119 Threat Intelligence jobs in London

• Develop and implement comprehensive threat intelligence programs.
• Monitor and analyze global threat intelligence sources and feeds.
• Identify, track, and profile threat actors, campaigns, and TTPs.
• Produce timely and actionable threat intelligence reports for various audiences.
• Conduct deep-dive investigations into emerging threats and security incidents.
• Develop and tune threat detection rules and signatures.
• Collaborate with Incident Response and SOC teams.
• Provide expert guidance on threat landscape trends and mitigation strategies.
• Contribute to the development of security policies and best practices.
• Maintain and enhance threat intelligence platforms and tools.

• Bachelor's degree in Cybersecurity, Computer Science, or a related field; Master's preferred.
• Minimum of 5 years of experience in information security, with at least 3 years focused on threat intelligence.
• Demonstrated experience with threat intelligence platforms (TIPs), SIEM, and EDR tools.
• In-depth knowledge of cyber threat actors, malware, TTPs, and attack methodologies.
• Proficiency in scripting languages (e.g., Python) for data analysis and automation.
• Strong analytical, research, and problem-solving skills.
• Excellent written and verbal communication skills, with the ability to brief senior management.
• Experience working in a remote or distributed team environment.
• Relevant certifications such as GIAC (GCTI, GCFA), CISSP, or OSCP are highly desirable.
• Understanding of geopolitical factors influencing cyber threats.

• Collect, analyze, and interpret threat intelligence data from various sources, including open-source intelligence (OSINT), dark web monitoring, and commercial feeds.
• Develop and maintain threat intelligence platforms and tools.
• Identify and track threat actors, their TTPs (Tactics, Techniques, and Procedures), and motivations relevant to the organization.
• Produce timely and actionable threat intelligence reports for various stakeholders, including executive leadership, security operations, and incident response teams.
• Provide early warnings of emerging threats and vulnerabilities.
• Develop and implement threat hunting methodologies to proactively search for indicators of compromise (IOCs) within the environment.
• Collaborate with Security Operations Center (SOC) analysts to enhance detection capabilities and incident response processes.
• Contribute to the development of security policies, standards, and procedures based on threat intelligence insights.
• Stay abreast of the latest cybersecurity threats, trends, and technologies.
• Participate in incident response activities as required.

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field.
• Minimum of 5 years of experience in information security, with at least 2-3 years focused on threat intelligence analysis.
• Demonstrated experience with threat intelligence platforms (e.g., Anomali, Recorded Future, MISP) and OSINT gathering techniques.
• Strong understanding of various threat actor types (APT, cybercrime, hacktivism) and their methodologies.
• Proficiency in analyzing malware, network traffic, and log data.
• Excellent analytical, research, and problem-solving skills.
• Ability to communicate complex technical information clearly and concisely, both verbally and in writing.
• Relevant certifications such as GCTI, CTIA, or CISSP are highly desirable.
• Experience with scripting languages (e.g., Python) for automation is a plus.
• Ability to work effectively in a hybrid work model, demonstrating strong self-management skills.

• Monitor and analyze threat intelligence feeds, open-source intelligence (OSINT), and dark web sources to identify emerging threats, attacker tactics, techniques, and procedures (TTPs).
• Develop and maintain threat models and intelligence reports tailored to the organization's risk profile and industry.
• Provide timely and actionable threat intelligence to incident response, security operations, and vulnerability management teams.
• Conduct deep-dive investigations into potential security incidents and attribution analysis.
• Develop and implement threat hunting methodologies and campaigns to proactively uncover undetected threats within the environment.
• Manage and optimize security tools and platforms used for threat intelligence gathering, analysis, and dissemination (e.g., SIEM, SOAR, TIP platforms).
• Create comprehensive intelligence reports, briefings, and presentations for technical and executive audiences.
• Collaborate with internal stakeholders and external partners (e.g., CERTs, law enforcement, industry peers) to share intelligence and best practices.
• Stay abreast of the latest cyber security trends, vulnerabilities, and threat actor activities globally.
• Contribute to the continuous improvement of the organization's threat intelligence program and overall security strategy.

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field, or equivalent practical experience.
• A minimum of 5 years of experience in information security, with at least 3 years focused specifically on threat intelligence, cyber threat analysis, or digital forensics.
• In-depth knowledge of attacker methodologies, malware analysis, network protocols, and common security vulnerabilities.
• Proficiency in utilizing various threat intelligence platforms (TIPs) and data analysis tools.
• Experience with scripting languages (e.g., Python) for automation and data analysis is highly desirable.
• Strong understanding of SIEM, EDR, and other security monitoring technologies.
• Excellent analytical, research, and problem-solving skills.
• Ability to communicate complex technical information clearly and concisely to diverse audiences, both verbally and in writing.
• Relevant certifications such as GCTI, CISSP, CEH, or equivalent are a strong asset.
• Must be comfortable working independently and collaboratively in a fully remote, global team environment.

• Monitor, collect, and analyze threat intelligence from various sources (OSINT, threat feeds, dark web).
• Develop and maintain threat actor profiles, TTPs (Tactics, Techniques, and Procedures), and indicators of compromise (IOCs).
• Produce comprehensive threat intelligence reports, briefings, and alerts for various stakeholders, including technical teams and senior management.
• Conduct in-depth research on emerging threats, vulnerabilities, and attack vectors relevant to the organization's industry.
• Collaborate with Security Operations Center (SOC) and incident response teams to provide context and support during security incidents.
• Develop and refine threat hunting methodologies and playbooks.
• Evaluate and recommend new threat intelligence tools and technologies.
• Contribute to the development and improvement of the overall security strategy.
• Mentor junior security analysts and share knowledge across the team.
• Ensure effective communication and collaboration within a distributed, remote security team.

• Proven experience as an Information Security Analyst with a focus on Threat Intelligence.
• Deep understanding of cyber threat landscapes, attack methodologies, and common vulnerabilities.
• Proficiency in using threat intelligence platforms, SIEM tools, and data analysis techniques.
• Experience with OSINT gathering and analysis.
• Strong research, analytical, and critical thinking skills.
• Excellent written and verbal communication skills, with the ability to present complex information clearly.
• Ability to work independently and manage priorities effectively in a remote environment.
• Relevant industry certifications (e.g., CISSP, GIAC) are highly desirable.
• Bachelor's degree in Computer Science, Cybersecurity, or a related field, or equivalent practical experience.
• Experience in scripting or programming (e.g., Python) for automation is a plus.

• Monitor, analyse, and interpret threat intelligence feeds, security alerts, and incident data from various sources.
• Develop and maintain a comprehensive understanding of current and emerging cyber threats, vulnerabilities, and attacker tactics, techniques, and procedures (TTPs).
• Produce timely and actionable threat intelligence reports, briefings, and alerts for different stakeholders, including technical teams and senior leadership.
• Proactively identify and assess potential threats and risks to the organisation's infrastructure, applications, and data.
• Develop and refine threat hunting methodologies and playbooks to proactively search for advanced threats within the environment.
• Collaborate with the Security Operations Center (SOC) and Incident Response (IR) teams to provide context and support during security incidents.
• Contribute to the development and implementation of security controls and strategies based on threat intelligence findings.
• Research and evaluate new threat intelligence tools and platforms to enhance our capabilities.
• Build relationships with external threat intelligence communities and information sharing organisations.
• Stay abreast of the latest cybersecurity trends, technologies, and best practices.

• Bachelor's degree in Computer Science, Cybersecurity, or a related field, or equivalent practical experience.
• Minimum of 5 years of experience in information security, with a strong focus on threat intelligence, security analysis, or incident response.
• Proven experience in analysing malware, network traffic, and log data.
• Familiarity with common threat intelligence frameworks (e.g., MITRE ATT&CK, Cyber Kill Chain).
• Proficiency with SIEM, SOAR, and EDR tools.
• Strong understanding of networking protocols, operating systems, and cloud security concepts.
• Excellent analytical, critical thinking, and problem-solving skills.
• Exceptional written and verbal communication skills, with the ability to articulate technical concepts to diverse audiences.
• Ability to work independently in a remote setting, manage priorities, and meet deadlines.
• Relevant certifications (e.g., CISSP, GIAC, OSCP) are a plus.

• Proactively monitor, analyse, and report on emerging cyber threats, vulnerabilities, and attack vectors relevant to the financial sector.
• Develop and maintain threat intelligence feeds, sources, and methodologies to enhance detection and prevention capabilities.
• Conduct in-depth analysis of malware, phishing campaigns, and advanced persistent threats (APTs).
• Provide actionable threat intelligence to security operations centre (SOC), incident response teams, and other stakeholders to inform defensive strategies.
• Develop and tune security tools and technologies (e.g., SIEM, EDR, SOAR) based on threat intelligence.
• Collaborate with internal teams and external partners to share threat information and best practices.
• Contribute to incident response efforts by providing timely and accurate threat context.
• Research and assess new threat intelligence platforms and techniques.
• Create regular threat landscape reports and executive summaries for senior management.
• Participate in security awareness training initiatives by providing insights into current threats.

• Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field; Master's degree is a plus.
• Minimum of 5 years of experience in information security, with a specific focus on threat intelligence, security operations, or incident response.
• Demonstrated expertise in analysing various types of cyber threats, including malware, phishing, APTs, and DDoS attacks.
• Proficiency with threat intelligence platforms, open-source intelligence (OSINT) tools, and data analysis techniques.
• Strong understanding of network protocols, operating systems, and common security architectures.
• Experience with SIEM, IDS/IPS, EDR, and other security monitoring tools.
• Excellent analytical, problem-solving, and critical thinking skills.
• Outstanding written and verbal communication skills, with the ability to articulate complex technical information clearly.
• Relevant security certifications such as CISSP, GCTI, GDAT, or GCFA are highly advantageous.
• Ability to work independently, manage priorities, and thrive in a fast-paced, remote work environment.

We are actively seeking an experienced Threat Intelligence Expert to join a leading cybersecurity function within a fast-paced enterprise environment. You’ll play a key role in identifying emerging threats , analysing adversary tactics , and translating intelligence into actionable security measures to protect the organization’s digital assets.

This is a hands-on technical and analytical role ideal for candidates with deep expertise in cyber threat intelligence (CTI) , threat hunting , open-source intelligence (OSINT) , and MITRE ATT&CK framework .

Job Responsibilities

Required Skills

9. Desired Skills

Job Benefits

• Collect, process, and analyse threat intelligence from diverse sources, including open-source intelligence (OSINT), dark web forums, technical feeds, and human intelligence.
• Develop and maintain threat models and profiles of relevant threat actors, their motivations, capabilities, and tactics, techniques, and procedures (TTPs).
• Produce timely and actionable threat intelligence reports, briefings, and alerts for various stakeholders, including executive leadership, security operations, and incident response teams.
• Collaborate with security operations centre (SOC) analysts to operationalise threat intelligence, enhancing detection capabilities and response strategies.
• Conduct deep-dive investigations into complex security incidents and trends, identifying root causes and recommending preventive measures.
• Develop and manage threat hunting hypotheses based on intelligence assessments.
• Build and maintain relationships with external threat intelligence communities, law enforcement, and information sharing organisations.
• Contribute to the development and enhancement of the organisation's threat intelligence platform and tools.
• Mentor junior analysts and share expertise within the cybersecurity team.
• Stay abreast of the latest cybersecurity threats, vulnerabilities, and attacker methodologies.

• Bachelor's degree in Computer Science, Cybersecurity, or a related field, or equivalent practical experience.
• Minimum of 5 years of experience in threat intelligence, cybersecurity analysis, or incident response.
• Demonstrated expertise in analysing malware, network traffic, and forensic data.
• Strong understanding of cyber threat landscapes, attack vectors, and cybercrime methodologies.
• Proficiency in using threat intelligence platforms (TIPs) and SIEM tools.
• Excellent written and verbal communication skills, with the ability to convey complex technical information to non-technical audiences.
• Experience with scripting languages (e.g., Python) for automating intelligence analysis is a plus.
• Relevant certifications such as CISSP, GCTI, or GCFA are highly desirable.
• Ability to work effectively in a hybrid work environment, balancing in-office collaboration with remote work.
• Strong analytical and problem-solving skills, with a keen attention to detail.