Head of Threat Intelligence

Protecting one billion people from cyber threats? If you find this proposition more exciting than scary, come on board and grow with us.

Whalebone is a global company working on user-centric cybersecurity products for telcos, ISPs, enterprises, public institutions, and governments that provide millions of everyday internet users unyielding protection from malware, phishing schemes, ransomware, and other malicious digital attacks without the need for them to download anything. Whalebone is headquartered in Brno, Czech Republic.

At this point, Whalebone has 400+ customers in telecommunications and corporate sectors (A1, O2 Telefonica, Tele2, Panasonic, Bauhaus, and many others) around the globe. With around 160 team members of multiple nationalities, Whalebone ranked 22nd in Deloitte's list of fastest-growing companies in Central Europe.

We are looking for a Head of Threat Intelligence to take strategic, technical, and people leadership over our TI teams within R&D organization. In this role, you will define the future of our TI capabilities, acting as the department's domain expert while leading a growing organization of specialized TI teams.
 

Why this role

This is a role where you set the global direction, not follow it. You'll shape the vision, own the strategy, and define how threat intelligence evolves at Whalebone, protecting millions of users worldwide. Full ownership, start to finish.

What will you do

• Directly manage the Team Leads of our three TI teams (17 engineers in total), ensuring cohesive operations and alignment across the department.
• Act as the primary subject matter expert, bringing deep TI knowledge into the company and mentoring teams to continuously elevate their technical capabilities.
• Set the direction for how our TI capabilities evolve, and take ownership of the technical and architectural decisions that keep our operations, data collection, and threat modeling scalable.
• Partner closely with the Product Manager for TI to align our capabilities with the product roadmap and customer needs, balancing continuous improvement with core business priorities.
• Work with the R&D Director on engineering standards and cross-team processes, while overseeing hiring, onboarding, and long-term career development within your department.
  
   

Expectations for first six months

• Successfully transition into managing the three existing Team Leads.
• Map out the strengths and knowledge gaps within the teams.
• Conduct an audit of the current tech stack and core methodologies.
• Identify bottlenecks or friction points in the TI department's operations.
• Develop an actionable technical roadmap to close identified gaps within the TI stack.
• Identify key deliverables from the product and technical roadmaps, and collaborate with Product on the overall plan.
  
   

What we are looking for

• 10+ years in cybersecurity (threat intelligence, detection engineering, malware analysis, dark web research, or a similarly relevant field), with a track record of leading teams at department scale and setting the direction for threat intelligence at an organization.
• Strong hands-on background in threat detection, threat modeling, OSINT, and modern TI tooling. You're someone the team can learn from, not just report to.
• Comfortable making technical and architectural decisions at scale, and translating them into a roadmap that the organization can actually execute.
• You know how to grow strong teams, set clear expectations, and build a department where specialists want to stay.
• Experience collaborating closely with Product to balance technical ambition with business priorities.
   

  Our Tech Stack

  • The TI team, for data analysis and machine learning use cases, primarily relies on the following tools, frameworks and technologies (among others):

    • Python as the primary programming language altogether with Pytest, Ruff, Poetry and FastAPI
    • Elasticsearch and ClickHouse for data storage and analysis
    • Kafka, Redis, and RabbitMQ for event streaming, caching, and message queuing
    • IntelMQ for collecting, processing, and sharing security threat intelligence

    
    
     

  Why would you like to work with us?

  • Meaningful job - protecting everyday people against malware and hackers all around the globe.
  • Rewarding financial package, including the possibility to choose ESOP as a benefit and a motivating flexible part of the remuneration reflecting long term results.
  • Flexible working hours and possibility of HO
  • Equipment of choice - use the budget and chose what is best for you
  • Terrace - beautiful view and available for private parties
  • Regular events & teambuildings - grill, enjoy pub quiz or have a breakfast with us
  • You will be supported to learn, grow and gain new experiences with us!
  • Your opinion will matter to us - discuss your ideas and feedback directly with the CEO or CTO if you feel like they should hear them.
    
     

  Position details

  • Team: Threat Intelligence
  • Work setup: On-site, Hybrid
  • Location: Jezuitská 14/13, Brno
  • Job type: Full-time