Cyber Threat Intelligence Manager

Join us, be part of more.

We’re so much more than an energy company. We’re a family of brands revolutionising how we power the planet. We're energisers. One team of 21,000 colleagues that's energising a greener, fairer future by creating an energy system that doesn’t rely on fossil fuels, whilst living our powerful commitment to igniting positive change in our communities. Here, you can find more purpose, more passion, and more potential. That’s why working here is #MoreThanACareer. We do energy differently - we do it all. We make it, store it, move it, sell it, and mend it.

About your team:

You’ll be working centrally within our mission control room, aka Centrica’s group functions. From Finance and Data Science, to our Wellbeing and People teams - this is the engine of our energy system, where our various Centres of Excellence power up each of our brilliant businesses, ensuring they have all the support, technologies, and capabilities they need to get our customers to Net Zero by 2050.

Join Our Team as a Cyber Threat Intelligence Manager at Centrica.

As a Cyber Threat Intelligence Manager at Centrica, you’ll be at the forefront of monitoring and analysing diverse information sources to uncover actionable insights. These insights are crucial for our operational information security functions to implement timely countermeasures. You’ll also play a pivotal role in supporting the Director of Cyber Defence & Resilience, delivering both proactive and reactive cyber threat intelligence services. Your efforts will be vital in safeguarding Centrica’s computing assets, data, customers, and brand reputation. Join us and make a significant impact in protecting our digital landscape!

Location: UK (talk to us about flexible working)

The Day to Day – As a Cyber Threat Intelligence Manager at Centrica, you will assist the Director of Cyber Defence & Resilience in managing all aspects of threat intelligence. Your responsibilities will include:

1. Monitoring and processing regular reports from open source and premium intelligence vendors.
2. Keeping an eye on Cyber Threat Intelligence (CTI) dashboards and feeds to identify relevant threats and vulnerabilities.
3. Performing threat modelling to identify prominent cyber threats and actors for different business areas.
4. Producing ad-hoc, daily, weekly, and monthly threat intelligence briefings and reports for both technical audiences and senior leadership.
5. Extracting actionable intelligence related to tactics, techniques, and procedures (TTPs), mapping them to the MITRE ATT&CK framework, and sharing this intelligence with relevant Cyber Security teams.
6. Ensuring indicators of compromise (IOCs) are ingested into the platform.
7. Processing alerts for potentially compromised credentials, dark web monitoring, and ransomware.
8. Validating ransomware alerts with the Global Security Operations Centre (GSOC) to assess potential impact on business relationships with third-party companies.
9. Raising requests for information (RFIs) on high-interest topics.
10. Ensure intelligence is properly ingested and exported to security monitoring and defence tools.
11. Adjust delivery parameters to increase the flow of intelligence to security tools.
12. Evaluate existing and potentially relevant intelligence feeds.
13. Add and fine-tune data sources.
14. Perform threat intelligence analysis and advanced research.
15. Build detailed threat actor profiles and emulation plans, collaborating with the Purple Team and Threat Hunting Team.
16. Define new enrichment capabilities and integration opportunities.
17. Update post-incident reports (PIRs) and the threat actor library.

About You –

1. Ideally experience with intelligence analysis processes, including Open-Source Intelligence (OSINT) and closed source intelligence gathering including dark web research, social media analysis, source verification, data fusion, link analysis, and threat actor attribution.
2. Experience developing threat advisories for security operations teams.
3. Experience working in a Security Operations environment & Cyber Security Incident Response.
4. Experience in Security Information and Event Management (SIEM) and log monitoring/analytics.
5. Experience with emerging threat landscape in the utilities, retail energy, or oil and gas industries.
6. Bachelor’s degree preferred (but not essential) in area(s) of study such as information technology, computer science, information systems, or related field, or high school diploma with relevant work experience.
7. Relevant experience will be considered in lieu of qualifications.
8. Knowledge of the following technologies would be advantageous: leading SIEM technologies, IDS/IPS, network- and host- based firewalls, data leakage protection (DLP), web proxy filtering, email filtering.
9. Understanding of tactics, techniques, and procedures (TTPs) used by threat actors.

Why Apply?

1. Enjoy a generous market salary, along with fantastic growth opportunities and a vibrant work environment!
2. Added Car Allowance program to make your commute and adventures even better.
3. Power up your pay with a 15% Employee Energy Allowance, surpassing the government's price cap!
4. Secure your future with our comprehensive pension plan, designed for peace of mind.
5. Elevate your health with our fully funded company healthcare plan, prioritizing your well-being.
6. Recharge with a generous 25-day holiday allowance, plus public holidays, and even purchase up to 5 extra days for extended relaxation!
7. Experience unparalleled work-life balance with an exceptional selection of flexible benefits, from tech treats and eco-friendly car leases to travel insurance for your adventures!

Why should you apply?
We’re not a perfect place – but we’re a people place. Our priority is supporting all of the different realities our people face. Life is about so much more than work. We get it. That’s why we’ve designed our total rewards to give you the flexibility to choose what you need, when you need it, making sure that you and your family are supported not only financially, but physically and emotionally too. Visit the link below to discover why we’re a great place to work and what being part of more means for you.

https://www.morethanacareer.energy/centrica

If you're full of energy, fired up about sustainability, and ready to craft not only a better tomorrow, but a better you, then come and find your purpose in a team where your voice matters, your growth is non-negotiable, and your ambitions are our priority.

Help us, help you. We would love for you to share any information about yourself throughout our recruitment process so that we can better understand you and help shape your journey.