Threat Intelligence Lead

Anywhere (UK)

Full Time
Monzo logo
Apply now Apply later

Posted 1 month ago

At Monzo we’re aiming to build the best bank in the world. We are always keen to hear from capable, creative people who want to help us accomplish that goal. We want our bank to be safe and secure for our customers, so security is very important to us.

Security at Monzo

We are looking for a proactive, technically-minded and organised Threat Intelligence Lead to join our Information Security team in the bank’s 1st line of defence which has the ownership, responsibility and accountability for directly assessing, controlling and managing risk. The team is part of Monzo’s Security team which has a wide range of responsibilities, from infrastructure security to application and information security. 

You will be working directly with the engineers who are building our platform (rather than in a stand-alone compliance team), and you will have the opportunity to directly make an impact on the way that the business keeps our information secure. As a bank, we are solving diverse, novel problems to ensure that our customers and data are secure. 

One of the guiding principles of security at Monzo is that security at the expense of user experience is a last resort. We aim to move mountains in the background such that we can build world-class features without compromising on security. As a member of our security team you will be responsible for constantly improving the security of Monzo. 

You will be the Information Security Threat Intelligence Lead for Monzo. You will be responsible for all aspects of threat intelligence including:

  • Outlining the short and long term strategy for threat intelligence at Monzo including technology, people and processes.
  • Making sure that Monzo has relevant and consistent threat intelligence sources defined and in place for the organisation and owning those relationships.
  • Making sure that Monzo can consume threat intelligence effectively and has processes in place to act upon that threat intelligence where appropriate.
  • Defining, implementing and owning the process of producing and disseminating threat intelligence reports across the organisation where required.
  • Defining, implementing and owning threat intelligence technology required for the end to end processes to operate. 
  • Building and managing a team of threat intelligence analysts as required.
  • Ownership of threat hunting and working alongside the engineers and other operational teams to proactively threat hunt across the organisation. 
  • Maintaining detailed threat profiles on adversaries of interest/relevance to the firm - covering tactics, techniques and procedures, intent, goals and strategic objectives
  • Balancing incoming research requests and intelligence from other teams acting as the lead point of contact
  • Assisting with technological aspects of investigations lead by CSIRT, fraud, and financial crime teams
  • Work with Risk and Compliance and across the business to ensure that sufficient controls are in place to mitigate known security risks;
  • Provide Information Security advice to stakeholders around threat intelligence;
  • Reporting threat status and update to the relevant governance committees (e.g. Security Council)
  • Work with Risk and Compliance to deliver management information (KRIs) for monthly security risk reporting to the Board and as required.

You should apply if:

  • You have a strong background in threat intelligence in a commercial environment;
  • You are comfortable working autonomously and can build a threat intelligence function from the ground up;
  • You have advanced knowledge of global information security threats and can develop a picture of the Tactics, Techniques and Procedures (TTPs) used by cyber adversaries;
  • Experience of producing threat intelligence reports for organisations;
  • Experience in threat hunting techniques and threat hunting;
  • You are an excellent communicator, both verbally and in writing;


  • This can be based in our new London office or remote.
Job tags: Compliance CSIRT Strategy Threat intelligence TTPs
Job region(s): Europe Remote/Anywhere
Job stats:  31  5  0
Share this job: