Threat Intelligence Analyst L2

Langreo, Malaga
- Threat Intelligence Analyst L2
Job DescriptionChoosing Capgemini means choosing a company where you will be empowered to shape your career in the way you’d like, where you’ll be supported and inspired by a collaborative community of colleagues around the world, and where you’ll be able to reimagine what’s possible. Join us and help the world’s leading organizations unlock the value of technology and build a more sustainable, more inclusive world.
No matter what moment of life we are in, **we are DIVERSE** in age, gender, nationality, familywe have been **certified in Diversity and as an ETHICAL company** more than 9 years in a rowIt doesn't matter if you are living your growth stage in life, **LEARNING** and TRAINING at all hours or if you need to consolidate yourself and appreciate FLEXIBILITY, **CONCILIATION** and tax and social BENEFITS to combine your personal and professional life.**What really matters is that you can feel that you are WHERE YOU SHOULD BE to get the future you want.**

What will you do in the project?**THREAT INTELLIGENCE ANALYST L2**

A hybrid profile between Threat Hunting and Threat Intelligence Analyst with over 12 months of experience in cybersecurity operations, specializing in proactively looking for signs of attackers inside an organization’s environment—before alerts, incidents, or damage occur. Unlike traditional security roles that react to alarms, threat hunters assume compromise and actively search for hidden or stealthy threats.

A Threat Hunting Analyst must focus on searching for malicious behaviour that automated tools may miss, using human intuition, context, and hypotheses rather than waiting for alerts, in order to find advanced, persistent, and stealthy attackers

Adept at monitoring the evolving threat landscape and identifying potential risks to the organization by leveraging a variety of open-source intelligence (OSINT) tools, proprietary threat intelligence platforms (TIPs), and commercial feeds. This role must provide deep insights into identifying Indicators of Compromise (IoCs), analysing adversary tactics, techniques, and procedures (TTPs), and working in close collaboration with Security Operations Centres (SOC) and Incident Response teams to ensure timely detection and response to potential threats.

**Key responsibilities**
- Proactively conduct threat hunts to identify malicious activity that bypassed automated detections, reducing attacker dwell time
- Develop hypothesis-driven hunts based on adversary tactics, techniques, and procedures (TTPs) using the MITRE ATT&CK framework. Analyse endpoint, network, authentication, and log telemetry to detect indicators of compromise (IOCs) and anomalous behaviour
- Investigate suspicious activity involving credential misuse, lateral movement, persistence mechanisms, and living-off-the-land techniques. Correlate data across SIEM, EDR/XDR, and network security tools to validate potential threats and scope impact
- Leverage threat intelligence reports and internal telemetry to identify emerging attacker behaviours relevant to the environment
- Threat Intelligence Gathering & Analysis: Collect, evaluate, and analyse cyber threat data from various sources, including open-source, commercial, and internal threat feeds.
Job Description - Grade SpecificCapgemini is a global leader in partnering with companies to transform and manage their business by harnessing the power of technology. The Group is guided everyday by its purpose of unleashing human energy through technology for an inclusive and sustainable future. It is a responsible and diverse organization of over 360,000 team members in more than 50 countries. With its strong 55-year heritage and deep industry expertise, Capgemini is trusted by its clients to address the entire breadth of their business needs, from strategy and design to operations, fuelled by the fast evolving and innovative world of cloud, data, AI, connectivity, software, digital engineering and platforms. The Group reported in 2022 global revenues of €22 billion. Ref. code- 393586-es_ES- Posted on- 19 Jan 2026- Experience level- Profesionales con experiência- Contract type- Permanente- Location- Langreo, Malaga- Business unit- Cloud Infrastructure Services- Brand- Capgemini- Professional communities- Cybersecurity