Company Description
At Bosch, we shape the future by inventing high-quality technologies and services that spark enthusiasm and enrich people’s lives. Our promise to our associates is rock-solid: we enjoy our work, we inspire each other, we provide equal growth opportunities for all team members, all roles are represented in all countries. We grow together!
Job Description
About the Team & Your Impact
Our team is distributed across Germany and Poland, with the Polish hub steadily growing. We are a diverse mix of experts—from CTI analysts to tech-dedicated specialists and versatile "one-man armies". We leverage various sources of intelligence, including OSINT and other specialized feeds, and we are currently in an exciting phase of onboarding more AI solutions into our daily operations.
What makes this role stand out?
- Intelligence into Action: You won't just write reports. Your core focus is bringing threat intelligence into real, defensive actions. You will have a direct hand in developing tools, automating workflows, and directly contributing to the safety of our entire global organization.
- Meaningful Business Impact: Your work has a tangible, visible impact. By delivering precise intelligence, you help ensure a safe digital environment for Bosch colleagues worldwide, allowing you and them to thrive together.
- Structured, Non-Reactive Workflow: Unlike many highly exposed, purely reactive security roles, our work is regular, structured, and easy to manage within your standard working hours. This provides a sustainable environment where you can build deep expertise and take pride in the results.
Your main tasks will include:
- Monitoring the external landscape: Actively monitoring the global threat landscape using Open Source Intelligence (OSINT), commercial threat feeds, Dark Web forums, and underground communities to identify emerging threat actors and trends.
- Tracking targeted threats: Hunting for indicators of compromise (IoCs), leaked credentials, exposed infrastructure, or brand impersonation campaigns specifically targeting our organization, supply chain, or industry.
- Preparing proactive defenses: Translating external threat data into actionable defense strategies by working closely with our SOC and engineering teams to update firewall rules, prioritize vulnerability patching, and fine-tune detection mechanisms before an attack occurs.
- Profiling adversaries: Analyzing and mapping threat actor tactics, techniques, and procedures (TTPs) using frameworks like MITRE ATT&CK to understand who wants to target us and how.
- Delivering early warnings and reporting: Providing timely, high-fidelity threat briefings and alerts to both technical teams and executive leadership to drive informed, risk-based decisions.
- Developing and automating tools: Building and improving internal tools for threat analysis, collection, and monitoring (using Python, REST APIs, Git, Docker).
Qualifications
- Experience: Proven experience in Cyber Threat Intelligence (CTI), digital forensics, or a highly analytical security role.
- CTI Knowledge: Deep understanding of the threat landscape, networking protocols, and modern cyberattack vectors.
- Tools & OSINT: Hands-on experience with OSINT tools, threat intelligence platforms (TIPs), and navigating darknet marketplaces safely.
- Technical & Automation Skills: Strong scripting and tool development experience (Python, APIs, Git, Docker) to automate threat intelligence workflows.
- Mindset: An analytical, "detective" mindset with the ability to connect fragmented data points into a coherent threat picture.
- Communication: Excellent communication skills to translate complex technical threats into clear business risks for diverse stakeholders (from technical teams to executive leadership).
- Languages: Fluent in English; German is a plus.
Additional Information
Bosch’s culture of innovation and digital transformation offers you a fantastic platform to grow your skills and enhance your network. We are dedicated to building a warm, open, transparent, and inclusive work environment for all.
Work #LikeABosch:
- Employment Contract
- Competitive salary + annual bonus
- Copyright costs for IT employees (Koszty Uzyskania Przychodu)
- Hybrid work with flexible working hours
Grow #LikeABosch:
- Complex environment of working, professional support and possibility to share knowledge and best practices
- Ongoing development opportunities in a multinational environment
- Broad access to professional trainings, conferences and webinars
Live #LikeABosch:
- Private medical care and life insurance
- Cafeteria System with multiple benefits (incl. MultiSport, shopping vouchers, cinema tickets, etc.)
- Prepaid Lunch Card
- Number of benefits for families (for instance summer camps for kids)
- Non-working day on the 31st of December