Cyber threat intelligence analyst

Harvey Nash
1 month ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English

Job location

Tech stack

Computer Security
Computer Networks
Computer Telephony Integration
Log Analysis
Packet Analyzer
Open Source Technology
Regular Expressions
Security Information and Event Management
Unstructured Data
Mitre Att&ck
Cyber Threat Analysis
Cybercrime

Job description

The SOC is at the core of the bank's cyber defence and is composed of several expert teams working closely together:

  • Cyber Threat Intelligence (CTI): collecting and contextualising threat intelligence to deliver actionable insights and trigger detection improvements
  • Use Case Design: developing detection logic and alerting mechanisms
  • Security Analysts (L1/L2/L3): investigating and analysing security alerts
  • Cyber Security Incident Response Team (CSIRT): coordinating responses to major security incidents

The CTI team supports the SOC as well as a broad range of internal stakeholders who rely on timely and relevant threat intelligence for their domains.

Your Role

As a Cyber Threat Intelligence Analyst, you will analyse cyber threats and threat actors, assess their potential impact on the bank's IT environment, and contribute to strengthening security controls and detection capabilities.

Your responsibilities include:

  • Researching emerging cyber threats relevant to the financial sector
  • Identifying and classifying threat actors and campaigns
  • Producing and presenting CTI reports to internal cybersecurity stakeholders
  • Understanding critical IT assets and existing security controls
  • Contributing to threat hunting activities and detection use case development
  • Analysing adversary tactics, techniques and procedures to identify defensive gaps
  • Recommending improvements to security architecture and controls
  • Reviewing and interpreting external threat intelligence sources
  • Proposing enhancements to detection and correlation use cases
  • Collaborating with the internal CERT and security teams to share intelligence

Requirements

  • Strong understanding of threat impact and risk assessment
  • Experience supporting detection use cases and correlation rules
  • Knowledge of log management and SIEM platforms
  • Hands-on experience with security tools (EPP, EDR, SIEM, open-source and commercial)
  • Strong log analysis skills (regex, queries, structured and unstructured data)
  • Understanding of network traffic analysis and packet capture
  • Solid knowledge of encryption and cryptography
  • Familiarity with frameworks such as MITRE ATT&CK, Kill Chain or Diamond Model is a strong plus

Your Profile

  • Strong passion for cyber security and threat intelligence
  • Able to translate complex threat data into clear, actionable insights
  • Comfortable working with multiple stakeholders across the organisation
  • Strong analytical, research and synthesis skills
  • Excellent communication skills, both written and verbal

Apply for this position