Intelligence Analyst

Join us and help the world’s leading organizations unlock the value of technology and build a more sustainable, more inclusive world. No matter what moment of life we are in, w e are DIVERSE in age, gender, nationality, family… we have been c ertified in Diversity and as an ETHICAL company more than 9 years in a rowt doesn't matter if you are living your growth stage in life, L EARNING and TRAINING at all hours or if you need to consolidate yourself and appreciate FLEXIBILITY, C ONCILIATION and tax and social BENEFITS to combine your personal and professional life. W hat will you do in the project? Threat Intelligence Analyst L2 We are looking for a system admin engineer, with skills in: A hybrid profile between Threat Hunting and Threat Intelligence Analyst with over 12 months of experience in cybersecurity operations, specializing in proactively looking for signs of attackers inside an organization’s environment—before alerts, incidents, or damage occur. Unlike traditional security roles that react to alarms, threat hunters assume compromise and actively search for hidden or stealthy threats. Adept at monitoring the evolving threat landscape and identifying potential risks to the organization by leveraging a variety of open-source intelligence (OSINT) tools, proprietary threat intelligence platforms (TIPs), and commercial feeds. Analyse endpoint, network, authentication, and log telemetry to detect indicators of compromise (IOCs) and anomalous behaviour Correlate data across SIEM, EDR/XDR, and network security tools to validate potential threats and scope impact Threat Intelligence Gathering & Analysis: Collect, evaluate, and analyse cyber threat data from various sources, including open-source, commercial, and internal threat feeds. Tactical Threat Analysis: Identify patterns and trends in threat data to predict future attack vectors and recommend security improvements to the organization. ThreatConnect, Anomali, Recorded Future) to optimize data collection and analysis. Support incident investigations by providing root cause analysis and attacker activity reconstruction Tune existing security detections to reduce false positives and improve signal quality Windows, Linux, and macOS internals Networking fundamentals Splunk, QRadar) for correlating threat data with security events. Malware Analysis & Reverse Engineering: Basic understanding of malware analysis techniques, including static and dynamic analysis to identify IoCs. Threat Research & Open-Source Intelligence (OSINT): Proficiency in gathering intelligence from open-source platforms, dark web, and various threat feeds. Network & Endpoint Forensics: Basic experience with network traffic analysis and endpoint detection tools to correlate intelligence with ongoing attacks. Understanding of IoCs & TTPs: Ability to identify, report, and use IoCs and TTPs within broader threat analysis We are looking for someone with high skills in scripting as well, very motivated and with a good level of English (at least a B2 spoken level) Shift & On calls. Availability to work on-call, on holidays and ousite of business hours At Capgemini we have a wide range of training, face-to-face, online Certifications, etc. Capgemini is a global leader in partnering with companies to transform and manage their business by harnessing the power of technology. With its strong 55-year heritage and deep industry expertise, Capgemini is trusted by its clients to address the entire breadth of their business needs, from strategy and design to operations, fuelled by the fast evolving and innovative world of cloud, data, AI, connectivity, software, digital engineering and platforms. The Group reported in 2022 global revenues of €22 billion.