Protecting one billion people from cyber threats? If you find this proposition more exciting than scary, come on board and grow with us.
Whalebone is a global company working on user-centric cybersecurity products for telcos, ISPs, enterprises, public institutions, and governments that provide millions of everyday internet users unyielding protection from malware, phishing schemes, ransomware, and other malicious digital attacks without the need for them to download anything. Whalebone is headquartered in Brno, Czech Republic.
At this point, Whalebone has 400+ customers in telecommunications and corporate sectors (A1, O2 Telefonica, Tele2, Panasonic, Bauhaus, and many others) around the globe. With over 140 team members of multiple nationalities, Whalebone ranked 22nd in Deloitte’s list of fastest-growing companies in Central Europe.
We create cybersecurity products that people can actually use. We protect them against viruses and fraud on the network so that the users do not have to handle anything.
Thanks to this approach, we already protect tens of millions of people worldwide. Become a significant part of an important and ambitious project as a Threat Intelligence Specialist.
Our Tech Stack
The Threat Intelligence team, for data analysis and machine learning use cases, primarily relies on the following tools, frameworks and technologies (among others):
- Python as the primary programming language
- Elasticsearch and ClickHouse for data storage and analysis
- Kafka, Redis, and RabbitMQ for event streaming, caching, and message queuing
- IntelMQ for collecting, processing, and sharing security threat intelligence
- Diverse inputs or comprehensive threat intelligence analysis including OSINT, threat feeds, regulatory sources, and internal data
Apply now and help us protect the online world around us!
Responsibilities
- Maintain situational awareness of global cybersecurity trends, emerging malware, and nation-state or cybercriminal activities to be able to assess impact on our customers
- Monitor, identify, and analyze online threats using open-source intelligence (OSINT), commercial threat feeds, internal telemetry, and collaboration with our vendors
- Develop tooling for automated intelligence collection and enrichment processes
- Sharing the intelligence with the team internally, but also publicly via blog posts, threat intelligence reports, threat indicators, briefings, and optionally conference speeches
Requirements
- Security analyst or threat intelligence background
- Analytical mindset
- Knowledge of common adversary techniques and overview of current threats
- Proficiency in Python (or similar object-oriented language) for scripting and data analysis
- Understanding of object-oriented programming and design patterns
- Proficiency in threat intelligence tools and platforms (e.g., VirusTotal, urlscan, MISP, etc.)
- Experience with OSINT, ability to proactively pivot on given or found indicators
- Experience with working with SQL and NoSQL databases
- Proficiency in using version control systems (Git) and CI/CD tools
Nice to Have
- Computer networking knowledge especially related to DNS
- Experience with Machine/Deep learning
- Understanding of data science fundamentals and statistical evaluation tools.
- Understanding of network security, malware analysis and incident response
- Ability to track and profile threat actors, campaigns, tactics, techniques, and procedures (TTPs) using frameworks such as MITRE ATT&CK
- Hands-on experience with container based orchestration like Docker and K8s
Why to work with us?
- Meaningful job - protecting everyday people against malware and hackers all around the globe.
- Rewarding financial package, including the possibility to choose ESOP as a benefit and a motivating flexible part of the remuneration reflecting long term results.
- Flexible working hours and possibility of HO, 20+5 vacation days
- Equipment of choice - use the budget and chose what is best for you
- Terrace - beautiful view and available for private parties
- Regular events & teambuildings - grill, enjoy pub quiz or have a breakfast with us
- You will be supported to learn, grow and gain new experiences with us!
- Your opinion will matter to us - discuss your ideas and feedback directly with the CEO or CTO if you feel like they should hear them.
Position details
- Team: Threat Intelligence
- Work setup: Hybrid, Remote (up to discussion)
- Location: Jezuitská 14/13, Brno, Czech Republic
- Job type: Full-time
