Senior Cyber Threat Intelligence Analyst (0111)
Location: Home based
Sector: Threat Intelligence
We’re working with a leading cyber threat intelligence consultancy, based in London. Due to continued growth they’re looking for experienced Senior CTI Analysts to join the team. The analyst will make use of internal tooling and techniques, in order to collect, analyse, assess, produce, and disseminate informed and accurate reporting, providing actionable insight into the threat landscape.
• Identifying new sources and tools is a key responsibility for the new analyst.
• Data will also be fused with other non-cyber information where possible, providing actionable and relevant insight into a given event or incident.
• Self-study and extensive outside training in order to increase the Cyber Threat Intelligence Analysts knowledge.
• Build and maintain relationships with key clients to ensure a more complete picture of their thread landscape.
• Identification, contextualisation, and analysis of threats, exploits, and vulnerabilities that pose previously unknown risks to our clients and partners.
• High quality standardised strategic and technical report writing, using widely used standardised reporting structures.
• Training and stakeholder engagement with clients to ensure a seamless cross-organisational team of expertise.
• Working under operational time pressure, self-managing tasks, meeting deadlines in support of client requirements.
• An experienced Cyber Threat Intelligence Analyst with 3 years+ direct experience would be preferred.
• Direct and detailed understanding and experience with numerous types of information security incidents, attacks, and events.
• Previous direct use of CTI methodologies such as investigative pivoting models, investigative frameworks, as well as MITRE ATT&CK, and the Extended Cyber Kill Chain.
• Prior experience of scripting tools, languages and CVEs.
• Familiarity with major cognitive bias types, and the ability to identify those cognitive biases when researching.
• Previous experience with competing hypothesis theory and use of different tools to score those hypotheses.
• A demonstrated ability to analyse, evaluate, and contextualise sets of information, using analytical techniques and common industry tooling.
• Experience in open source collection, use of online tools, experience querying internal databases of information in support of investigative efforts.
• Professional experience writing short and long form reporting to a specified, technical writing style.
Desirable skills :
• Knowledge of other security or intelligence functions besides Cyber Threat Intelligence would be preferred.
• Experience with Threat Intelligence Platforms such as MISP
• CREST or other Threat Intelligence accreditations (e.g. SANS, GIAC) are also highly desirable.