Cyber Threat Intelligence & Incident Response Analyst

Cyber Threat Intelligence & Incident Response Analyst

UCB - Union Chimique Belge

Brussels, Belgium

About the role

You will be working in a team that helps protect our organization by staying ahead of cyber threats and responding effectively when incidents occur. Your dual mission will involve leading the response to security incidents and advancing a threat intelligence program that delivers actionable insights across the business. You will shape the future of intelligence-led defense strategies, helping to strengthen cyber resilience and mitigate risks across the enterprise.

Who you’ll work with

You will be working in a team that collaborates closely with colleagues in the Security Operations Center, detection engineering, platform engineering, and compliance. Together, you will ensure threat intelligence is operationalized, incidents are managed effectively, and the wider business is informed about evolving threats. You’ll also be engaged with external threat intelligence networks and industry partners to stay ahead of emerging cyber risks.

What you’ll do

• Investigate and respond to cyber incidents alongside IT and Security Operations teams;
• Lead technical response activities including containment, recovery, and post-incident analysis;
• Develop and own the threat intelligence strategy in partnership with team leadership;
• Monitor external sources for emerging threats targeting the pharmaceutical industry;
• Create and distribute threat intelligence reports, indicators, and actor profiles;
• Leverage automation and language models to enrich and structure intelligence data;
• Collaborate with engineers to integrate intelligence into detection and response systems;
• Support proactive threat hunting using internal telemetry and intelligence insights.

Interested? For this role we’re looking for the following education, experience and skills

• At least 3+ years of experience in cyber threat intelligence, incident response, or similar roles;
• Strong technical knowledge of SIEM, endpoint detection, and threat intelligence platforms;
• Familiarity with the MITRE ATT&CK framework and structured threat intelligence standards;
• Hands-on experience using natural language processing or automation for intelligence workflows;
• Ability to create clear, actionable intelligence for technical and business audiences;
• Experience in regulated industries or knowledge of malware, scripting, or adversary emulation is a plus.

Are you ready to ‘go beyond’ to create value and make your mark for patients? If this sounds like you, then we would love to hear from you!