Cyber Threat Intelligence Analyst (Mid Shift)

The Role

As a Threat Intelligence Analyst, you will play a crucial role in operationalising threat intelligence within our organisation. By tracking and analysing the tactics, techniques, and procedures (TTPs) of threat actors, campaigns, and malware, you will produce actionable intelligence to protect our systems and data. This role involves generating timely alerts, briefs, and analytical assessments tailored to our environment, supporting threat hunting initiatives, the wider cyber security teams, and the business.  

Provide support to Information Cyber Security from across the business by undertaking activities which include:

• Provide assistance to cyber threat intelligence efforts, focusing on the latest TTPs used by threat actors and mapping these to WTWs environment. 
• Collection of relevant indicators of compromise to top threats to WTW to supply to security tooling.
• Utilising intelligence sharing platforms, security tooling and intelligence tooling to understand the latest email-based attacks. Sharing knowledge, and mitigations with relevant teams.
• Conduct assessments on cyber threats, attacks, threat actors and external incidents relevant to WTW.
• Conduct open-source intelligence (OSINT) collection and analysis to identify imminent cyber threats, malicious codes, suspicious domains, and vulnerabilities.
• Utilize Threat Intelligence techniques, and frameworks for investigating potential security incidents.
• Create both written and verbal intelligence products for internal stakeholders, providing timely and accurate information to proactively address threats.
• Offer subject matter expertise on cyber threats to support current and future analytical operations and initiatives.
• Provide actionable intelligence to mitigate potential threats to WTW. 
• Monitor email threat landscape for any threats toward WTW and the financial services sector utilizing open and closed sources to develop actionable intelligence. 
• The role is based in the tactical pillar of threat intelligence; however, the successful candidate will have exposure to operational and strategic intelligence. 
• A key member of a global team. 
   

The Requirements

• Exceptional verbal and written communication skills, with the ability to convey security and risk-related concepts to a broad audience.
• A proactive mindset with a strong interest in threat intelligence and wider cybersecurity practices. 
• Understanding of the Kill Chain, Diamond Model of Analysis, and MITRE ATT&CK framework.
• Knowledge of security controls, detection capabilities, email and messaging controls, firewall and proxy technologies, anti-virus, IDS/IPS, and other digital environment security solutions.
• Acute awareness of valuable organisational assets for threat actors and breach methodologies.
• Understanding of malware, hacking tools, and threat actor tactics, techniques and procedures to characterize threat actors’ technical methods for accomplishing their missions.
• Resourcefulness to seek out information or its source to gain context on a specific threat or technology involved in a potential threat.
• Willingness to learn and progress cyber and intelligence skills. 
• Fluent in English, reading, writing and verbal.

Equal Opportunity Employer