Job Description

At foodpanda we're on a mission to redefine how tech, food, people and culture are connected operating in 12 countries worldwide. Our team is working on big challenges and complex scalability problems as we grow 6X annually processing millions of orders a year. You'll be part of a highly collaborative cross-functional agile squad that always includes frontend and backend engineers, design and product owners. Our squads operate in an open and fast-paced environment with very flat structures where everyone has a say.

We work on a large scale, complex systems where you can reach users on a global scale whilst enjoying a high level of autonomy and influence and a flexible working environment. Here you can learn, thrive and become a better engineer.

Senior Cyber Threat Intelligence Engineer

We are looking for a Cyber Threat Intelligence Engineer (f/m/d) to join our team and reinvent on-demand delivery with us.

This position will be accountable for proactively monitoring threat intelligence feeds and hunting for threat actor's existence in networks before a data breach or other damage is caused. This position will involve providing advanced threat detection and response capabilities through the utilization of real-time threat intelligence, threat research, automation, and innovation. You will play a key role in SOAR & EDR capabilities to improve threat hunting capabilities.

Your Mission:

• Proactively monitoring threat intelligence feeds and hunting for threat actor's existence in Delivery Hero networks before a data breach or other damage is caused.
• Reviewing open source, third-party, and proprietary threat intelligence information and enrich it with contextual analysis that will result in actionable threat intelligence.
• Develop and administer SOC controls, processes, procedures, and policies, and review their application against the Delivery Hero environment to ensure their effectiveness and efficiency.
• Support SOC long-term strategy and planning, including driving initiatives geared toward operational excellence, such as driving automation and efficiencies through tools integration and enablement.
• Support a team in collaboration with other departments and regions, specially SOC Analysts, to complement Security Operations Center (SOC) efficiency and efficacy.

• Bachelor's or Master's degree in Cyber Security, Information Technology, Computer Science, or related field.
• Five or more years of relevant work experience in Cyber Security, including minimum three years of threat intelligence or hunting experience.
• Hands-on experience with Cyber Threat Intelligence Platform (e.g., ThreatQuotient, AlienVault OTX, ThreatConnect, etc.) or Threat Intelligence Analytics tools (e.g., Maltego, MITRE CRITs).
• Hands-on experience producing high-quality all-source analysis to complement the outputs of the SOC Analysts and working collaboratively as part of a mixed-discipline team.
• Understanding of key principles of technical Threat Intelligence Analysis and familiarity with the application of threat modeling techniques, such as the Diamond model, Kill Chain, MITRE ATT&CK, etc.
• A strong knowledge of the current threat landscape, including knowledge of related regional geopolitics/wider security landscape.
• Experience working in or with Security Operations Center, Vulnerability Management, Threat Hunting, or other Cyber Security focused teams.

• Experience within a managed security services (MSSP) environment working with big or medium size customers in their threat intelligence transformation journey.
• Experience working with SOAR tools and threat intelligence playbook development & integration.
• Experience working with various Cloud platforms, such as AWS, GCP or Azure.
• Certifications such as CISSP, SANS 578 (GCTI), CREST Certified Practitioner/Registered Threat Intelligence Analyst, or similar.