Role Description The cyber threat intelligence analyst will report to the executive director of intel operations and is responsible for supporting the administration and maintenance of the ISAC’s technical threat intelligence sharing environment (MISP), intelligence vetting, categorization, tagging, enrichment, and analysis of member-shared cyber threat intelligence (CTI) and other threat intel source data. This role is well-suited for a CTI analyst looking to build hands-on experience operating a threat intelligence platform in a collaborative ISAC environment. Main Duties - Malware Information Sharing Platform (MISP): - Support the configuration, day-to-day operation, and ongoing improvements of the RH-ISAC Malware Information Sharing Platform (MISP) under established standards and guidance. - Monitor all levels and types of member activities on the platform, applying established data quality standards, taxonomy guidance, and sharing controls. - Ensure appropriate handling, classification, and sharing of member-submitted intelligence in accordance with RH-ISAC trust principles and information sharing policy. - Enrich Member Data and Intelligence Gathering: - Enrich, vet, and maintain technical data, including indicators of compromise, shared from members and key stakeholders. - Work with member analysts to support intelligence sharing and assist with questions related to RH-ISAC intelligence and tooling. - Assist members in consuming RH-ISAC-generated data and intelligence, developing use cases to share with broader membership. - Use analyst tools and OSINT to provide members with more visibility of corroborated RH-ISAC intelligence. - Provide support for member analysts’ requests for assistance in threat hunt and investigations in a timely manner, as needed. - Participate in calls for committees, working groups, and special interest groups, as necessary, to gain information and member input on relevant topics. - Participate in RH-ISAC workshops and member visits to build relationships and become more acquainted with member needs and requirements. - Cross-Functional Collaboration: - Work collaboratively with RH-ISAC team members to achieve strategic and tactical objectives. - Encourage active, ongoing collaboration among peers to promote shared goals and initiatives. Qualifications - Experience performing "deep dive" analysis and correlation of log data from multiple sources including PCAP and forensic artifacts (some experience with cyber threat analysis associated with retail and hospitality sector threats preferred). - Previous experience as a cyber threat intel analyst (strong skills in tactical cyber threat intelligence preferred). - Solid understanding of advanced cyber threats targeting enterprises, along with the tools, tactics, and procedures involved in those threats. - Some experience with vulnerability research, exploit and/or malware investigation. - Solid understanding of behavioral-based threat models, including ATT&CK, Cyber Kill Chain, Diamond Model, etc. - Experience working with threat intel platforms and SIEM-type platforms (prior experience with MISP a plus). - Competence in communicating actionable threat intelligence to technical and operational-level audiences. - Experience writing Python (or PowerShell) scripts to parse datasets, automate routine intelligence tasks, and support existing system integrations. - SOC experience and/or security certifications a plus. - Excellent communication skills including oral briefing, training, and written analysis. - Detail-oriented, deadline-driven, adaptable, and dependable. - Personable, professional, and driven by a can-do spirit. - Genuine desire and willingness to support teammates. Location and Work Environment - Location: Remote - Work Environment: The employee is expected to maintain a dedicated, distraction-free home workspace with reliable internet connectivity. Regular collaboration will occur via video conferencing, chat, and other digital communication tools. - The role requires virtual meetings across multiple time zones. While the position offers flexibility, standard core working hours—based on you and your supervisor’s time zones—will be established and are expected for availability and team coordination. - Occasional travel is required. Physical Requirements - Prolonged periods of sitting at a desk and working on a computer. - Ability to use a keyboard, mouse, and monitor for extended periods. - Must be able to communicate clearly via video, phone, and written correspondence. - Occasional lifting of light objects (up to 10 lbs), such as laptops or office supplies. - Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Employment Type - Full-Time, Exempt Compensation and Benefits - Salary Range: $70,000 - $90,000 - The RH-ISAC offers full-time employees medical, dental, and vision insurance, a flexible savings account (FSA), a health saving account (HSA), and short-term disability plans. - The RH-ISAC also offers a 401k plan with a matching contribution if you make a “matched employee contribution” during the plan year. Company Description The RH-ISAC is an Equal Opportunity Employer. We are committed to creating a diverse and inclusive workplace and consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity or expression, national origin, age, disability, veteran status, or any other legally protected status.

• Triage and investigate security alerts across endpoints, identity systems, cloud environments, and production workloads. • Support response efforts for a range of security investigations, including account compromise, endpoint activity, and suspicious behavior in cloud, CI/CD, or production systems. • Collect and analyze relevant data (e.g., logs, system activity) to help scope incidents, identify impacted systems, and track activity across environments. • Escalate higher-risk or unclear activity, and support senior team members in ongoing investigations. • Execute containment or remediation actions as directed, and document findings clearly throughout the investigation lifecycle. • Support vulnerability and posture management efforts by validating findings and helping track remediation activities.

Role Description Our SOC team is expanding! We are looking for a Senior Security Analyst to lead our advanced investigation and threat intelligence workflows. This role is designed for a technical expert who thrives on complex incident response and proactive threat hunting. - Incident Response: Drive the end-to-end lifecycle of security incidents, from initial detection through to advanced containment and recovery. - Threat Intelligence: Drive the threat intelligence process by analyzing emerging trends and integrating external feeds into our detection logic. - Forensic Analysis: Perform deep-dive host and network forensics to identify root causes and persistence mechanisms. - Automation & Playbooks: Design and refine automated SOAR playbooks to increase the speed and consistency of our response. - Proactive Hunting: Execute hypothesis-driven threat hunts across our environments. - Technical Leadership: Act as an escalation point for complex alerts and mentor junior analysts on advanced investigative techniques. - Stakeholder Communication: Generate detailed incident reports and present findings to both technical teams and executive stakeholders, ensuring clarity on impact and resolution. Qualifications - Extensive hands-on SOC or incident response experience, including Tier 2 / Tier 3 responsibilities - Proficiency with SIEM/SOAR platforms, EDR tools, and forensic toolsets - Hands-on experience with AWS security controls and container security - Strong understanding of network protocols, endpoint security, and common attack vectors - Ability to use Python or similar scripting languages for security automation and data analysis - Relevant certifications such as GCIH, GCFA, CISSP, or equivalent are a plus - Excellent analytical mindset, attention to detail, and ability to thrive under pressure - Strong communication skills, capable of translating technical findings to non-technical audiences Benefits - Be part of one of the fastest-growing and most visible Fintech startups in Europe, creating innovative services that have a substantial impact on the lives of our customers - Work with an international, diverse, inclusive, and ever-growing team that loves creating the best products for our clients - Be productive with the latest hardware and tools - Learn and grow by joining our in-house knowledge sharing or career development sessions and spending your individual Education Budget - Learn and experience German culture first hand by joining our free German language classes - International relocation support is provided if required - Opportunity to work from abroad - Benefit from an attractive compensation package and from the company pension scheme - Monthly contribution of 50% for the ‘Deutschland Jobticket’ - Say goodbye to order commissions and say hello to your complimentary subscription of Scalable Capital's PRIME+ Broker - Enjoy flexible and discounted sports activities with Urban Sports Club

Role Description We are seeking a highly skilled and experienced Compliance Analyst to join our organization. As the Compliance Analyst, you will be responsible for managing our compliance program, ensuring adherence to applicable regulatory requirements, industry standards, and internal policies. You will play a pivotal role in developing and implementing compliance frameworks, managing compliance projects, and providing guidance to cross-functional teams. Reporting to the Senior Information Security Compliance Lead, you will contribute to the overall success of our organization by maintaining a culture of compliance and integrity. - Ensure adherence to all organizational compliance frameworks, regulations, and security guidelines. - Provide guidance and support in implementing controls and processes, promoting a culture of compliance throughout the organization. - Coordinate internal and external audits, serving as the primary point of contact and ensuring timely and accurate responses to audit requests. - Work closely with team members to ensure timely delivery of evidence requirements for compliance purposes. - Participate in both internal and external audits, answering questions, and showcasing the controls in place to meet compliance obligations. - Assist in implementing and using LogicGate as the organization's system of truth for GRC-related controls. - Collaborate with cross-functional teams, such as IT, legal, and Finance, to develop and maintain effective compliance programs aligned with various compliance frameworks and security guidelines. - Identify and assess compliance risks and develop strategies to mitigate them in line with applicable compliance frameworks and security guidelines. - Conduct regular reviews and evaluations of compliance controls, processes, and procedures to identify areas for improvement and ensure alignment with relevant compliance frameworks and security guidelines. - Stay up to date with regulatory changes, industry best practices, and evolving compliance requirements to ensure the organization's compliance strategies are current and effective. Qualifications - Proven experience working in a compliance or GRC role, preferably within a similar industry, with knowledge of various compliance frameworks and security guidelines. - Strong understanding of compliance frameworks, regulations, and security guidelines, including awareness of relevant laws and regulations such as Sarbanes-Oxley, NIST 800-171, ISO 27001, CMMC, Cyber Essentials, and Service Organizational Control. - Excellent organizational and time management skills with the ability to manage multiple tasks simultaneously and meet deadlines. - Strong analytical and problem-solving abilities. - Effective communication skills, both written and verbal, with the ability to communicate complex compliance concepts to diverse stakeholders. - Demonstrated ability to work collaboratively in a team environment and build positive working relationships with colleagues at all levels. - Proactive mindset with a continuous improvement approach to compliance programs and security guidelines. - High level of integrity and ethics, maintaining confidentiality and professionalism in handling sensitive information.