Location
Hybrid – this role can be based from our Frimley, London or Manchester offices. We expect a minimum of 1 day a week in the office. We offer a range of hybrid and flexible working arrangements – please speak to your recruiter about the options for this particular role.
About the Role
Investigating cyber intrusions and threat activity in the Middle East region as part of our global Threat Intelligence team.
Responsibilities
* Discover, analyse, document and track advanced threat actor campaigns.
* Conduct research on threat actors (from hacktivist to criminal to state) and their tools, techniques and procedures (TTPs) using commercial and open sources.
* Produce finished intelligence reports related to state and criminal threats, with insights into attacker techniques and identified campaigns, including actionable mitigation and detection guidance.
* Work in a collaborative environment with other technical specialists, intelligence analysts and customer‑facing consultants.
* Support intelligence analysts with malware analysis and assist incident responders with technical expertise.
Qualifications
* Experience tracking actors or campaigns and their associated tactics, techniques and tools.
* Strong understanding of the cyber threat landscape and ability to communicate relevant insights to customers.
* Self‑starter with the ability to identify problems early and develop solutions using own initiative.
* Technical skills with an interest in one or more of the following: open source intelligence investigations, digital forensics, infrastructure analysis, threat hunting or malware reverse engineering.
* Understanding of networking fundamentals such as HTTP, TCP/IP, DNS and other core protocols.
* Experience writing Python scripts.
* Ability to document and explain technical details clearly and concisely in writing and graphics for technical and non‑technical audiences.
Desirable Skills
* Experience querying commercial and open sources, such as Shodan, Censys, etc.
* Familiarity with malware sandboxing and using the output to pivot and find additional activity.
* Experience in threat hunting and creating file/network traffic signatures using Yara and Snort.
* Experience with cloud environments, including AWS and Azure.
* Experience writing Python scripts.
We are looking for a candidate with a strong understanding of the cyber threat landscape and a passion for technical analysis who is excited to become part of a growing team.
BAE Systems Digital Intelligence offers world‑class threat intelligence services to customers across the globe. Our team investigates some of the most complex nation‑state threat actors and intrusions on a daily basis. We currently have a vacancy for an experienced Threat Intelligence Specialist focused on threats to the Middle East region in our team.
Many roles at BAE Systems are subject to both security and export control restrictions. These restrictions mean that factors such as your nationality, any nationalities you may have previously held, and your place of birth can restrict the roles you are eligible to perform within the organisation. All applicants must, as a minimum, achieve Baseline Personnel Security Standard. Many roles also require higher levels of National Security Vetting, where applicants must typically have 5 to 10 years of continuous residency in the UK depending on the vetting level required for the role, to allow for meaningful security vetting checks.
As well as a competitive pension scheme, BAE also offers employee share plans, an extensive range of flexible discounted health, wellbeing & lifestyle benefits, including a green car scheme, private health plans and shopping discounts – you may also be eligible for an annual incentive.
Why BAE Systems?
This is a place where you'll be able to make a real difference. You'll be part of an inclusive culture that values diversity of thought, rewards integrity and merit, and where you'll be empowered to fulfil your potential. We welcome people from all backgrounds and want to make sure that our recruitment processes are as inclusive as possible.
If you have a disability or health condition (for example dyslexia, autism, an anxiety disorder etc.) that may affect your performance in certain assessment types, please speak to your recruiter about potential reasonable adjustments.
#J-18808-Ljbffr