Threat Intelligence Analyst

Key Responsibilities Include: 

• Weekly Threat & Control Reviews: Produce concise weekly reports summarizing current threats targeting the organization and evaluating the effectiveness of relevant security controls.
• Monthly KRI Reporting: Develop and maintain key risk indicators (KRIs) that measure how well security controls are performing against active and emerging threats.
• Quarterly Threat Landscape Updates: Deliver in-depth quarterly briefings on the threat activity observed over the past three months, including trends, incidents, and control responses.
• Annual Threat Trends Review: Conduct a comprehensive annual analysis of threat trends, attack vectors, and adversary behaviors targeting the organization, with strategic recommendations.
• Threat Investigations: Investigate specific threats or incidents, correlating internal telemetry with external intelligence to assess impact and recommend mitigations.
• Security Control Recommendations: Assess the effectiveness of technical and procedural security controls in the context of emerging threats and recommend enhancements or changes to security and technology controls to address identified gaps for evolving threats.
• Collaboration & Stakeholder Engagement: Work closely with the Group CISO and wider security team to ensure threat intelligence is communicated in a timely manner. 

Skills & Ability            

• Strong understanding of threat actors, TTPs (Tactics, Techniques, and Procedures), and threat modelling frameworks (e.g., MITRE ATT&CK).
• Experience with threat intelligence platforms, SIEMs, and security analytics tools.
• Ability to translate technical findings into strategic business insights.
• Excellent written and verbal communication skills, with experience producing executive-level reports.
• Familiarity with regulatory and compliance requirements relevant to financial services. 

Essential Knowledge & Experience

• At least 3 years experience of cyber threat intelligence, ideally within financial services. 
• Relevant certifications such as GCTI. 
• Degree in Cybersecurity, Information Security, Risk Management, or a related field.
• Experience working in multiple time zones.