Overview

CTI Consultant Jobs in Riyadh, Saudi Arabia at Cipher | سايڤر

Title: CTI Consultant

Company: Cipher | سايڤر

Location: Riyadh, Saudi Arabia

Key Responsibilities

  • Independently conduct cyber threat intelligence operations, including threat tracking, actor profiling, campaign analysis, and intelligence reporting
  • Monitor and analyze global and regional threat landscapes to identify threats relevant to clients, industries, and internal operations
  • Produce actionable intelligence reports, threat briefs, and strategic assessments for both technical and executive audiences
  • Develop and maintain threat intelligence workflows, intelligence repositories, and operational tracking mechanisms
  • Conduct intelligence-driven threat hunting activities by leveraging IOC, TTP, and behavioral analysis across SIEM and EDR platforms
  • Perform malware and attacker infrastructure analysis to support attribution and operational understanding
  • Track emerging attacker techniques, vulnerabilities, malware families, and exploitation trends relevant to organizational risk
  • Map adversary behaviors to the MITRE ATT&CK framework and identify detection or visibility gaps
  • Support active incidents, including after-hours and on-call activities, by providing intelligence context, attribution support, and attacker behavior insights
  • Contribute to CTI process maturity, reporting standards, and intelligence-sharing practices
  • Collaborate with internal teams and clients to translate intelligence into measurable defensive actions and operational improvements

 

Required Skills

  • Strong understanding of cyber threat intelligence methodologies, intelligence lifecycle, and operational analysis practices
  • Strong familiarity with the MITRE ATT&CK framework and adversary TTP analysis
  • Ability to analyze attacker behavior, infrastructure, malware trends, and campaigns to produce actionable intelligence
  • Ability to correlate CTI findings with investigations, detection engineering efforts, and security operations workflows
  • Strong research and analytical skills with the ability to validate, enrich, and contextualize intelligence from multiple sources
  • Experience producing clear, structured, and actionable intelligence reporting for technical and non-technical stakeholders
  • Comfortable using Git for version control, collaboration, and maintaining intelligence content, scripts, and documentation
  • Ability to operate independently during time-sensitive investigations and high-pressure situations
  • Strong client communication and stakeholder management skills with the ability to communicate risk clearly and professionally

 

Required Qualifications

  • Bachelor's or master's degree in computer science, Information Systems, Engineering, or a related field
  • 3+ years of hands-on experience in cyber threat intelligence, threat hunting, or security operations
  • Experience leveraging intelligence platforms, IOC management, and threat analysis workflows
  • Experience with scripting or automation using Python and/or Bash languages
  • Excellent English written and verbal communication skills
  • Excellent Arabic written and verbal communication skills
  • Experience with Git

 

Preferred Qualifications

  • Experience supporting investigations through intelligence enrichment and attacker attribution
  • Experience with malware analysis, sandboxing, or reverse engineering concepts
  • Familiarity with intelligence-sharing standards and platforms such as STIX/TAXII or MISP
  • Experience tracking regional threat actors and campaigns targeting financial institutions, government entities, or enterprise environments
  • GitHub account showing previous projects, research, tooling, or automation work
  • Prior consulting or managed security services experience is preferred

Apply

Upload your CV/resume or any other relevant file. Max. file size: 800 MB.