Operational Threat Intelligence Analyst to CSIRT | SEB, Solna

SEB is more than just a bank with a technology function. We are a progressive tech company powered by innovation and fueled by collaboration. From COBOL to AI and everything in between, we offer you an impressive tech stack and several technology paths. Together we're innovating for a sustainable society and building the tech arena of the future, a welcoming space for everyone.

My name is Henrik Brevenius, and I lead the CSIRT and Operational Threat Intelligence team at SEB. We are currently looking to expand our team with a new Operational Threat Intelligence Analyst.

About the job

The OSC (Operational Security Center) department consists of several functions, including Security Incident Response (CSIRT), Threat Intelligence, Penetration Testing, Vulnerability Management, and Security Engineering.

You will work on the defensive side of operational IT security, focusing on Threat Intelligence, Threat Hunting and Incident Response.

Primary responsibilities:

• As a Threat Intelligence Analyst, you will help produce actionable operational and tactical threat intelligence insights that are relevant to SEB Group.
• Your work will support immediate and near-term security operations by identifying and addressing emerging cyber threats.
• Collaborate with the strategic threat intelligence team.
• Identify critical security questions and provide actionable recommendations based on threat intelligence insights.
• Maintain operational situational awareness to detect potential threats and vulnerabilities impacting SEB.
• Monitor indicators of data breaches or attacks on SEB and its third parties.
• Collaborate closely with CSIRT and management during incidents to ensure appropriate actions are taken and validated.
• Offer support in Incident Response and Security Engineering, providing in-depth analysis of how threat actors may impact SEB's IT infrastructure.
• Conduct Threat Hunting.
• Foster collaboration with partners, vendors, and other critical sectors regarding Threat Intelligence.
• Contribute to the continuous improvement and development of our Incident Response and Threat Intelligence services.

Who are we looking for?

• We are seeking team members who bring a diverse range of experiences and perspectives to SEB
• You are an experienced and inspiring team member with a strong security background, particularly in cybersecurity, with experience in threat analysis and/or intelligence analysis.
• You understand the value of intelligence-driven approaches to support security operations and can translate your insights into practical outcomes.
• You are thorough, analytical, and able to communicate effectively with different stakeholders.
• We value integrity, a collaborative spirit, and a positive attitude in our team, as we continuously work together to strengthen SEB's security.
• You possess a positive attitude, high integrity, and the ability to foster cooperation in the continuous and collective tasks needed to strengthen SEB's security.
• In general, we seek someone with a solid technical IT security background, a deep understanding of the entire cybersecurity field, and the ability to relate it to known and emerging threats. Alternatively, a fast learner with analytical mindset with interest in growing into the Cybersecurity field.
  
  

Skills/Qualifications:

• Bachelor's degree (BA/BS) in Computer Science or a related field
• Understanding of threat intelligence frameworks such as MITRE ATT&CK and the Cyber Kill Chain
• Knowledge of the methodology and mindset of modern cyber threat actors and the cyber threat intelligence lifecycle
• Fluency in Swedish and English
  
  

Desirable Skills

• Professional qualifications such as GCTI, CTIA, CISSP, CISA, CISM certifications is an advantage
• Understanding of industry regulations, standards, and best practices such as FI FFFS, NIST, ISO 27001, DORA, and PCI-DSS
• Practical experience in developing intelligence-driven threat scenarios
• Experience in automation and data visualization
• Security Engineering
• Tooling and scripting
  
  

Do you want to be part of SEB?

It is our fundamental belief that inclusion and diversity is crucial for our future success. We strive to have an inclusive, value-driven culture where employees feel valued, respected, and involved irrespective of who they are, what they believe or where they come from.

Since we select candidates continuously, feel free to send in your application today via the link in this ad, but no later than 2026-08-30. If you have questions about the position, please contact Hiring Manager Henrik Brevenius at [email protected] , note that we will not process applications via email.

Please be aware that our final candidates undergo background checks, a process that includes for example identity control, verification of qualifications, credit checks, company engagements and history of crime. In some cases, we also apply random drug checks. During employment, employees within SEB can also expect to undergo recurring background checks.

SEB Sweden has a redeployment responsibility, which means that this position might be covered by internal redeployment.

Learn more about working at SEB on our Career website or through our Career podcasts.

sebgroup.com/career

bit.ly/ SEBcareer

.