Join Police Digital Service in a NMC Cyber Threat Intelligence (CTI) role (Hybrid / Lancashire) Police Digital Service are looking to hire CTI roles at the following levels: Cyber Threat Intelligence Specialist – Mid-Tier Threat Intelligence Role; Recommended for those with experience in cyber threat intelligence, or associated fields. Veterans with an intelligence background and an interest in cyber are encouraged to apply Senior Cyber Threat Intelligence Specialist – Senior Threat Intelligence Role; Recommended for those with significant cyber threat intelligence experience As a member of the Threat Intelligence team, you'll be involved with: Developing awareness for the policing community of the cyber risks to critical services by continually assessing the threat landscape and informing stakeholders. Reporting cyber risks to service, executive, and operational stakeholders for mitigation decisions. Limiting the impact of known cyber risks by engaging forces in pre-incident planning and preparatory activities. Constraining attack surfaces through proactive threat intelligence working directly alongside the threat hunting and malware service. About Police Digital Service We exist to harness the power of digital, data and technology to enable UK policing to better protect the communities it serves. Ours is a team of experts in commercial services, technical assurance, data, digital transformation and innovation, with a unique experience in policing and national programme delivery. The National Management Centre will provide visibility and control of information risks for Policing. It will support the 24x7x365 nature of the police operations, providing a threat detection and response capability for digital services before, during and after cyber attacks, enabling stakeholders to understand and proactively manage risk across the technology estate at both the national and force level. Why Join us? You can find out more here: Benefits – Police Digital Service (pds.police.uk) Key Responsibilities These will vary depending on the level of role however all roles will be responsible for: Providing expertise and support through the use of analytical products to assist mitigation practices at a tactical and operational level. Analysis of advanced persistent threats including the tactics, techniques, and procedures (TTPs) of attackers. Conducting analysis at a tactical and operational level, identifying and using appropriate analytical tools and techniques to interpret gaps, patterns and trends, assess threat, risk and harm and make recommendations in support of decision making, prioritisation and resource allocation. Correlating intelligence from a variety of sources, to develop and lead understanding and analysis of contextually relevant threats. Performing a broad range of tasks, bringing together output from stakeholders within Cyber SOC, Malware, Threat Hunting and Vulnerability teams. Preparing and delivering analytical alerts, reports, and briefings to stakeholders to provide a clear and concise evidence-based understanding of the subject matter, including providing advice and guidance. Working proactively to serve the policing community with limited direct oversight (depending on role and capabilities), and to take ownership of deliverables. For seniors, you will additionally be responsible for developing and training other analysts using appropriate analytical tools and techniques. What you need to succeed in the role Essential: All roles are required to have: Ability to acquire SC and NPPV3 level clearances Strong interest in cyber security and threat actors Insatiable thirst for knowledge Ability to translate complex cyber issues to relevant audiences, both verbally and written Experience in internal and external stakeholder management and engagement Specialist Knowledge of current threat landscape including specific awareness of adversarial cyber actors, including their TTPs Experience in utilising open-source intelligence and the development of tools to assist with this Experience in conducting malware, phishing, and SIEM log analysis Knowledge of relevant CTI sources Senior Excellent knowledge of adversarial cyber actors, including their TTPs and the adversary lifecycle Comprehensive experience in conducting malware, phishing, and SIEM log analysis Experience with threat modelling systems and risk assessment models Extensive experience in utilising open-source intelligence Experienced CTI analyst with the ability to progress service provided to police forces, lead development, and train juniors Demonstrated ability to manage customer relationships Strong leadership skills with the ability to prioritise and operate in a methodical and disciplined manner Ability to operate in high-pressured environments with proven experience of support provided during cyber incidents Desirable: Relevant qualifications including: CREST Registered Threat Intelligence Analyst, GIAC Cyber Threat Intelligence (GCTI), and/or Completed Intelligence Analysis course (e.g. NIAT, RISC UK or similar) Demonstrated experience in developing and delivering cybercrime or risk reduction recommendations and / or strategies Understanding of UK Police cyber and IT environments Working Arrangements At the NMC, you will benefit from hybrid working, getting the advantages of both face-to-face team engagement and home working. NMC employees have the opportunity to work in our modern office environment for in-person collaboration, however you will also get the opportunity to work from home 2 days a week.