391 Threat Intelligence jobs in the United Kingdom

Threat Intelligence Analyst - OSINT

London, Cheltenham or Manchester

Thanks for checking out our job opening; we are excited that YOU are interested in learning more about NCC Group.

We are on a mission to make society a safer and more secure place. Our people are the ones who make that possible; a global community of talented individuals working together towards a safer future.

We aim to create an environment where everyone can reach their full potential. We work together, we are brilliantly creative, we embrace difference and we want you to join in our mission, to make the world safer and more secure.

Take a look at our website here to learn more about why we’re one of the leading global Cyber Security and Risk Mitigation business…

The Opportunity

As a Threat Intelligence Analyst - OSINT, you will play a pivotal role within our global threat intelligence team. Working alongside colleagues across multiple time zones, you will help make our clients safer by identifying relevant threat actors, understanding their motivations, targets, and methods, and assessing client exposure.

The Global Threat Intelligence team has built a strong reputation in collecting its own data and combining it with open and commercial sources. In this role, you will analyse cyber threats, develop actionable intelligence, and collaborate with internal stakeholders. You will also contribute to the creation and maintenance of internal tooling to enhance the work of both yourself and your fellow analysts.

Your support to the wider organisation will be critical in the development of NCC Group’s Threat Intelligence capabilities and the broader service we offer.

Key Accountabilities:

OSINT collection and analysis - analysing open-source intelligence (OSINT) from the surface, deep and dark web.

Dark web access and monitoring - Gain and maintain access to dark web resources, including forums, marketplaces, shops, and chat services, to support intelligence gathering.

Threat actor and trend monitoring - Track, document, and report on threat actors, including their tools, techniques, and procedures (TTPs), as well as emerging trends across the threat landscape.

Collaboration - Work closely with internal teams, including Threat Intelligence, DFIR, SOC, and Threat Hunting, to share insights, support investigations, and strengthen organisational capabilities.

Reporting and communication - Produce clear, actionable intelligence reports tailored to both technical and non-technical stakeholders. Contribute to internal and external communications, including.

Tooling and methodology - Maintain, refine, and optimise threat intelligence tooling and processes to improve analysis workflows. Evaluate and recommend new technologies to enhance capabilities and operational efficiency.

Continuous development - Stay up to date with the evolving threat landscape, emerging OSINT methodologies, and dark web trends. Maintain a personal development plan to support ongoing learning and growth.

Ad-hoc investigations - Support client requests for OSINT investigations with scoping, conduct investigations, and produce client reports in line with the objectives outlined in the scope.

Technical Skills:

OSINT expertise - Proven experience conducting OSINT investigations across surface, deep, and dark web sources, with the ability to maintain operational security and manage online personas.

Threat intelligence knowledge - Understanding of the intelligence cycle, threat intelligence tooling, and the use of structured analytical techniques.

Cybercrime landscape awareness - Strong knowledge of cybercrime ecosystems, threat actors, and hacking methodologies, including their tools, techniques, and procedures.

Analytical skills - Demonstrated investigative mindset, critical thinking, and attention to detail when assessing and correlating intelligence.

Technical proficiency - Experience with scripting or automation (preferably Python) to support data collection, enrichment, and analysis.

Communication skills - Excellent written and verbal communication skills to produce clear and concise reports, as well as deliver briefings tailored to both technical and non-technical audiences.

Collaboration and adaptability - Ability to work effectively with cross-functional teams (e.g. DFIR, SOC, Threat Hunting) and adapt to changing priorities in a fast-moving threat landscape.

Ways of working

Focusing on Clients and Customers.

Working as One NCC.

Always Learning.

Being Inclusive and Respectful.

Delivering Brilliantly.

Our company

At NCC Group, our mission is to create a more secure digital future. That mission underpins everything we do, from our work with our incredible clients to groundbreaking research shaping our industry. Our teams' partner with clients across a multitude of industries, delving into, securing new products, and emerging technologies, as well as solving complex security problems. As global leaders in cyber and escrow, NCC Group is a people-powered business seeking the next group of brilliant minds to join our ranks.

Our colleagues are our greatest assets, and NCC Group is committed to providing an inclusive and supportive work environment that fosters creativity, collaboration, authenticity, and accountability. We want colleagues to put down roots at NCC Group, and we offer a comprehensive benefits package, as well as opportunities for learning and development and career growth. We believe our people are at their brilliant best when they feel bolstered in all aspects of their well-being, and we offer wellness programs and flexible working arrangements to provide that vital support.

Come join us?

What do we offer in return?

We have a high-performance culture which is balanced evenly with world-class well-being initiatives and benefits:

⏰Flexible working

Financial & Investment

Pension

Life Assurance

Share Save Scheme

Maternity & Paternity leave

Threat Intelligence Analyst - OSINT

London, Cheltenham or Manchester

Thanks for checking out our job opening; we are excited that YOU are interested in learning more about NCC Group.

We are on a mission to make society a safer and more secure place. Our people are the ones who make that possible; a global community of talented individuals working together towards a safer future.

We aim to create an environment where everyone can reach their full potential. We work together, we are brilliantly creative, we embrace difference and we want you to join in our mission, to make the world safer and more secure.

Take a look at our website here to learn more about why we’re one of the leading global Cyber Security and Risk Mitigation business…

The Opportunity

As a Threat Intelligence Analyst - OSINT, you will play a pivotal role within our global threat intelligence team. Working alongside colleagues across multiple time zones, you will help make our clients safer by identifying relevant threat actors, understanding their motivations, targets, and methods, and assessing client exposure.

The Global Threat Intelligence team has built a strong reputation in collecting its own data and combining it with open and commercial sources. In this role, you will analyse cyber threats, develop actionable intelligence, and collaborate with internal stakeholders. You will also contribute to the creation and maintenance of internal tooling to enhance the work of both yourself and your fellow analysts.

Your support to the wider organisation will be critical in the development of NCC Group’s Threat Intelligence capabilities and the broader service we offer.

Key Accountabilities:

OSINT collection and analysis - analysing open-source intelligence (OSINT) from the surface, deep and dark web.

Dark web access and monitoring - Gain and maintain access to dark web resources, including forums, marketplaces, shops, and chat services, to support intelligence gathering.

Threat actor and trend monitoring - Track, document, and report on threat actors, including their tools, techniques, and procedures (TTPs), as well as emerging trends across the threat landscape.

Collaboration - Work closely with internal teams, including Threat Intelligence, DFIR, SOC, and Threat Hunting, to share insights, support investigations, and strengthen organisational capabilities.

Reporting and communication - Produce clear, actionable intelligence reports tailored to both technical and non-technical stakeholders. Contribute to internal and external communications, including.

Tooling and methodology - Maintain, refine, and optimise threat intelligence tooling and processes to improve analysis workflows. Evaluate and recommend new technologies to enhance capabilities and operational efficiency.

Continuous development - Stay up to date with the evolving threat landscape, emerging OSINT methodologies, and dark web trends. Maintain a personal development plan to support ongoing learning and growth.

Ad-hoc investigations - Support client requests for OSINT investigations with scoping, conduct investigations, and produce client reports in line with the objectives outlined in the scope.

Technical Skills:

OSINT expertise - Proven experience conducting OSINT investigations across surface, deep, and dark web sources, with the ability to maintain operational security and manage online personas.

Threat intelligence knowledge - Understanding of the intelligence cycle, threat intelligence tooling, and the use of structured analytical techniques.

Cybercrime landscape awareness - Strong knowledge of cybercrime ecosystems, threat actors, and hacking methodologies, including their tools, techniques, and procedures.

Analytical skills - Demonstrated investigative mindset, critical thinking, and attention to detail when assessing and correlating intelligence.

Technical proficiency - Experience with scripting or automation (preferably Python) to support data collection, enrichment, and analysis.

Communication skills - Excellent written and verbal communication skills to produce clear and concise reports, as well as deliver briefings tailored to both technical and non-technical audiences.

Collaboration and adaptability - Ability to work effectively with cross-functional teams (e.g. DFIR, SOC, Threat Hunting) and adapt to changing priorities in a fast-moving threat landscape.

Ways of working

Focusing on Clients and Customers.

Working as One NCC.

Always Learning.

Being Inclusive and Respectful.

Delivering Brilliantly.

Our company

At NCC Group, our mission is to create a more secure digital future. That mission underpins everything we do, from our work with our incredible clients to groundbreaking research shaping our industry. Our teams' partner with clients across a multitude of industries, delving into, securing new products, and emerging technologies, as well as solving complex security problems. As global leaders in cyber and escrow, NCC Group is a people-powered business seeking the next group of brilliant minds to join our ranks.

Our colleagues are our greatest assets, and NCC Group is committed to providing an inclusive and supportive work environment that fosters creativity, collaboration, authenticity, and accountability. We want colleagues to put down roots at NCC Group, and we offer a comprehensive benefits package, as well as opportunities for learning and development and career growth. We believe our people are at their brilliant best when they feel bolstered in all aspects of their well-being, and we offer wellness programs and flexible working arrangements to provide that vital support.

Come join us?

What do we offer in return?

We have a high-performance culture which is balanced evenly with world-class well-being initiatives and benefits:

⏰Flexible working

Financial & Investment

Pension

Life Assurance

Share Save Scheme

Maternity & Paternity leave

We are seeking a Senior Detection Engineer to advance our detection engineering strategy within the Enterprise Security team. This role is essential to safeguarding EA’s cloud and production environments and will directly impact our ability to detect, respond to, and prevent cyber threats at scale.

As a senior individual contributor reporting to the Director of Threat Intelligence and Detections, you will play a central role in the technical leadership of the Detection Engineering team. You’ll mentor junior engineers, help define engineering direction, and lead the development of scalable, innovative threat detection solutions—including those leveraging AI and cloud-native technologies.

This is a hybrid role and you must live within commutable distance to our Guildford office where you will need to work in the office 3 days per week.

Key Responsibilities

• Design, develop, and operationalize advanced detections across cloud, container, and on-prem environments.
• Build integrations for diverse data sources (e.g., Wiz, host telemetry, network sensors) into EA’s detection infrastructure.
• Define and implement detection lifecycle processes to ensure maturity, governance, and performance metrics.
• Lead development of AI-driven detection proof-of-concepts
• Guide peers in building scalable, maintainable detection infrastructure and tuning detection content.
• Support strategic priorities like product detection assessments, threat-led risk prioritization, and production telemetry uplift.

Minimum Qualifications

• Experience in detection engineering, security engineering, or software development with a focus on cybersecurity.
• Proven experience developing detections and integrations within SIEM platforms (e.g., Splunk, Elastic, QRadar), ideally making use of Risk Based Alerting.
• Strong skills in Python and JavaScript, with familiarity in NodeJS and Kubernetes environments.
• Familiarity with cybersecurity frameworks (e.g., MITRE ATT&CK, Cyber Kill Chain, NIST CSF).
• Excellent communication skills with the ability to lead technical discussions and influence cross-functional partners.

Preferred Qualifications

• Experience with cloud security platforms (e.g., Wiz) and integrating their outputs into detection pipelines.
• Background in AI/ML or data science applied to cybersecurity detections.
• Deep understanding of cloud-native architectures, container security, and host-based detection.
• Experience leading PoCs or greenfield development initiatives in a complex security ecosystem.
• Demonstrated success mentoring junior engineers in a non-managerial capacity.

The Cloud & AI organization accelerates Microsoft's mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers' heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day.
In doing so, we create life-changing innovations that impact billions of lives around the world. Microsoft is one of the largest enterprise service companies in the world.
Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity.
Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions.
The Microsoft Security organization accelerates Microsoft's mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers' heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity.
Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft's mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers' heterogeneous environments, as well as ensuring the security of our own internal estate.
Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. The Microsoft Threat Intelligence Center (MSTIC) is recruiting experienced nation-state threat hunters - with highly honed threat intelligence analysis skills. MSTIC provides unique insight on threats to protect Microsoft and our customers and is responsible for delivering timely threat intelligence across our product and services teams. Microsoft's mission is to empower every person and every organization on the planet to achieve more.
As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day. Microsoft's mission is to empower every person and every organization on the planet to achieve more.
As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day.
Microsoft's mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day.
**Responsibilities**
As a senior threat intelligence analyst, you will track sophisticated adversaries and use your technical knowledge of adversary capabilities, infrastructure, and techniques.
You will define, develop, and implement techniques to discover and track current adversaries and identify the attacks of tomorrow.
You will produce actionable intelligence and proactively drive hunting, detection and Microsoft's threat actor understanding.
In this role you will be responsible for collaborating with stakeholders from MSTIC and key security groups across Microsoft, working in partnership with them to protect both Microsoft and Microsoft's customers.
You will strengthen existing partnerships and build new ones with key organizations to deliver benefits to Microsoft and its customers. 
**Qualifications**
Experience producing actionable Threat Intelligence on advanced persistent threat actors (APTs) Experience tracking APT campaigns using industry standard models including the MITRE ATT&CK framework
Proven ability to document and communicate your analytic findings to a wide range of stakeholders ranging from technical colleagues and executive readers
Experience collaborating within the wider Threat intelligence community and working within threat intelligence sharing groups
Demonstrated deep technical expertise in analysing a wide spectrum of security telemetry, to include network traffic, application logs and host-based or Endpoint Detection and Response (EDR) data.
Expertise with cloud telemetry a plus. Hands-on experience analysing and tracking complex APT campaigns using proprietary telemetry.
Proven track record in producing actionable Threat Intelligence on advanced persistent threats (APTs) based on telemetry analysis.
Ability to quickly adapt to a rapidly evolving telemetry landscape.
Exceptional communication skills, with the ability to distil complex technical findings into clear, concise intelligence products tailored for technical audiences, non-technical colleagues and executive stakeholders.
Preferred Qualifications:
Experience working to support incident response investigations is a plus
#MSSecurity #MSTIC
Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations ( .

Our client, a leader in cybersecurity solutions, is seeking an experienced Senior Threat Intelligence Analyst to join their cutting-edge security operations team. This role is crucial in identifying, analysing, and mitigating advanced cyber threats targeting the organisation and its clients. You will play a key role in developing and executing threat intelligence strategies, providing actionable insights to inform defensive measures and strategic security decisions. This position requires a deep understanding of the threat landscape, attacker methodologies, and a proven ability to translate complex intelligence into practical security improvements.

The Senior Threat Intelligence Analyst will be responsible for collecting and processing intelligence from diverse sources, including open-source intelligence (OSINT), dark web monitoring, and commercial threat feeds. You will conduct in-depth analysis of malware, attacker infrastructure, and campaign TTPs (Tactics, Techniques, and Procedures). The role involves generating regular threat reports, briefings, and alerts for various stakeholders, including technical teams and executive leadership. You will also contribute to the development of threat hunting methodologies and proactive defence strategies.

Key Responsibilities:

• Lead the collection, analysis, and dissemination of threat intelligence data from multiple sources.
• Develop and maintain advanced knowledge of current and emerging cyber threats, actors, and TTPs.
• Conduct deep-dive investigations into sophisticated threat campaigns, malware, and adversary infrastructure.
• Produce high-quality threat intelligence reports, assessments, and alerts tailored to different audiences.
• Collaborate closely with incident response, security engineering, and security operations teams to provide timely intelligence.
• Develop and refine threat hunting hypotheses and playbooks.
• Utilise threat intelligence platforms (TIPs) and security tools effectively.
• Participate in security community forums and contribute to the broader intelligence landscape.
• Mentor junior analysts and contribute to the team's overall expertise.
• Stay current with the latest cybersecurity trends, vulnerabilities, and attack vectors.

Required Qualifications:

• Bachelor's or Master's degree in Computer Science, Cybersecurity, Information Technology, or a related field, or equivalent practical experience.
• Minimum of 5 years of experience in threat intelligence, cybersecurity analysis, or incident response.
• Demonstrated expertise in analysing various types of cyber threats, including APTs, ransomware, and nation-state activity.
• Proficiency with threat intelligence tools, data analysis techniques, and malware analysis methodologies.
• Strong understanding of networking protocols, operating systems, and security technologies.
• Excellent written and verbal communication skills, with the ability to present complex information clearly and concisely.
• Experience with scripting languages (e.g., Python) for automation is a strong plus.
• Relevant certifications such as GCTI, GCIH, CISSP are highly desirable.
• Ability to work effectively in a hybrid work environment.

This exciting opportunity is located in Nottingham, Nottinghamshire, UK , offering a blend of remote flexibility and office-based collaboration.

Our client is seeking a highly skilled and analytical Senior Threat Intelligence Analyst to bolster their cybersecurity operations. This role focuses on proactively identifying, analyzing, and reporting on emerging cyber threats, threat actors, and their tactics, techniques, and procedures (TTPs). You will be instrumental in enhancing the organization's defensive capabilities by providing timely and actionable intelligence to security teams. The successful candidate will possess a deep understanding of the global threat landscape, advanced analytical skills, and the ability to synthesize information from diverse sources into comprehensive threat assessments. Key responsibilities include monitoring open-source intelligence (OSINT), dark web forums, and proprietary threat feeds; conducting in-depth research on targeted threats, malware campaigns, and sophisticated adversary groups; and developing strategic and tactical intelligence reports for various stakeholders, including SOC analysts, incident responders, and executive leadership. You will also be involved in threat hunting activities, developing detection rules, and contributing to incident response efforts by providing critical context and analysis. This is a fully remote position, demanding excellent self-discipline, time management, and the ability to collaborate effectively across distributed teams. Strong written and verbal communication skills are essential for clearly articulating complex threat information. We are looking for individuals with a Bachelor's degree in Cybersecurity, Computer Science, Intelligence Studies, or a related field, along with a minimum of 5 years of experience in threat intelligence, cybersecurity analysis, or incident response. Relevant certifications such as GIAC (GCTI, GCFA), CISSP, or OSCP are highly desirable. Experience with threat intelligence platforms (TIPs), SIEM tools, and forensic analysis techniques is expected. If you are passionate about staying ahead of cyber adversaries and contributing to a robust security posture from a remote location, we encourage you to apply.

Responsibilities:

• Conduct in-depth research and analysis of cyber threats and threat actors.
• Monitor and analyze OSINT, dark web, and proprietary threat intelligence feeds.
• Produce comprehensive strategic and tactical threat intelligence reports.
• Identify and assess the TTPs of advanced persistent threats (APTs) and other adversaries.
• Support threat hunting initiatives and develop detection strategies.
• Provide timely intelligence updates during ongoing security incidents.
• Collaborate with SOC, incident response, and vulnerability management teams.
• Develop and maintain relationships with external intelligence sharing communities.
• Contribute to the development and improvement of threat intelligence tools and processes.
• Stay abreast of the latest cybersecurity trends and threat vectors.

Qualifications:

• 5+ years of experience in threat intelligence or cybersecurity analysis.
• Bachelor's degree in Cybersecurity, Computer Science, or related field.
• Strong understanding of the global threat landscape and adversary TTPs.
• Proficiency with threat intelligence platforms (TIPs) and SIEM tools.
• Experience with OSINT and dark web research methodologies.
• Excellent analytical, research, and report writing skills.
• Strong communication and collaboration abilities for remote work.
• Relevant certifications (GIAC GCTI, CISSP, etc.) are highly desirable.
• Experience with digital forensics and incident response is a plus.

Our client, a rapidly growing cybersecurity firm, is seeking a highly motivated and analytical Senior Threat Intelligence Analyst to join their dynamic team. This hybrid role offers a blend of remote flexibility and in-office collaboration, centred around the Bradford, West Yorkshire, UK location.

You will play a crucial role in identifying, analysing, and disseminating actionable threat intelligence to protect the organisation and its clients from sophisticated cyber threats. This involves researching emerging threats, understanding adversary tactics, techniques, and procedures (TTPs), and translating complex technical data into clear, concise reports for various audiences.

Key Responsibilities:

• Monitor, analyse, and interpret a wide range of threat intelligence sources, including open-source intelligence (OSINT), dark web, technical feeds, and proprietary data.
• Identify, assess, and prioritise cyber threats relevant to the organisation and its industry, developing early warning indicators.
• Research and document adversary groups, their motivations, TTPs, and infrastructure.
• Develop and maintain intelligence collection requirements and processes to ensure comprehensive coverage.
• Produce high-quality threat intelligence reports, briefings, and alerts for technical and non-technical stakeholders.
• Collaborate with security operations, incident response, and engineering teams to integrate threat intelligence into defensive strategies.
• Contribute to the development and refinement of threat hunting methodologies and tools.
• Stay current with the latest cybersecurity threats, vulnerabilities, and defensive measures.

Qualifications:

• Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field, or equivalent practical experience.
• Minimum of 5 years of experience in information security, with a specific focus on threat intelligence, security analysis, or incident response.
• Strong understanding of threat actor methodologies, malware analysis, and network security principles.
• Proficiency with threat intelligence platforms and tools.
• Excellent analytical and critical thinking skills, with the ability to synthesise information from disparate sources.
• Superb written and verbal communication skills, with the ability to create clear and compelling intelligence products.
• Experience with scripting languages (e.g., Python) for data analysis and automation is a plus.
• Relevant certifications such as CISSP, GIAC GCTI, or similar are highly desirable.

This is an exciting opportunity to contribute to the frontline of cyber defence, working with cutting-edge tools and intelligence within a supportive and innovative environment. Be part of a team that is committed to staying ahead of cyber adversaries and protecting critical assets.

Our client is seeking an accomplished Senior Threat Intelligence Analyst to join their expanding cybersecurity team, working remotely from anywhere in the UK. This role is crucial for proactively identifying, analysing, and reporting on emerging cyber threats, adversary tactics, techniques, and procedures (TTPs), and potential vulnerabilities that could impact the organisation. You will be responsible for developing and disseminating actionable intelligence to inform defensive strategies, security operations, and risk management initiatives. The ideal candidate will possess a deep understanding of the global threat landscape, sophisticated analytical skills, and the ability to translate complex technical data into clear, concise intelligence products for various stakeholders, including technical teams and executive leadership. This is a remote-first position offering the flexibility to work from home while contributing to a critical mission.

Key Responsibilities:

• Conduct comprehensive research and analysis of cyber threat actors, campaigns, and malware.
• Develop and maintain threat intelligence feeds, reports, and alerts using various data sources and tools.
• Identify, track, and analyse emerging TTPs used by threat actors targeting our industry and related sectors.
• Provide timely and actionable intelligence to security operations, incident response, and vulnerability management teams.
• Collaborate with internal teams and external partners to share threat information and develop collective defence strategies.
• Develop and refine methodologies for threat hunting and proactive detection.
• Author detailed intelligence reports, presentations, and briefings for technical and executive audiences.
• Utilise a variety of intelligence platforms, tools, and open-source intelligence (OSINT) techniques.
• Contribute to the development of strategic threat assessments and roadmaps.
• Mentor junior analysts and contribute to the growth of the threat intelligence capability.

Qualifications and Skills:

• Bachelor's degree in Cybersecurity, Computer Science, International Relations, or a related field, or equivalent experience.
• Minimum of 5 years of experience in threat intelligence analysis, cybersecurity operations, or a related discipline.
• Proven experience with threat intelligence platforms (TIPs) and analysis tools.
• Strong understanding of cyber threat actor methodologies, malware analysis, and network forensics.
• Excellent analytical and critical thinking skills with the ability to synthesize complex information.
• Demonstrated ability to write clear, concise, and actionable intelligence reports.
• Experience with OSINT techniques and tools.
• Knowledge of various threat intelligence frameworks (e.g., MITRE ATT&CK, Cyber Kill Chain).
• Ability to work independently and as part of a remote team.
• Excellent communication and presentation skills.
• Relevant certifications such as GIAC certifications (e.g., GCTI, GCFA) are a plus.

Our client is committed to providing a secure environment and invests heavily in its cybersecurity capabilities. This role offers a significant opportunity to make a real impact, work with cutting-edge intelligence, and grow within a highly respected organisation.

Our client is seeking an experienced and highly motivated Senior Threat Intelligence Analyst to join their cybersecurity team, based in Southampton, Hampshire, UK . This critical role will focus on proactively identifying, analyzing, and reporting on cyber threats targeting the organization and its stakeholders. You will be responsible for gathering intelligence from diverse sources, including open-source intelligence (OSINT), dark web monitoring, and technical indicators of compromise (IOCs). The ideal candidate will possess a deep understanding of the threat landscape, attacker methodologies (TTPs), malware analysis, and advanced persistent threats (APTs). You will translate raw intelligence into actionable insights, providing timely and relevant information to inform defensive strategies, incident response, and risk management efforts. This position requires excellent analytical and critical thinking skills, strong technical proficiency in cybersecurity tools and technologies, and the ability to communicate complex findings effectively to both technical and non-technical audiences. You will play a key role in enhancing the organization's security posture by anticipating and mitigating emerging cyber risks. This hybrid role offers a blend of in-office collaboration and remote flexibility.

Key Responsibilities:

• Collect, process, and analyze threat intelligence from various sources (OSINT, dark web, security feeds, etc.).
• Identify and track threat actors, campaigns, and emerging TTPs relevant to the organization.
• Develop and maintain knowledge bases of threat actors, malware families, and vulnerabilities.
• Produce timely and actionable threat intelligence reports for different audiences (technical, executive).
• Provide context and analysis for security incidents and potential threats.
• Support incident response efforts with relevant threat data and analysis.
• Develop and maintain relationships with external threat intelligence communities and information sharing groups.
• Evaluate and recommend new threat intelligence tools and methodologies.
• Contribute to the development of defensive strategies based on threat intelligence.
• Present threat intelligence findings and recommendations to stakeholders.

Qualifications:

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field.
• 5+ years of experience in cybersecurity, with a specific focus on threat intelligence analysis.
• Proven experience in collecting, analyzing, and reporting on cyber threats.
• Strong understanding of attacker methodologies, malware analysis, and threat actor TTPs.
• Proficiency with threat intelligence platforms, SIEM tools, and analytical tools.
• Experience with OSINT techniques and dark web monitoring.
• Excellent analytical, research, and critical thinking skills.
• Strong written and verbal communication skills, with the ability to produce clear and concise reports.
• Relevant certifications (e.g., GIAC, CISSP) are a plus.
• Ability to work independently and collaboratively in a team environment.