Job Title: Insider Threat Intelligence Analyst
Team Location: Amsterdam
Booking.com’s Threat Management capability is looking for a full-time Senior Threat Intelligence Analyst to join our Threat Intelligence Team. The main responsibility of this person will be to help mature our threat intelligence offering, on an operational, tactical and strategic level.
The Threat Management capability aims to enable security and fraud strategy and prioritization by identifying and highlighting threats and weaknesses to the organization. Booking Threat Intelligence aims to provide Booking.com with timely and relevant reporting on threats to manage risk, drive priorities and support informed decisions.
Role Description
We are seeking a Safety Analyst who will perform a crucial role in the front line defense of Booking.com in protection of their people, customers, partners, and is motivated to take ownership for an array of trust and safety focused actions for which they are held accountable: analysts investigate a broad range of trust and safety topics such as sexual or physical violence, discrimination, safety threats, safety hazards and human trafficking. The analyst's role is to investigate any serious allegations to mitigate the impact on the reporting victims and brand reputation. The analyst works closely with business stakeholders, and drives innovation and process improvements.
Key Responsibilities and Duties
- Conduct proactive research to gather intelligence on cyber attacks and emerging tools and techniques to identify threats to Booking.com on all tactical, operational and strategic levels on new and existing threats
- Perform daily operational threat intelligence tasks, including triaging cases, investigating incidents, and producing reports, while continually creating and tuning alert rules.
- Lead intelligence requirement (IR) gathering sessions with new operations teams as intelligence services expand across the organization, and manage the IR framework and implementation plans.
- Independently lead the design, implementation, and operationalization of new intelligence requirements, including developing processes, workflows, and integrations to ensure effective intelligence collection, processing, and dissemination.
- Produce tailored threat intelligence reporting and provide actionable recommendations to Security and Fraud teams, including strategic briefings for leadership and operational or tactical intelligence to strengthen cybersecurity defenses.
- Contribute to the development of threat landscape assessments and other recurring strategic intelligence reports
- Participate in incident management meetings to provide threat intelligence context and support investigations.
- Support Threat Hunting and Incident Response teams with actionable intelligence, including relevant threat context, indicators, and adversary TTPs to enhance detection and response efforts.
- Collaborate with intelligence vendors and internal teams to support investigations, enhance intelligence capabilities, and integrate threat data into existing security systems, ensuring tooling requirements are met and vendor platforms are effectively utilized.
- Establish and maintain relationships with Booking Holdings brands, industry peers, relevant ISACs, and the broader threat intelligence community to enable effective and timely threat intelligence sharing.
Qualifications and Skills
- 2+ years of experience in the domain of threat intelligence, with exposure in the fields of fraud and/or cyber threats in an enterprise environment
- Strong analytical and critical thinking capabilities, with a structured approach to investigation and problem-solving.
- Able to drive Dark Web and OSINT investigations
- Able to conduct threat actor profiling
- Able to conduct investigations by using both open source and commercial sources
- Experience of evaluating, implementing and operationalizing threat intelligence platforms / tools.
- Experience with scripting or engineering to automate processes and integrate threat intelligence tooling
- Experience leveraging AI and Large Language Models (LLMs) for intelligence use cases while ensuring safe and secure implementation and integration.
- Advanced stakeholder management skills to ensure a good collaboration with other teams and stakeholders within the security department and across Booking Holdings
- Excellent written and verbal communication skills and report writing capabilities that can address both technical and non-technical audiences
- Experience in contributing to the maturity and strategy of threat intelligence operations to address current and emerging threats
- BA/BS Degree ideally in Computer Science, Cyber Security, Information Security, Engineering or Information Technology.
**Additional desired skills: **
- Experience with Threat Intelligence and SOAR platforms
- Experience in one or more of the following roles: Security Engineer, CTI Analyst, Security Researcher, Malware analyst, CSIRT Analyst, Fraud Analyst, Safety and Security Response Analyst, or equivalent
- Knowledge of frameworks, data models, and taxonomies related to Cyber or Fraud, such as Diamond model, TLP, TAXII, STIX, MITRE ATT&CK, SIGMA, etc.
Benefits & Perks - Global Impact, Personal Relevance:
Booking.com’s Total Rewards Philosophy is not only about compensation but also about benefits. We offer a competitive compensation and benefits package, as well unique-to-Booking.com benefits which include:
- Annual paid time off and generous paid leave scheme including: parent, grandparent, bereavement, and care leave
- Hybrid working including flexible working arrangements, and up to 20 days per year working from abroad (home country)
- Industry leading product discounts - up to 1400 per year - for yourself, including automatic Genius Level 3 status and Booking.com wallet credit
Diversity, Equity and Inclusion (DEI) at Booking.com:
Diversity, Equity & Inclusion have been a core part of our company culture since day one. This ongoing journey starts with our very own employees, who represent over 140 nationalities and a wide range of ethnic and social backgrounds, genders and sexual orientations.
Take it from our Chief People Officer, Paulo Pisano: “At Booking.com, the diversity of our people doesn’t just build an outstanding workplace, it also creates a better and more inclusive travel experience for everyone. Inclusion is at the heart of everything we do. It’s a place where you can make your mark and have a real impact in travel and tech.”
We ensure that colleagues with disabilities are provided the adjustments and tools they need to participate in the job application and interview process, to perform crucial job functions, and to receive other benefits and privileges of employment.
Application Process:
- Let’s go places together: How we Hire
- This role does not come with relocation assistance.
Booking.com is proud to be an equal opportunity workplace and is an affirmative action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. We strive to move well beyond traditional equal opportunity and work to create an environment that allows everyone to thrive.
Pre-Employment Screening
If your application is successful, your personal data may be used for a pre-employment screening check by a third party as permitted by applicable law. Depending on the vacancy and applicable law, a pre-employment screening may include employment history, education and other information (such as media information) that may be necessary for determining your qualifications and suitability for the position.
Pre-Employment Screening
If your application is successful, your personal data may be used for a pre-employment screening check by a third party as permitted by applicable law. Depending on the vacancy and applicable law, a pre-employment screening may include employment history, education and other information (such as media information) that may be necessary for determining your qualifications and suitability for the position.