Cyber Threat Intelligence Manager

  • Location:

    City of London, London

  • Sector:

    Cyber Security

  • Job type:

    Permanent

  • Salary:

    £80000 - £120000 per annum

  • Contact:

    Steven Da Silva

  • Job ref:

    CTI Manager_1542128880

  • Published:

    27 days ago

  • Expiry date:

    2018-12-13

  • Startdate:

    ASAP

Cyber Threat Intelligence Manager

About the role:

A new and exciting opportunity has emerged in search for a Cyber Threat Intelligence Manager, to work for a market leading insurance company in London, building out a cyber threat intelligence function, providing technical reports and recommendations.

This position is open to a successful individual to work within a green field function, building their Cyber Threat Intelligence function from scratch, working very closely along side the SOC and CIRT teams.

Key Responsibilities:

  • Conducting a variety of threat intelligence activities, including deep dive analysis from forensics and malware investigations, investigating potential security incidents.
  • Ensuring timely responses to all cyber incidents, minimising the risk exposure and production down time.
  • Analyse and correlate incident data to develop a preliminary root cause and corresponding remediation strategy.
  • Utilise incident response playbooks to follow established and repeatable processes for triaging and containment of an incident.
  • Provide timely, comprehensive and accurate information to the key stakeholders in both written and verbal communications.
  • Develop and update incident response playbooks, monitoring requirements and to ensure response activities align with best practices, minimise gaps in response and provide comprehensive mitigation of threats.

Key Skills & Requirements:

  • Previous experience from building a Cyber Threat Intelligence function from scratch.
  • Extensive experience within both technical and strategical aspects of Cyber Threat Intelligence.
  • Extensive knowledge of security relevant data, such as; Network protocols, ports and common services such as TCP/IP protocols and application layer protocols (e.g., HTTP/S, DNS, FTP, SMTP, etc.)
  • Knowledge of privilege escalation, persistence and lateral movement techniques.
  • Knowledge of common malware and exploit tools and techniques.
  • Experience of Information Technology experience with Windows OS platforms.
  • Knowledge of Cloud security and incident response in a Cloud environment.
  • Able to report technical details to non-technical personnel.
  • Experience in developing and maintaining Threat Intelligence.