself as the regions trusted IT security advisor by remaining vendor-agnostic, trustworthy, independent, and maintaining its focus on all aspects of cybersecurity. With best of breed technologies from industry-leading vendor partners, expertly qualified service delivery teams and a state-of-the-art consulting practice, Help AG delivers unmatched value to its customers by strengthening their cyber defenses and safeguarding their business.

---