Cyber Threat Intelligence (CTI) Specialist

JOB TITLE: Cyber Threat Intelligence (CTI) Specialist

LOCATION: Qatar / Remote | TYPE: Contract / Full-time | LEVELS: 3–5 yrs / 5–10 yrs / 10–20 yrs

ABOUT THE ROLE

We are recruiting a Cyber Threat Intelligence Specialist to provide a government client in Qatar with timely, contextualized intelligence on threats relevant to their environment. You will function as the primary point for strategic, operational, and tactical threat intelligence — supporting SOC, Incident Response, and leadership with actionable intelligence products and driving threat-informed defence.

KEY RESPONSIBILITIES

- Collect and correlate threat data from internal telemetry, OSINT, commercial feeds, and community/government sources.

- Analyze threat actors, campaigns, malware, and TTPs, mapping them to MITRE ATT&CK and to client assets and use cases.

- Produce intelligence reports, alerts, and advisories including IOCs, recommended countermeasures, and risk context.

- Enrich SOC detections and SIEM/EDR rules with contextual intelligence to improve detection fidelity and prioritization.

- Collaborate with Incident Response to provide adversary profiles, pivot points, and hypotheses during active investigations.

- Lead or support threat-hunting exercises using intelligence-driven hypotheses to proactively search for unknown compromises.

- Maintain an intelligence knowledge base tracking trends, historical incidents, and lessons learned.

REQUIRED EXPERIENCE

- 3–20 years of experience in threat intelligence, threat hunting, or security operations.

- Deep knowledge of MITRE ATT&CK, threat actor TTPs, and intelligence lifecycle management.

- Hands-on experience with OSINT tools and techniques for adversary research.

- Experience with SIEM platforms, threat intelligence platforms (TIPs), and IOC management.

- Ability to produce both technical and strategic intelligence reports for varied audiences.

- Experience analyzing malware, phishing campaigns, and nation-state or APT group activity.

- Familiarity with threat-sharing frameworks: STIX/TAXII, MISP, or equivalent.

- Government or critical infrastructure sector experience is a strong advantage.

PREFERRED CERTIFICATIONS

Candidates holding two or more of the following certifications will be viewed very favourably:

- GCTI (GIAC Cyber Threat Intelligence) - the most directly relevant cert for this role

- CTIA (Certified Threat Intelligence Analyst, EC-Council) - strongly preferred

- GOSI (GIAC Open Source Intelligence) - valued for OSINT-heavy work

- CISSP - valued for senior-level candidates (Level 1)

- CISM - valued for senior candidates bridging intelligence and governance

- CompTIA Security+ - good baseline for Level 3 candidates entering CTI from SOC

WHAT WE OFFER

- Engagement supporting a high-profile government client in Qatar.

- Multiple experience levels considered: junior (3–5 yrs), mid (5–10 yrs), and senior (10–20 yrs).

- Competitive contract rate aligned with experience level.

- Opportunity to work on national-scale threat intelligence programmes.

Job Type: Full-time

Application Question(s):

• How soon can you join if selected?

Work Location: Remote