25 Threat Intelligence jobs in London
Threat Intelligence Expert
Posted 23 days ago
Job Viewed
Job Description
We are actively seeking an experienced Threat Intelligence Expert to join a leading cybersecurity function within a fast-paced enterprise environment. You’ll play a key role in identifying emerging threats , analysing adversary tactics , and translating intelligence into actionable security measures to protect the organization’s digital assets.
This is a hands-on technical and analytical role ideal for candidates with deep expertise in cyber threat intelligence (CTI) , threat hunting , open-source intelligence (OSINT) , and MITRE ATT&CK framework .
Job Responsibilities
Collect, analyse, and interpret threat data from internal and external intelligence sourcesProduce actionable intelligence reports on indicators of compromise (IOCs) , TTPs , and threat actor behaviourMonitor dark web and underground forums for threat actor activity relevant to the organizationCollaborate with SOC and incident response teams to provide context and enrichment during investigationsDevelop and maintain intelligence requirements aligned with business and security goalsMaintain threat intelligence platforms (TIPs) and use tools like MISP , Anomali , or Recorded Future Track and communicate emerging threats, vulnerabilities, and geopolitical risksMap adversary behaviour to the MITRE ATT&CK framework for detection improvementsRequirementsRequired Skills
Deep knowledge of cyber threat intelligence methodologies Familiarity with frameworks such as MITRE ATT&CK , STIX/TAXII , Diamond Model Proficiency in using threat intelligence platforms (TIPs) Strong analytical skills and ability to interpret large datasetsExcellent written and verbal communication skills for report writing and stakeholder updatesExperience with OSINT tools (e.g., Maltego, Shodan, SpiderFoot)9. Desired Skills
Certifications: GCTI , GCIA , GCFA , CISSP , or Security+ Programming/scripting knowledge (Python, PowerShell)Exposure to threat modelling techniques and risk assessmentsUnderstanding of APT groups , malware families , and nation-state threats Experience working in regulated environments (e.g., finance, healthcare) BenefitsJob Benefits
Competitive salary and annual bonusHybrid/remote working flexibilityCompany-sponsored certifications and training (SANS, GIAC, etc.)Private health and dental insurancePension scheme and generous annual leaveAccess to cutting-edge threat intel tools and platformsCareer development in one of the fastest-growing areas of cybersecurityThreat Intelligence Analyst - OSINT
Posted today
Job Viewed
Job Description
Threat Intelligence Analyst - OSINT
Posted today
Job Viewed
Job Description
Threat Intelligence Analyst - OSINT
Posted today
Job Viewed
Job Description
Threat Intelligence Analyst - OSINT
London, Cheltenham or Manchester
Thanks for checking out our job opening; we are excited that YOU are interested in learning more about NCC Group.
We are on a mission to make society a safer and more secure place. Our people are the ones who make that possible; a global community of talented individuals working together towards a safer future.
We aim to create an environment where everyone can reach their full potential. We work together, we are brilliantly creative, we embrace difference and we want you to join in our mission, to make the world safer and more secure.
Take a look at our website here to learn more about why we’re one of the leading global Cyber Security and Risk Mitigation business…
The Opportunity
As a Threat Intelligence Analyst - OSINT, you will play a pivotal role within our global threat intelligence team. Working alongside colleagues across multiple time zones, you will help make our clients safer by identifying relevant threat actors, understanding their motivations, targets, and methods, and assessing client exposure.
The Global Threat Intelligence team has built a strong reputation in collecting its own data and combining it with open and commercial sources. In this role, you will analyse cyber threats, develop actionable intelligence, and collaborate with internal stakeholders. You will also contribute to the creation and maintenance of internal tooling to enhance the work of both yourself and your fellow analysts.
Your support to the wider organisation will be critical in the development of NCC Group’s Threat Intelligence capabilities and the broader service we offer.
Key Accountabilities:
OSINT collection and analysis - analysing open-source intelligence (OSINT) from the surface, deep and dark web.
Dark web access and monitoring - Gain and maintain access to dark web resources, including forums, marketplaces, shops, and chat services, to support intelligence gathering.
Threat actor and trend monitoring - Track, document, and report on threat actors, including their tools, techniques, and procedures (TTPs), as well as emerging trends across the threat landscape.
Collaboration - Work closely with internal teams, including Threat Intelligence, DFIR, SOC, and Threat Hunting, to share insights, support investigations, and strengthen organisational capabilities.
Reporting and communication - Produce clear, actionable intelligence reports tailored to both technical and non-technical stakeholders. Contribute to internal and external communications, including.
Tooling and methodology - Maintain, refine, and optimise threat intelligence tooling and processes to improve analysis workflows. Evaluate and recommend new technologies to enhance capabilities and operational efficiency.
Continuous development - Stay up to date with the evolving threat landscape, emerging OSINT methodologies, and dark web trends. Maintain a personal development plan to support ongoing learning and growth.
Ad-hoc investigations - Support client requests for OSINT investigations with scoping, conduct investigations, and produce client reports in line with the objectives outlined in the scope.
Technical Skills:
OSINT expertise - Proven experience conducting OSINT investigations across surface, deep, and dark web sources, with the ability to maintain operational security and manage online personas.
Threat intelligence knowledge - Understanding of the intelligence cycle, threat intelligence tooling, and the use of structured analytical techniques.
Cybercrime landscape awareness - Strong knowledge of cybercrime ecosystems, threat actors, and hacking methodologies, including their tools, techniques, and procedures.
Analytical skills - Demonstrated investigative mindset, critical thinking, and attention to detail when assessing and correlating intelligence.
Technical proficiency - Experience with scripting or automation (preferably Python) to support data collection, enrichment, and analysis.
Communication skills - Excellent written and verbal communication skills to produce clear and concise reports, as well as deliver briefings tailored to both technical and non-technical audiences.
Collaboration and adaptability - Ability to work effectively with cross-functional teams (e.g. DFIR, SOC, Threat Hunting) and adapt to changing priorities in a fast-moving threat landscape.
Ways of working
Focusing on Clients and Customers.
Working as One NCC.
Always Learning.
Being Inclusive and Respectful.
Delivering Brilliantly.
Our company
At NCC Group, our mission is to create a more secure digital future. That mission underpins everything we do, from our work with our incredible clients to groundbreaking research shaping our industry. Our teams' partner with clients across a multitude of industries, delving into, securing new products, and emerging technologies, as well as solving complex security problems. As global leaders in cyber and escrow, NCC Group is a people-powered business seeking the next group of brilliant minds to join our ranks.
Our colleagues are our greatest assets, and NCC Group is committed to providing an inclusive and supportive work environment that fosters creativity, collaboration, authenticity, and accountability. We want colleagues to put down roots at NCC Group, and we offer a comprehensive benefits package, as well as opportunities for learning and development and career growth. We believe our people are at their brilliant best when they feel bolstered in all aspects of their well-being, and we offer wellness programs and flexible working arrangements to provide that vital support.
Come join us?
What do we offer in return?
We have a high-performance culture which is balanced evenly with world-class well-being initiatives and benefits:
⏰Flexible working
Financial & Investment
Pension
Life Assurance
Share Save Scheme
Maternity & Paternity leave
Senior Threat Intelligence Analyst
Posted 16 days ago
Job Viewed
Job Description
Key Responsibilities:
- Collect, analyse, and interpret data from various threat intelligence sources (OSINT, commercial feeds, internal telemetry).
- Identify and track threat actors, their motivations, capabilities, and targets.
- Develop and maintain threat intelligence reports, briefings, and alerts for technical and non-technical audiences.
- Provide timely and actionable intelligence to support incident response, threat hunting, and security control improvements.
- Develop and refine intelligence requirements, methodologies, and reporting formats.
- Conduct in-depth research on specific threats, vulnerabilities, and adversary techniques.
- Contribute to the development and improvement of threat intelligence tools and platforms.
- Stay current with emerging cyber threats, vulnerabilities, and security technologies.
- Bachelor's degree in Cybersecurity, Computer Science, or a related field, or equivalent practical experience.
- 5+ years of experience in threat intelligence, cybersecurity analysis, or a related security operations role.
- Proven experience with threat intelligence platforms (TIPs) and security information and event management (SIEM) systems.
- Strong understanding of malware analysis, digital forensics, and network security concepts.
- Excellent analytical, research, and report writing skills.
- Familiarity with various threat intelligence frameworks (e.g., MITRE ATT&CK, Cyber Kill Chain).
- Ability to work independently and collaboratively in a hybrid work environment.
Senior Threat Intelligence Analyst
Posted 19 days ago
Job Viewed
Job Description
Responsibilities:
- Collect, process, and analyse threat intelligence from diverse sources, including open-source intelligence (OSINT), dark web forums, technical feeds, and human intelligence.
- Develop and maintain threat models and profiles of relevant threat actors, their motivations, capabilities, and tactics, techniques, and procedures (TTPs).
- Produce timely and actionable threat intelligence reports, briefings, and alerts for various stakeholders, including executive leadership, security operations, and incident response teams.
- Collaborate with security operations centre (SOC) analysts to operationalise threat intelligence, enhancing detection capabilities and response strategies.
- Conduct deep-dive investigations into complex security incidents and trends, identifying root causes and recommending preventive measures.
- Develop and manage threat hunting hypotheses based on intelligence assessments.
- Build and maintain relationships with external threat intelligence communities, law enforcement, and information sharing organisations.
- Contribute to the development and enhancement of the organisation's threat intelligence platform and tools.
- Mentor junior analysts and share expertise within the cybersecurity team.
- Stay abreast of the latest cybersecurity threats, vulnerabilities, and attacker methodologies.
- Bachelor's degree in Computer Science, Cybersecurity, or a related field, or equivalent practical experience.
- Minimum of 5 years of experience in threat intelligence, cybersecurity analysis, or incident response.
- Demonstrated expertise in analysing malware, network traffic, and forensic data.
- Strong understanding of cyber threat landscapes, attack vectors, and cybercrime methodologies.
- Proficiency in using threat intelligence platforms (TIPs) and SIEM tools.
- Excellent written and verbal communication skills, with the ability to convey complex technical information to non-technical audiences.
- Experience with scripting languages (e.g., Python) for automating intelligence analysis is a plus.
- Relevant certifications such as CISSP, GCTI, or GCFA are highly desirable.
- Ability to work effectively in a hybrid work environment, balancing in-office collaboration with remote work.
- Strong analytical and problem-solving skills, with a keen attention to detail.
Senior Threat Intelligence Analyst
Posted 19 days ago
Job Viewed
Job Description
Key Responsibilities:
- Collect, analyze, and synthesize raw threat data from diverse sources (e.g., open-source intelligence, technical indicators, dark web forums, incident response data).
- Identify and track advanced persistent threats (APTs), cybercriminal groups, and other malicious actors targeting the organization and its industry.
- Develop comprehensive threat intelligence reports, briefings, and alerts for various stakeholders, including executive leadership, incident response teams, and security operations centers.
- Map threat actor TTPs to the MITRE ATT&CK framework and other relevant models.
- Conduct proactive threat hunting activities based on intelligence findings.
- Provide strategic recommendations to improve defensive security controls, policies, and incident response procedures.
- Develop and maintain relationships with external intelligence providers, law enforcement, and industry peers.
- Utilize and optimize threat intelligence platforms, SIEM tools, and other security technologies.
- Mentor junior analysts and contribute to the continuous improvement of the threat intelligence program.
- Stay current with the latest geopolitical events, cyber warfare trends, and emerging technologies that impact the threat landscape.
Qualifications:
- Bachelor's or Master's degree in Cybersecurity, Computer Science, Intelligence Studies, or a related field, or equivalent practical experience.
- 5+ years of experience in cyber threat intelligence analysis, incident response, or cybersecurity operations.
- Demonstrated expertise in analyzing malware, network traffic, and forensic data.
- Strong understanding of attacker methodologies, cyber kill chains, and adversary motivations.
- Proficiency in using threat intelligence platforms, OSINT tools, and data analysis techniques.
- Excellent written and verbal communication skills, with the ability to articulate complex technical information clearly and concisely.
- Experience with scripting languages (e.g., Python) for automation is highly desirable.
- Relevant certifications such as GIAC (GCTI, GCIH), CISSP, or CompTIA Security+ are a plus.
- Proven ability to work independently and collaboratively in a remote, fast-paced environment.
- Strong analytical and critical thinking skills with a keen attention to detail.
Be The First To Know
About the latest Threat intelligence Jobs in London !
Senior Threat Intelligence Analyst
Posted 19 days ago
Job Viewed
Job Description
Responsibilities:
- Collect, analyze, and interpret threat intelligence data from various sources, including open-source intelligence (OSINT), dark web monitoring, and commercial feeds.
- Develop and maintain threat models and actor profiles.
- Produce comprehensive threat intelligence reports, briefings, and alerts for technical and executive stakeholders.
- Provide timely and actionable recommendations for threat mitigation and incident response.
- Collaborate with incident response, security operations, and vulnerability management teams to integrate intelligence into security operations.
- Conduct deep-dive investigations into emerging threats and vulnerabilities.
- Stay abreast of the latest threat trends, attack techniques, and adversary TTPs (Tactics, Techniques, and Procedures).
- Contribute to the development and improvement of threat intelligence platforms and processes.
- Mentor junior analysts and share expertise within the security team.
- Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field, or equivalent practical experience.
- Minimum of 5 years of experience in threat intelligence, cybersecurity analysis, or a closely related field.
- Strong understanding of cyber threat actors, motivations, and methodologies.
- Proficiency with threat intelligence platforms (TIPs), SIEM tools, and data analysis techniques.
- Experience with malware analysis, reverse engineering, and digital forensics is a plus.
- Excellent analytical, research, and problem-solving skills.
- Exceptional written and verbal communication skills, with the ability to present complex information clearly and concisely.
- Relevant certifications such as CISSP, GIAC, or CEH are highly desirable.
- Must have the right to work in the UK.
Threat Intelligence Analyst - OSINT
Posted today
Job Viewed
Job Description
Threat Intelligence Analyst - OSINT
London, Cheltenham or Manchester
Thanks for checking out our job opening; we are excited that YOU are interested in learning more about NCC Group.
We are on a mission to make society a safer and more secure place. Our people are the ones who make that possible; a global community of talented individuals working together towards a safer future.
We aim to create an environment where everyone can reach their full potential. We work together, we are brilliantly creative, we embrace difference and we want you to join in our mission, to make the world safer and more secure.
Take a look at our website here to learn more about why we’re one of the leading global Cyber Security and Risk Mitigation business…
The Opportunity
As a Threat Intelligence Analyst - OSINT, you will play a pivotal role within our global threat intelligence team. Working alongside colleagues across multiple time zones, you will help make our clients safer by identifying relevant threat actors, understanding their motivations, targets, and methods, and assessing client exposure.
The Global Threat Intelligence team has built a strong reputation in collecting its own data and combining it with open and commercial sources. In this role, you will analyse cyber threats, develop actionable intelligence, and collaborate with internal stakeholders. You will also contribute to the creation and maintenance of internal tooling to enhance the work of both yourself and your fellow analysts.
Your support to the wider organisation will be critical in the development of NCC Group’s Threat Intelligence capabilities and the broader service we offer.
Key Accountabilities:
OSINT collection and analysis - analysing open-source intelligence (OSINT) from the surface, deep and dark web.
Dark web access and monitoring - Gain and maintain access to dark web resources, including forums, marketplaces, shops, and chat services, to support intelligence gathering.
Threat actor and trend monitoring - Track, document, and report on threat actors, including their tools, techniques, and procedures (TTPs), as well as emerging trends across the threat landscape.
Collaboration - Work closely with internal teams, including Threat Intelligence, DFIR, SOC, and Threat Hunting, to share insights, support investigations, and strengthen organisational capabilities.
Reporting and communication - Produce clear, actionable intelligence reports tailored to both technical and non-technical stakeholders. Contribute to internal and external communications, including.
Tooling and methodology - Maintain, refine, and optimise threat intelligence tooling and processes to improve analysis workflows. Evaluate and recommend new technologies to enhance capabilities and operational efficiency.
Continuous development - Stay up to date with the evolving threat landscape, emerging OSINT methodologies, and dark web trends. Maintain a personal development plan to support ongoing learning and growth.
Ad-hoc investigations - Support client requests for OSINT investigations with scoping, conduct investigations, and produce client reports in line with the objectives outlined in the scope.
Technical Skills:
OSINT expertise - Proven experience conducting OSINT investigations across surface, deep, and dark web sources, with the ability to maintain operational security and manage online personas.
Threat intelligence knowledge - Understanding of the intelligence cycle, threat intelligence tooling, and the use of structured analytical techniques.
Cybercrime landscape awareness - Strong knowledge of cybercrime ecosystems, threat actors, and hacking methodologies, including their tools, techniques, and procedures.
Analytical skills - Demonstrated investigative mindset, critical thinking, and attention to detail when assessing and correlating intelligence.
Technical proficiency - Experience with scripting or automation (preferably Python) to support data collection, enrichment, and analysis.
Communication skills - Excellent written and verbal communication skills to produce clear and concise reports, as well as deliver briefings tailored to both technical and non-technical audiences.
Collaboration and adaptability - Ability to work effectively with cross-functional teams (e.g. DFIR, SOC, Threat Hunting) and adapt to changing priorities in a fast-moving threat landscape.
Ways of working
Focusing on Clients and Customers.
Working as One NCC.
Always Learning.
Being Inclusive and Respectful.
Delivering Brilliantly.
Our company
At NCC Group, our mission is to create a more secure digital future. That mission underpins everything we do, from our work with our incredible clients to groundbreaking research shaping our industry. Our teams' partner with clients across a multitude of industries, delving into, securing new products, and emerging technologies, as well as solving complex security problems. As global leaders in cyber and escrow, NCC Group is a people-powered business seeking the next group of brilliant minds to join our ranks.
Our colleagues are our greatest assets, and NCC Group is committed to providing an inclusive and supportive work environment that fosters creativity, collaboration, authenticity, and accountability. We want colleagues to put down roots at NCC Group, and we offer a comprehensive benefits package, as well as opportunities for learning and development and career growth. We believe our people are at their brilliant best when they feel bolstered in all aspects of their well-being, and we offer wellness programs and flexible working arrangements to provide that vital support.
Come join us?
What do we offer in return?
We have a high-performance culture which is balanced evenly with world-class well-being initiatives and benefits:
⏰Flexible working
Financial & Investment
Pension
Life Assurance
Share Save Scheme
Maternity & Paternity leave
Senior Cybersecurity Analyst - Threat Intelligence
Posted 14 days ago
Job Viewed
Job Description
Responsibilities:
- Develop and execute threat intelligence gathering methodologies.
- Analyse and interpret threat data from diverse sources.
- Identify, track, and profile cyber threat actors and their TTPs.
- Conduct threat hunting operations and malware analysis.
- Produce actionable threat intelligence reports for various stakeholders.
- Collaborate with incident response and SOC teams.
- Contribute to the development of security policies and controls based on intelligence.
- Participate in industry threat intelligence sharing forums.
Qualifications:
- Minimum of 5 years of experience in cybersecurity, with a focus on threat intelligence or analysis.
- Strong knowledge of global threat landscape and adversary TTPs.
- Proficiency in OSINT, dark web analysis, and threat feed integration.
- Experience with SIEM, EDR, and threat intelligence platforms.
- Excellent analytical, research, and report writing skills.
- Understanding of network protocols, operating systems, and common attack vectors.
- Relevant cybersecurity certifications (e.g., CISSP, GCTI, CEH) are a plus.
- Bachelor's degree in Computer Science, Cybersecurity, or a related field, or equivalent experience.