Threat Intelligence Specialist / Cybersecurity Operations

Job Description

Do you want to help create the future of healthcare? Siemens Healthineers is a place for people who dedicate their energy and passion to this greater cause. It reflects their pioneering spirit combined with our long history of engineering in the ever-evolving healthcare industry.

We offer you a flexible and dynamic environment where you have the space to stretch beyond your comfort zone in order to grow personally and professionally. Sound interesting?

Then come in and join our team as Threat Intelligence Specialist!

The Threat Intelligence Specialist has technical and coordination responsibilities for cyber intelligence management at Siemens Healthineers. In this function you will provide intelligence to assist in decision making and actively thwart emergent and current threats targeting Healthineers by developing processes and procedures on the identification, analysis, processing, and distribution of finished intelligence.

You will collaborate with Incident Response specialists, translating intelligence data into actionable intelligence to appropriately prioritize response activities.

Tasks and Responsibilities 

The position will bring a mix of the following tasks and responsibilities:

§  Organize, analyze, and refine information about the emerging cyber security threats. From state-sponsored cyber criminals to organized hackers to other cyber espionage actors.

§  Threat Intelligence feeds analysis. Helping in the proactive identification of entity threats or risk vectors.

§  Conduct analysis of known and emerging cybersecurity threats.§  Performing detailed analysis to identify novel tactics, techniques, and procedures (TTPs) being used by attackers that potentially target our business or customers.

§  Research on the latest trends in malware and advanced attacks. Identify new ways that cloud apps are being abused by attackers.

§  Determine the significance and reliability of incoming information and recognize effective threats by performing relevant research and data analysis using both internal and external tools and resources.

§  Establish and maintain systematic, cross-referenced intelligence records.

§  Ensure relevant information and events are being generated, captured, and delivered to acting teams in a timely manner.

§  Produce and manage IoCs and feed them to remediation teams for action.

§  Create Threat Intelligence reporting procedures.

§  Monitor Healthineers’ public exposure to detect signs of sensitive disclosure, exposed credentials, and hacker group activity targeted against Healthineers.

§  Provide intelligence briefings to Cybersecurity colleagues and to other Security and IT areas.


Knowledge of relevant technological aspects for this position. The ideal candidate should bring a mix of expertise in (a subset of) the following areas:  

§  Understanding of technical and human aspects of cyber threats and security.

§  Strong analytical skills with the ability to collect, organize, analyze, and disseminate significant amounts of information with attention to detail and accuracy.

§  Significant experience conducting intelligence analysis, including social network analysis, targeting, technical analysis, attribution etc.

§  Knowledge of cyber threats and vulnerabilities: how to properly identify, triage, and remediate threats based on threat intelligence as well as on analysis of security events, log data and network traffic.

§  Deep and current knowledge of social network monitoring (SOCMINT) and Dark Web Networks (TOR, I2P, etc.) (DARKMINT).

§  Experience with common threat intelligence tools, sources, and feeds.§  Experience tracking threat actors or similar types of cyber investigations.

§  Laws, regulations, policies, and ethics as they relate to cybersecurity and privacy. Cybersecurity and how it impacts privacy principles.

§  Models to describe and document cyber-attacks (e.g., reconnaissance, scanning, enumeration, persistency, lateral movement, exfiltration) such as Cyber Kill Chain, Diamond model or MITRE ATT&CK.

§  Incident Response and handling methodologies. 

§  Application Security Risks (e.g., Open Web Application Security Project Top 10 list).

§  System and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, code and command injections, race conditions, covert channel, replay, return-oriented attacks, malicious code). 

§  Experience with Malware analysis, sandboxes, and reverse engineering tools. 

§  Experience with scripting languages (e.g., Python, Bash or PowerShell) and using REST API, as well as data processing, regular expressions, and console-based text processing tools (e.g., sed, awk, jq). 


§  STEM studies are highly desirable but might be traded-off for relevant experience. 

§  5+ years of relevant work experience in Cybersecurity Operations of mid-size to large high-tech and healthcare organizations as well as working in geographically distributed teams is highly valuable. 

§  Relevant Industry Certifications such as SANS/GIAC (for example, GCIA, GCIH, GNFA, GCFA), CompTIA Security+ CISSP, CISA, CISM are desirable. 


Personality Traits 

§  Negotiation skills and ability to set and track priorities and deadlines.  

§  Able to work on a very tight schedule, while keeping track of tasks progress and deadlines. 

§  Able to structure complex problems and find practicable solutions to those. 

§  Team player but also able to work on an individual basis. 

§  Self-learning and curiosity to keep pace with ever-evolving cybersecurity developments are highly appreciated. 

§  Advanced English and Communication skills: clear and concise communication; able to address stakeholders of different backgrounds and technical expertise. 

Being part of our team:

Siemens Healthineers is a leading global medical technology company. More than 48,000 dedicated colleagues in over 70 countries are driven to shape the future of healthcare. An estimated 5 million patients across the globe benefit every day from our innovative technologies and services in the areas of diagnostic and therapeutic imaging, laboratory diagnostics and molecular medicine, as well as digital health and enterprise services.

Curious about our culture?

Our culture embraces different perspectives, open debate and the will to challenge convention. Change is a constant aspect of our work. We aspire to lead the change in our industry rather than just react to it. That’s why we invite you to take on new challenges, test your ideas and celebrate success.

As an equal-opportunity employer we are happy to consider applications from individuals with disabilities.

La diversidad en Siemens Healthineers es nuestra fuente de creatividad e innovación. Estamos plenamente comprometidos con el principio de igualdad de trato y de oportunidades entre mujeres y hombres. Contar con diferentes tipos de talento -independientemente de su raza, religión, género, orientación sexual, edad, discapacidad o cualquier otra característica indicada en la legislación vigente- nos hace ser más competitivos y estar mejor preparados para responder con éxito a las demandas de la sociedad.


Organization: Siemens Healthineers


Experience Level: Mid-level Professional

Job Type: Full-time

Can't find what you are looking for?

Let's stay connected

Can't find what you are looking for?