Search the best UK Job vacancies online at Redgoldfish® Jobs
Return to search results

Technical Network Defence Intelligence Analyst

Job Title: Technical Network Defence Intelligence Analyst
Reference: HRS-24-2018
Job Descripton: Technical Network Defence Intelligence Analyst

This is an excellent opportunity to join a non-profit public private partnership that works with a federation of banks and agencies to proactively reduce cyber threats and crime. You will be working in a fast paced and extremely rewarding team oriented organisation that is making a different in creating a safer cyber future globally.

Working in the Global Operations Department and reporting to the Operations Manager / Technical Manager, this role will be identifying emerging cyber threats, threat hunting, developing and maturing of business intelligence, analytical capability and security alerts which will develop and deliver detailed actionable intelligence reports suitable for industry and law enforcement in stopping the threats. You will work with Subject Matter Experts to identify, mitigate and neutralize the threats.

Responsibilities will include working closely with the strategic, tactical, financial crimes intelligence team, threats analyst as relevant, to deliver timely analysis of breaking cyber threats, including emerging malware and other types of attacks against the infrastructure, perimeter and various systems, adding context and enrichment, migration strategies, find emerging threats and respond to technical RFI`s particularly relating to cybercrime and cyber threats.

Key Responsibilities:

• Proactively seek, receive and action a diverse range of cyber threat and network defence related information and intelligence, including open source.
• Consider and analysing threats, vulnerabilities and potential impact to deliver technical intelligence reports that support risk-informed decision making and mitigation strategies.
• Deliver associated intelligence to support threat mitigation, investigation and risk-informed decision making in recipients
• Undertake independent open source intelligence gathering activities (within operating guidelines) to support, supplement and verify supplied data.
• Delivery of regular, meaningful, actionable intelligence reports in the form of technical alerts, data feeds and assessments
• Work with colleagues to develop adversary threat profiles by conducting threat analysis to include threat hunting, tracking, analysis/TTPs, modelling and attribution, placing into context the resulting current and future likely threat to business members and wider industry
• Respond to stakeholder intelligence requirements as requested within appropriate timeframes, producing appropriate outputs for a range of audiences
• Keep abreast of new and emerging threats to banking channels and infrastructure
• Working across the operations team to create and prepare intelligence packages for dissemination to Law Enforcement
• Provide guidance and mentorship to junior and or less technical colleagues
• Participate in 24/7 incident response bridge rotation for the Incident Support Plan

Skills / Experience / Qualifications


• Demonstrable experience working as a technical threat intelligence analyst, incident support specialist or network security engineer and/or cyber threat analyst (Up to 3+ years preferred)
• Understanding of technical elements of banking systems, security protocols linked to login/two factor authentication / Web browser activity (e.g. Desktop v Mobile)
• Knowledge of key Criminal techniques in relation to Phishing, fingerprinting, various types of attacks, relating to network infrastructure, perimeter security, Websites / on-line banking, email distribution / Phishing kits
• Knowledge of key anti-fraud techniques in relation to Phishing, Website takedown / email disruption (e.g. DMARC) / Device ID
• Ability to Threat Hunt and look for emerging threats, tools, techniques leveraging various tools and systems
• Firm understanding and use of Virus Total, PDNS, leveraging certificates for threat hunting, Domain Tools and other system/tools to leverage the information to find threats, actionable intelligence
• Understanding of the YARA tool and how to leverage and develop YARA rules to detect new variants
• Strong packet capture and analysis skills
• Windows, MAC and Linux operating systems
• Ability to interpret analyse and present findings and recommendations on various vulnerabilities
• Knowledge of key Criminal techniques in relation to Malware, Coding/spoofing, social engineering, Configuration targeting / Infection techniques / detection / capabilities
• Knowledge of incident handling techniques, processes, methods, tools, reducing ones attack surface. Key methods, tools, techniques, procedures and methods of organised crime groups, nation state actors and overall cyber threats.
• Understanding of key bank payment systems (Open Banking, PSD2/BACS/Card Payments/SWIFT etc.)
• Knowledge of key Network, systems, online services detection techniques, identification and verification / payment profiling / risk engines
• Knowledge of Card Scheme rules (particularly in relation to Card Not Present transactions)
• Knowledge of emerging payment platforms, emerging threats, vulnerabilities, brute force attacks and methods (e.g. Payments Systems / Apple Pay / on-line banking)
• Ability to draft reports for technical and non-technical audiences
• Proven experience of using tools and methodologies used to perform cyber security analysis and interpretation
• Proactive, innovative and lateral thinking who spots opportunities and builds on these to the greater good of the team, learning if necessary, new skills.


• Network security/network engineering background and working experience
• SANS, General Certificate or CREST qualification in a relevant technical subject such as Crest Certified Incident Manager
• Experience of multiple source intelligence research, analysis and reporting at both tactical and strategic levels
• Knowledge of adversary threat analysis including threat hunting, tracking and attribution
• Understanding of malware analysis and some level of skill in doing malware analysis - using tools such as IDA Pro, Cuckoo, other methods
• LINUX Operating Systems
• Kali LINUX experience and knowledge
• Experience in multiple programming languages such as Python, GO, C++, BASH

Working hours are 40 per week Monday to Friday with additional hours required at times.

Please note, our client is an equal opportunities employer. Appropriate security checking will be carried out which may include enhanced DBS checks and any related to Financial Services.
Job Type: Permanent
Location: Central London, EC2V 5DZ
Salary: 55000-75000 Per Annum Competit
Posted by: HR Solutions (Consultancy) Limited
Date Posted: 23/05/2018

Apply Now

Return to search results


Quick Job Search

Quick job search

Advanced Search

Register your CV