Cyber Threat Intelligence Analyst
CyberThreatIntelligenceAnalyst-SDS
Neural analysis suggests this role is
optimal for Senior candidates.
“Cyber Threat Intelligence Analyst - SDS at Cyber Threat Intelligence Analyst. Skills: Cyber Threat Intelligence, malware analysis, TTPs, IOCs, Cyber Kill Chain, Diamond Model, Threat Intelligence Platform, Python, technical reporting, threat modelling frameworks. Perform static and dynamic malware analysis, extracting TTPs and IOCs for distribution to other teams. Extract TTPs from both redacted sources and RAW files”
What You'll Achieve.
help more people and businesses prosper; contribute to the Group's strategy by making possible the operations of Santander's different businesses, by contributing to optimization, growth, and value in addition to reducing risk and improving efficiency; help Santander to become the best open platform for financial services; drive the evolution of the Cyber Threat Intelligence function to anticipate, contextualise and communicate emerging threats to the organisation; transform intelligence into strategic foresight, ensuring the company remains resilient, informed and prepared in the face of a constantly changing threat landscape; supports proactive risk management, incident response and strategic decision-making; provides actionable intelligence to executive leadership, cyber defence, fraud and other key stakeholders across the organisation; integrates multiple intelligence disciplines (strategic, operational and technical) to deliver timely insights, enable prioritization and enhance resilience
Industry & Context.
Ability to distil complex and ambiguous information into clear, evidence-based assessments that drive decisions
Participate in on-call shifts and interventions
What They're Looking For.
Must Have
5 years of experience in cyber intelligence or a related field, Technical knowledge, experience in fraud or other related fields, Ability to track, profile and assess adversary groups, campaigns and TTPs using structured analytic techniques, Experience creating finished intelligence across strategic, operational and tactical levels, Familiarity with threat modelling frameworks (MITRE ATT&CK, Killchain, Diamond Model) and experience applying them in analytical frameworks, Hands-on experience with intelligence platforms and tooling, Understanding of network defence technologies (EDR, SIEM, firewalls, proxies), English, Spanish
Nice to Have
Certifications in fraud prevention skills or tools, Certifications in data analytics, Certifications in cybersecurity, Capability to interpret malware reports, C2 infrastructure and IOCs at a contextual level, Scripting and automation, familiarity with Python or automation of intelligence flows
What You'll Do.
Perform static and dynamic malware analysis
extracting TTPs and IOCs for distribution to other teams
Extract TTPs from both redacted sources and RAW files
Analyze campaigns using the Cyber Kill Chain and Diamond Model
Enrich our Threat Intelligence Platform with IOCs
and rich object relations
Develop scripts for automating your daily tasks
Write technical reports that can be used by other teams
Provide context and actionable intelligence in support to cybersecurity incidents
How You'll Work.
Team & Collaboration
Building relationships with incident response, SOC, risk and executive functions; Present and deliver reports to technical and executive teams; Provide context and actionable intelligence in support to cybersecurity incidents
Communication Scope
Write technical reports; Present and deliver reports to technical and executive teams; Capable of delivering concise, compelling narratives tailored to diverse from technical teams to senior leadership
Full Job Description
Cyber Threat Intelligence Analyst - SDS Country: Spain **IT STARTS HERE** Santander ([www.santander.com](http://www.santander.com/)) is evolving from **a global, high-impact brand** into a **technology-driven organization** , and our people are at the heart of this journey. **Together** , we are driving a **customer-centric transformation** that values bold **thinking, innovation** , and the **courage to challenge** what’s possible. This is more than a strategic shift. **It’s a chance for driven professionals to grow, learn, and make a real difference**. Our mission is to contribute to help more **people and businesses prosper**. We embrace a strong risk culture and all our professionals at all levels are expected to take a proactive and responsible approach toward risk management. **Santander Digital Services** is the team of technology and operations at Santander. We are convinced of the importance of technology that is aligned with the requirements of the business and that out work not only brings value to users, people and communities but also fosters individual creativity. Our team of over 7,000 people in 8 countries (Spain, Portugal, Poland, UK, USA, Mexico, Chile and Brazil) develops and/or implements financial solutions across a broad spectrum of technologies (including Blockchain, Big Data and Angular among others) on all kinds of on-premise and cloud-based platforms. **THE DIFFERENCE YOU MAKE** **Santander Digital Services** is looking for a **Cyber Threat Intelligence Analyst** based in our Boadilla office. The mission of the Santander Group's Technology and Operations Division is to contribute to the Group's strategy by making possible the operations of Santander's different businesses, by contributing to optimization, growth, and value creation; in addition to reducing risk and improving efficiency. Therefore, we help Santander to become the best open platform for financial services. The CTI Senior Analyst will help drive the evolution of the Cyber Thre
Applying for this Cyber Threat Intelligence Analyst - SDS role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Workday
- Workday has a multi-step form — save your progress after every section.
- "Apply With LinkedIn" can fail or lose data; manual entry is more reliable.
- Watch for the "Submit for Review" final step — hitting "Save" alone does not submit.
- Job requisition numbers are useful when following up with HR by email.
ANONYMOUS · UNFILTERED
What do employees actually say about Cyber Threat Intelligence Analyst?
Real rants from real employees. Read before you apply.