UK - Windsor - Millstream, United Kingdom
We’re so much more than an energy company. We’re a family of brands revolutionising how we power the planet. We're energisers. One team of 21,000 colleagues that's energising a greener, fairer future by creating an energy system that doesn’t rely on fossil fuels, whilst living our powerful commitment to igniting positive change in our communities. Here, you can find more purpose, more passion, and more potential. That’s why working here is #MoreThanACareer. We do energy differently - we do it all. We make it, store it, move it, sell it, and mend it.
About your team:
You’ll be working centrally within our mission control room, aka Centrica’s group functions. From Finance and Data Science, to our Wellbeing and People teams - this is the engine of our energy system, where our various Centres of Excellence power up each of our brilliant businesses, ensuring they have all the support, technologies, and capabilities they need to get our customers to Net Zero by 2050.
As a Cyber Threat Intelligence Manager at Centrica, you’ll be at the forefront of monitoring and analysing diverse information sources to uncover actionable insights. These insights are crucial for our operational information security functions to implement timely countermeasures. You’ll also play a pivotal role in supporting the Director of Cyber Defence & Resilience, delivering both proactive and reactive cyber threat intelligence services. Your efforts will be vital in safeguarding Centrica’s computing assets, data, customers, and brand reputation. Join us and make a significant impact in protecting our digital landscape!
Location: UK (talk to us about flexible working)
The Day to Day – As a Cyber Threat Intelligence Manager at Centrica, you will assist the Director of Cyber Defence & Resilience in managing all aspects of threat intelligence. Your responsibilities will include:
* Monitoring and processing regular reports from open source and premium intelligence vendors.
* Keeping an eye on Cyber Threat Intelligence (CTI) dashboards and feeds to identify relevant threats and vulnerabilities.
* Performing threat modelling to identify prominent cyber threats and actors for different business areas.
* Producing ad-hoc, daily, weekly, and monthly threat intelligence briefings and reports for both technical audiences and senior leadership.
* Extracting actionable intelligence related to tactics, techniques, and procedures (TTPs), mapping them to the MITRE ATT&CK framework, and sharing this intelligence with relevant Cyber Security teams.
* Ensuring indicators of compromise (IOCs) are ingested into the platform.
* Processing alerts for potentially compromised credentials, dark web monitoring, and ransomware.
* Validating ransomware alerts with the Global Security Operations Centre (GSOC) to assess potential impact on business relationships with third-party companies.
* Raising requests for information (RFIs) on high-interest topics.
* Ensure intelligence is properly ingested and exported to security monitoring and defence tools.
* Adjust delivery parameters to increase the flow of intelligence to security tools.
* Evaluate existing and potentially relevant intelligence feeds.
* Add and fine-tune data sources.
* Perform threat intelligence analysis and advanced research.
* Build detailed threat actor profiles and emulation plans, collaborating with the Purple Team and Threat Hunting Team.
* Define new enrichment capabilities and integration opportunities.
* Update post-incident reports (PIRs) and the threat actor library.
About You –
* Ideally experience with intelligence analysis processes, including Open-Source Intelligence (OSINT) and closed source intelligence gathering including dark web research, social media analysis, source verification, data fusion, link analysis, and threat actor attribution.
* Experience developing threat advisories for security operations teams.
* Experience working in a Security Operations environment & Cyber Security Incident Response.
* Experience in Security Information and Event Management (SIEM) and log monitoring/analytics.
* Experience with emerging threat landscape in the utilities, retail energy, or oil and gas industries.
* Bachelor’s degree preferred (but not essential) in area(s) of study such as information technology, computer science, information systems, or related field, or high school diploma with relevant work experience.
* Relevant experience will be considered in lieu of qualifications.
* Knowledge of the following technologies would be advantageous: leading SIEM technologies, IDS/IPS, network- and host-based firewalls, data leakage protection (DLP), web proxy filtering, email filtering.
* Understanding of tactics, techniques, and procedures (TTPs) used by threat actors.
Why Apply?
* Enjoy a generous market salary, along with fantastic growth opportunities and a vibrant work environment!
* Added Car Allowance program to make your commute and adventures even better.
* Power up your pay with a 15% Employee Energy Allowance, surpassing the government's price cap! Secure your future with our comprehensive pension plan, designed for peace of mind.
* Elevate your health with our fully funded company healthcare plan, prioritizing your well-being.
* Recharge with a generous 25-day holiday allowance, plus public holidays, and even purchase up to 5 extra days for extended relaxation!
* Experience unparalleled work-life balance with an exceptional selection of flexible benefits, from tech treats and eco-friendly car leases to travel insurance for your adventures!
If you're full of energy, fired up about sustainability, and ready to craft not only a better tomorrow, but a better you, then come and find your purpose in a team where your voice matters, your growth is non-negotiable, and your ambitions are our priority.
#J-18808-Ljbffr