As a Principal Threat Intelligence Consultant, you will lead high-impact engagements focused on identifying, analyzing, and mitigating advanced cyber threats. You will serve as the primary technical advisor during intelligence-led assessments, including TIBER-EU and TLPT programs, delivering strategic insights to clients in regulated industries such as financial services and critical infrastructure.
Key Responsibilities
- Lead end-to-end threat intelligence projects, from planning to delivery, ensuring alignment with client objectives and regulatory standards.
- Develop and present tailored intelligence reports, including threat actor profiles, TTP analysis, and sector-specific risk assessments using frameworks such as MITRE ATT&CK, Kill Chain, and Diamond Model.
- Conduct dark web monitoring to detect exposed credentials, leaked data, and emerging digital threats beyond traditional network boundaries.
- Support incident response efforts by providing real-time intelligence, attribution analysis, and actionable recommendations for containment and remediation.
- Mentor junior analysts through technical guidance, peer review, and career development support, fostering a culture of continuous learning.
- Act as the main point of contact for clients and stakeholders, managing communication throughout engagements and delivering briefings to both technical and executive audiences.
- Collaborate with internal red team, SOC, and incident response teams to integrate threat intelligence into broader security operations.
- Contribute to the evolution of service offerings by refining methodologies, enhancing tooling, and supporting business development through proposal writing and client planning.
- Maintain deep expertise in evolving threat landscapes, adversary behaviors, and regulatory developments affecting key sectors.
Qualifications
- Citizenship in one of the 32 NATO member states or Austria is required.
- Minimum of 5 years in cybersecurity, with at least 3 years specializing in threat intelligence production and client delivery.
- Proven experience in conducting intelligence assessments for financial institutions under TIBER-EU or TLPT frameworks.
- Strong analytical capabilities with proficiency in open-source intelligence (OSINT), dark web research, and commercial threat intelligence platforms.
- Expertise in mapping adversary tactics to MITRE ATT&CK and other behavioral models.
- Experience supporting incident response with intelligence-driven insights, including attribution and TTP analysis.
- Excellent written and verbal communication skills in both German and English (C1+ level), with the ability to tailor messaging to technical teams and senior leadership.
- Demonstrated ability to lead projects independently, manage stakeholder expectations, and coach emerging talent.
Work Environment
This is a hybrid role based in Austria, with flexibility to work remotely and occasional travel within the DACH region. Working hours follow standard business schedules, though some adjustment may be needed during active incidents or client engagements. Employees have the option to work from abroad for limited periods.
Professional Development & Benefits
- 10,000 EUR training budget and 10 dedicated training days every two years
- Opportunities to pursue advanced certifications such as GSE, GXPN, GREM, GCFA, and OSCP
- Access to SANS-certified instructors and regular knowledge-sharing sessions
- Support for speaking engagements at international cybersecurity conferences
- Personal coaching focused on career growth and well-being
- Flexible working hours and home office options
- Business bike leasing and Klimaticket Ö for sustainable commuting
- 30 days of annual leave and a modern office in central Vienna
- Regular team events that promote collaboration and morale
Compensation
Annual salary between 59,000 EUR and 70,000 EUR, with a competitive total compensation package that includes financial and non-financial benefits.
Company Values
The organization values integrity, innovation, and inclusivity. Team members are expected to demonstrate authenticity in their work. While AI tools may assist in refining documents, fully generated content without personal input is not accepted. Protecting internal data is strictly enforced—no company information may be shared with external AI platforms.
