Job Title: Cyber Threat Intellegence Analyst
This is an opportunity to join an established cyber security team at a critical point of growth, stepping into a threat intelligence–focused role with real influence over detection, response, and decision-making. You’ll work at the intersection of threat intelligence and security operations, analysing emerging threat landscapes and translating intelligence into actionable outcomes across Microsoft-based environments.
You’ll benefit from working in a mature environment with strong tooling such as CrowdStrike and Recorded Future, the flexibility of a split-shift model across UK and Canada offices, and a role designed for independent thinkers who want autonomy without on-call fatigue. With clear ownership, senior exposure, and time to focus on meaningful analysis rather than constant firefighting, this role suits someone ready to deepen their impact in cyber threat intelligence.
Responsibilities:
* Monitor, analyse, and respond to security incidents and EDR alerts using CrowdStrike and supporting security tooling
* Conduct cyber threat intelligence analysis using internal data, OSINT, and platforms such as Recorded Future
* Track and report on emerging threats, threat actors, and changes in the global threat landscape
* Produce high-quality written intelligence reports for technical and non-technical stakeholders
* Support incident response investigations with intelligence-led insights and contextual analysis
* Work closely with security operations to enhance detections, investigations, and response processes
* Use SIEM, TIPs, and threat feeds to enrich alerts and improve security posture
* Translate complex technical findings into clear, actionable intelligence
* Operate independently while collaborating with the wider team through regular meetings
Skills / Must Have
* Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, Computer Engineering, or a related field
* Around 4 years’ experience in cyber threat intelligence, security operations, or a closely related role
* Strong understanding of networking concepts including TCP/IP, DNS, common protocols, and system internals across Windows and Linux
* Hands‑on experience with SIEM platforms, threat intelligence platforms, and threat‑hunting tools such as Recorded Future, Elastic, CrowdStrike, or Mimecast
* Familiarity with intelligence and security frameworks including MITRE ATT&CK, Cyber Kill Chain, and Diamond Model
* Experience conducting OSINT and investigative research
* Excellent analytical thinking, pattern recognition, and problem‑solving skills
* Strong written and verbal communication skills with the ability to present intelligence clearly
* Comfortable working independently and managing workload proactively
* Experience in finance, military, or police environments is beneficial
* Exposure to Microsoft and Windows‑centric environments
* Scripting or programming knowledge such as Python or PowerShell is advantageous but not essential
Certifications (desirable, not all required)
* CREST Threat Intelligence certifications such as CRTIA or CCTIM
* SANS FOR578
* CISSP
* GCIH or GCIA
* CEH
* CompTIA Security+ or CySA+
Work arrangement & Benefits
* Split-shift working model aligned with UK and Canada offices
* No out-of-hours or on-call requirements
* Hybrid working with one day per month in the London office
* Well-defined role with autonomy and ownership
* Exposure to a constantly evolving threat landscape
* Regular team collaboration with two scheduled meetings per week
#J-18808-Ljbffr