Job Purpose
CLS is seeking a highly motivated, self‑driven Cyber Threat Intelligence Senior Analyst to join a global threat intelligence team. The role involves technical and strategic research and intelligence analysis of threats relevant to the industry, business, and related technologies. The analyst will monitor threat actor groups, TTPs, intrusion activities, and geopolitical relevance, share intelligence with industry and government partners, and mentor other team members.
Responsibilities
* Collect, process and disseminate cyber threat intelligence from sources such as open‑source reports, information‑sharing partners and vendor reports to create actionable results for internal stakeholders.
* Coordinate and produce strategic, operational and tactical intelligence products for business units, technical teams and executive stakeholders.
* Provide situational awareness on current threat landscape and maintain knowledge of adversary activities including geopolitical implications and TTPs for briefing varying teams.
* Assess emerging threats against operational environment and partner with security teams for detection, mitigation and remediation.
* Perform trend and correlation of cyber intelligence for recommendation‑based countermeasures.
* Support and engage in incident‑response investigations.
* Perform basic network security analysis in support of intrusion‑detection operations, including development and enrichment of indicators to enhance network security posture.
* Review other analysts’ work and provide mentorship and guidance.
* Actively support external intelligence‑sharing engagements with other financial institutions and government partners.
Experience and Qualifications
* 6–10+ years of direct cyber threat intelligence experience.
* 5+ years of progressive experience in information security, preferably in Threat Intelligence, Security Operations or Incident Response roles.
* Understanding of the intelligence lifecycle and risk‑management.
* Knowledge of fundamentals of threat actors’ TTPs.
* Understanding of IOC validation practices and sources.
* Familiarity with the MITRE ATT&CK framework and mapping.
* Geopolitical knowledge and potential impacts on the financial sector.
* Excellent interpersonal and relationship‑management skills.
* Individual contributor while also contributing to a small team.
* Self‑motivated with ability to work with minimal supervision.
* Demonstrated strong writing skills; able to convey complex technical and non‑technical concepts.
Qualifications / Certifications
* Bachelor’s degree in Cybersecurity, Intelligence Studies, International Relations, Economics, Computer Science or related discipline.
* Security certification such as SANS GIAC (or equivalent) – ideally GCTI or working toward equivalent certification.
* Experience with threat intelligence and SOC/CIRT interaction.
* Splunk experience.
* Experience with threat‑intelligence platforms (ThreatConnect, ThreatQ, or Filigran).
* Experience with SIEM and other cyber‑security tools.
* Experience with threat‑intelligence vendors.
* Ability to work on‑site at least twice a week in London and/or participate in local intelligence‑sharing groups.
Desired Skills
* Financial sector experience.
* Developing threat‑intelligence related automations.
#J-18808-Ljbffr