Cyber Threat Intelligence SME

My client, an International Bank, with an office in London, is looking for a Cyber Security Intelligence SME to join their growing team.

About the Cyber Securtiy Intellgience SME role:

My client's EMEA IT Security Team are searching for Cyber Threat Intelligence Associate, to provide in-depth intelligence analysis and investigation support, to be based in their London office. The candidate will be a member of the Global Cyber Threat Intelligence Team (GCTI), supporting regional security and intelligence projects, as well as delivering investigations against GCTI’s goals to support my client with their Digital Risk, Vulnerability intelligence and Third Party intelligence programs.

The candidate will support report to the EMEA team lead, and the Global Head of Threat Intelligence, developing a deep knowledge of my client's cyber threat landscape to understand the threat from cyber criminals and nation states, develop a deep knowledge of malware threats, support and lead on cyber investigations, support brand protection, and prevent reputational threats.

The candidate will produce a variety of finished intelligence products to support stakeholders and business units across the bank, and help create mitigation strategies for known threats. The candidate will have excellent communication skills will be comfortable collaborating internationally with our other GCTI members and regional IT Security teams, and be comfortable providing verbal updates about their work and investigations.

The candidate will be expected to develop this role as the GCTI team grows in maturity, along with picking up additional responsibilities within the EMEA IT security team.

Responsibilities:

In this position, the Cyber Threat Intelligence Associate is expected to:

• Support GCTI leads in developing a strong understanding of my client's threat landscape, understand how the threats are evolving and support the development of measures to protect against them
• Collect, process, and analyse data points to produce internal intelligence reports
• Manage intelligence alerts and work closely with security teams to triage alerts
• Support and maintain relationships with global information security teams, brand, legal, communications, IT, Risk, Finance, Control and HR groups
• Provide subject matter expertise on cyber threats to support current analytic operations and initiatives
• Liaise with Internal security teams such as SOC, Vulnerability Management, Digital Risk, Threat Hunting and others
• Contribute to strategic intelligence initiatives that develop the GCTI team
• Create initiatives to develop the GCTI team.

Additional Responsibilities – EMEA IT Security:

• Support the EMEA IT security team with queries around threat intelligence
• Support the EMEA IT security risk and governance efforts
• Support audit, compliance and regulatory work in the region related to my client's threat landscape
• Occasional out of hours’ work required.

Qualifications:

• Must have 5+ years of experience in a government intelligence or public sector intelligence background, cyber threat intelligence and security operations, or cyber investigations and incident response team
• Essential experience includes:
• Knowledge, understanding and demonstrable experience of applying the intelligence cycle to cyber threat intelligence or similar work
• Knowledge of cyber threat intelligence models (e.g., MITRE ATT&CK, Kill Chain, Diamond Model)
• Have experience developing and applying SecOps (Red/Purple/hunt) tooling for attack analysis, offensive modeling, attacker emulation
• Must be proficient with OSINT gathering techniques and dark web monitoring concepts
• Strong verbal and written communication skills, interpersonal collaborative skills, and the ability to communicate security and risk-related concepts to technical and non-technical audiences
• Experience tracking and understanding threats from: Nation State Threat Actors, Cyber Crime, Extremist Groups and Cyber Terrorists, Hacktivism, Malware, Vulnerabilities, Fraud and Social Engineering Techniques
• Solid understanding of geopolitics and how this affects nation state cyber activity
• Analysis of threat actor tactics, techniques and procedures
• Must possess the ability to multitask, prioritise, and manage time effectively
• Must have strong attention to detail
• Must be able to produce concise and timely intelligence reports
• Knowledge of methodologies and techniques for identifying, prioritizing, and classifying cyber threats.

Preferred experience includes:

• Have experience building dynamic threat analysis coverage using frameworks such as MITRE, Diamond, STRIDE, OWASP, PASTA and others
• Have experience developing and applying detective CTI skills (SIGMA/Yara/Vul Trigger/ IOC etc) in SecOps Tooling and understand the basics of how to incorporate these into security controls (Elastic/MSS/Splunk/IDS/etc)
• Malware analysis, hacking tools, and advanced threat actor tactics, techniques and procedures
• Understanding of and experience with modern technical security controls and technologies, such as TIP’s, SOAR’s firewalls, SIEMs, IPS, HIPS, web proxies, etc
• Financial Industry/Banking Experience preferred
• Preferred Security certifications (e.g. Security+, GCIA, GCIH, CISSP)

If the above is of interest please apply to this job advertisement or call me on 0207 509 8040 to find out more.