We are seeking a Threat Analyst to join our rapidly growing Information Security team. This is a unique opportunity for an aspiring and motivated professional to be at the forefront of our cyber defence strategy, protecting our brand from existing and emerging threats. You will combine the expertise of a Threat Hunter and Cyber Threat Intelligence Analyst, and will work alongside our Senior Threat Analyst to build our threat intelligence and hunting capabilities from the ground up. You'll have a major input on what new tooling and services we use and the backing to implement this.
You'll be an innovative collaborator with strong technical and communication skills, and an appetite for complex problem solving. Seize the opportunity to join a dynamic security team, reporting to the Head of Cyber Defence, and lead the development of advanced CTI and threat hunting strategies, seamlessly integrating into our security processes and driving continuous improvements.
What you’ll be doing
* Working closely with the wider information security team, including our MSP SOC, to improve the overall security posture of the organisation.
* Implementing and utilising our cyber threat intelligence approach, including tooling and feeds.
* Maintaining a current understanding of the cyber threat landscape with a focus on the health research sector.
* Triaging, analysing, and responding to threat intelligence alerts from partners and other stakeholders.
* Tracking relevant threat actors, specifically their tactics, techniques, and procedures (TTPs).
* Providing threat input to support the assessment of security risk and threat modelling activities of Our Future Health.
* Implementing and iterating our threat hunting approach through use of cutting edge hunting techniques, including automation of aspects of the threat hunting process.
* Creating threat hunting hypotheses and performing threat intelligence led proactive threat hunts across the estate.
* Contributing to detection engineering initiatives by identifying opportunities for, and implementation of new detections and improvements to existing detections.
* Leveraging in-house knowledge to enrich and benefit the SIEM and SOC (e.g. managing Sentinel watchlists, assisting with triage, sharing knowledge of our technical estate with the MSP analysts, etc.)
* Assisting with incident investigation and insider threat monitoring.
* Producing written reports and providing verbal briefings which capture the relevance of cyber threats to Our Future Health to a variety of internal stakeholders.
Requirements
We are prioritising talent over experience for this role. While we don't expect you to have expertise in every area, some experience in cyber threat intelligence and/or threat hunting, along with familiarity with Microsoft's security products, is essential.
You will have some of the following skills and experience:
* Experience in Threat Hunting
* Experience with the Microsoft Sentinel SIEM/SOAR platform
* Proficient in writing KQL
* Strong understanding of threat intelligence principles and practices.
* Strong understanding of security risk management
* Understanding of threat modelling
* Knowledge of ISO 27001 and other commonly used security standards
* Understanding of modern cloud technologies
* Ideally experience with the Microsoft Defender suite, Microsoft Entra and Microsoft Purview
* Ideally experience with Microsoft Azure
* Exposure to Agile working
* Ability to translate between technical and non-technical teams
* Desire to be part of a small fast-paced team
* Relevant certifications, such as: CISM, CISA, CISSP, CCSP, Microsoft certifications (MS-500, AZ-500, AZ-700, SC-200, SC-300), CompTIA Security+ and Cloud+, Cloud Security Alliance CCSK, GIAC CTI, GIAC CFR
Join us - let’s prevent disease together.
#J-18808-Ljbffr