Threat Intelligence Lead

Company Description

Metro Global Solution Center (MGSC) is internal solution partner for METRO, a €30.5 Billion international wholesaler with operations in 31 countries through 625 stores & a team of 93,000 people globally. Metro operates in a further 10 countries with its Food Service Distribution (FSD) business and it is thus active in a total of 34 countries.

MGSC, location wise is present in Pune (India), Düsseldorf (Germany) and Szczecin (Poland). We provide Finance, HR, IT & Business operations support to 31 countries, speak 24+ languages and process over 18,000 transactions a day. We are setting tomorrow’s standards for customer focus, digital solutions, and sustainable business models. For over 12 years, we have been providing services and solutions from our two locations in Pune and Szczecin. This has allowed us to gain extensive experience in how we can best serve our internal customers with high quality and passion. We believe that we can add value, drive efficiency, and satisfy our customers.

Website: https://www.metro-gsc.in

Company Size: 600-650

Headquarters: Pune, Maharashtra, India

Type: Privately Held

Inception:  2011

Job Description

●Collect, analyze, and interpret threat intelligence data from various sources, including open-source intelligence (OSINT), dark web monitoring, security vendors, and METRO threat intelligence tools, such as Recorded Future.

●Identify and assess potential threats, vulnerabilities, and risks to the METRO systems, networks, and data, and provide recommendations for mitigation and remediation.

●Collaborate with internal teams, such as SOC analysts, incident response teams, and security operations, to provide timely and relevant threat intelligence information to support incident detection, response, and recovery efforts.

●Monitor and track threat actors, their tactics, techniques, and procedures (TTPs), and emerging trends in the cyber threat landscape to anticipate and proactively defend against potential attacks.

●Develop and maintain threat intelligence reports, briefings, and presentations to communicate findings, trends, and recommendations to stakeholders, including senior management and technical teams.

●Participate in threat hunting activities, leveraging threat intelligence data and analysis to proactively search for indicators of compromise (IOCs) and potential security breaches.

Technical & Soft Skills:

●Good knowledge of SOC technologies and tools such as Google Chronicle SIEM, CrowdStrike EDR/EPP, Vectra NDR, Recorded Future TI, etc.

●Strong knowledge and skills in scripting, and development of automation and orchestration code.

●Familiarity with threat intelligence platforms and tools, such as threat intelligence feeds, threat intelligence platforms (TIPs), and threat hunting tools.

●Knowledge of cyber threat landscape, including understanding of threat actors, their tactics, techniques, and procedures (TTPs), and emerging trends.

●Excellent communication and interpersonal skills to effectively collaborate with clients, stakeholders, and internal teams.

●Proficient in producing threat intelligence reports, briefings, and presentations to communicate findings, trends, and recommendations to stakeholders.

●Strong organizational and time management skills with the ability to coordinate and prioritize multiple tasks simultaneously.

●Ability to work under pressure, especially during critical security incidents.

Qualifications

●Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. A Master's degree or relevant certifications (e.g., CSA, CHFI, SANS/GIAC) may be preferred.

Experience 7+ years.