Cyber Threat Intelligence & Eastern Europe Operations Lead

About the role

Behemoth Security Pte. Ltd. is a Singapore-based cybersecurity consultancy specialising in threat intelligence, security advisory, and compliance services for international clients, with a primary focus on the European Union market. Our operations involve monitoring and analysing cyber threats originating from the Commonwealth of Independent States (CIS) and Eastern European regions, liaising with EU-based clients on regulatory compliance (NIS2 Directive, DORA, GDPR), and coordinating product development with our distributed engineering team across Eastern Europe. Behemoth Security leverages Agentic Engineering to the maximum extent to deliver outsize impact to its customers, and is credited with pioneering new cybersecurity methods leveraging AI. We are seeking a Cyber Threat Intelligence & Operations Specialist to serve as the operational backbone of our CIS/Eastern European threat intelligence practice and day-to-day business operations. This role is critical to our ability to deliver actionable intelligence on Russian-speaking and Eastern European threat actors to our EU client base, and to coordinate our Ukrainian-based development team. This is a specialist role requiring a rare combination of cyber threat intelligence capability, advanced Russian and Ukrainian language proficiency, cultural fluency in CIS/Eastern European threat environments, and client-ready English reporting. Selection will be based on demonstrated capability and evidence of specialist competency, not only formal academic credentials. The successful candidate will operate at the intersection of cyber threat intelligence (CTI), client engagement, product coordination, and business operations - requiring a rare combination of native-level language capability, cultural fluency with CIS/Eastern European contexts, and cybersecurity domain knowledge. Extensive, frontier AI leverages is expected and needed in this role, with the expectation that you'll be able to discover new Use Cases across our engagement lifecycle.

Responsibilities

• Cyber Threat Intelligence & Investigations (approximately 55-60%)
• Monitor, collect, and analyse intelligence from Russian-language and Ukrainian-language sources, including underground forums, Telegram channels, dark web marketplaces, paste sites, threat actor communications, breach announcements, and other relevant open-source materials.
• Track and profile CIS-origin and Eastern European threat actors, APT groups, ransomware groups, access brokers, hacktivist groups, and cybercriminal ecosystems relevant to our EU client base.
• Conduct OSINT investigations in Russian, Ukrainian, and English across multiple platforms to identify threat activity, victimology, targeting patterns, infrastructure, indicators of compromise, and operational context.
• Translate, contextualise, and interpret cybercriminal slang, underground forum terminology, culturally specific references, and nuanced threat actor communications that automated translation tools cannot accurately capture.
• Produce finished intelligence reports, threat briefings, client advisories, investigation summaries, and indicators of compromise from Russian, Ukrainian, and English-language source materials.
• Support analysis of threat actor tactics, techniques, and procedures, including mapping observed behaviours to recognised cybersecurity frameworks where appropriate.
• Maintain structured research notes, source references, and intelligence records to support repeatable analysis, client reporting, and internal knowledge management.
• Monitor developments in the CIS and Eastern European cyber threat landscape, including changes in threat actor behaviour, forum migration, ransomware ecosystem activity, geopolitical drivers, and regional cybercrime trends.
• Eastern Europe Product and Intelligence Platform Coordination (approximately 20%)
• Serve as a coordination point with our Ukrainian-based development team for threat intelligence platform requirements, product improvements, research workflows, and intelligence collection needs.
• Conduct regular technical coordination sessions, sprint discussions, and requirement clarification with Ukrainian-speaking engineering contributors.
• Translate client feedback, analyst requirements, and threat intelligence workflows into clear product specifications and development priorities.
• Support cross-timezone coordination between Singapore operations, EU client requirements, and Eastern European development resources.
• Validate that product features and internal tooling support the practical needs of cyber threat intelligence collection, analysis, reporting, and knowledge management.
• Client Advisory and Intelligence Delivery Support (approximately 10-15%)
• Support client-facing engagements by preparing intelligence briefings, advisory materials, investigation summaries, and threat landscape updates for EU-based clients.
• Assist in explaining CIS and

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at BEHEMOTH SECURITY PTE. LTD.? Share your experience