Cyber Security Threat Intelligence Analyst | Nottingham, UK

Nottingham Trent House (95002), United Kingdom, Nottingham, Nottinghamshire

About this role

Capital One is seeking a talented Cyber Security Threat Intelligence Analyst to join our Active Defense team. This role is crucial in protecting our customers, associates, and brand by identifying, tracking, and collecting adversarial tactics, techniques, procedures (TTPs), and indicators of compromise.

The role involves responding to threats such as brand impersonations, spoofed domains, and phishing attempts, contributing to our program maturity. Responsibilities include tactical investigations, operational planning, and effective communication with partners, stakeholders, and leadership.

Required technical knowledge includes network protocols, infrastructure, cloud environments, and cyber threats. The candidate should be able to produce intelligence products that support proactive cooperation and demonstrate excellent communication skills for managing collection workflows.

This position is part of a dynamic environment and plays a key role in building defenses for Capital One's brand, systems, and data.

What you'll do

1. Produce intelligence analyses on cyber adversary trends and their impact on Capital One's products and defenses.
2. Monitor, collect, and leverage intelligence from external sources, including deep and dark web and OSINT.
3. Assist in developing countermeasures by integrating threat intelligence with operational data.
4. Create workflows synthesizing data from malware infections, attack patterns, and intelligence sources.
5. Engage with stakeholders to understand their collaboration needs.

What we're looking for

• Experience producing intelligence products or conducting investigations into cyber threats or cybercrime.
• Experience evaluating cyber adversaries, IOCs, and TTPs.
• Experience with vendors and external resources in financial services for cyber intelligence collection.
• Knowledge of the intelligence cycle principles applied to cyber threat analysis.
• Understanding of cloud concepts (AWS, Azure, GCP).
• Experience analyzing attack vectors like account takeovers, malware, phishing, session hijacking.
• Ability to perform OSINT social media research.
• Understanding of computer networking concepts.

Work location and environment

This is a permanent role based at our Nottingham Head Office with a hybrid working model: in-office on Tuesdays, Wednesdays, Thursdays, and remote on Mondays and Fridays. We offer flexible working arrangements.

Benefits

• Opportunity to contribute to organizational transformation and career growth.
• Career development through Capital One University and external training.
• Core benefits: pension, bonus, holiday entitlement, private medical insurance, plus flexible benefits.
• Modern workspaces with amenities including gyms, restaurants, and relaxation areas.

Our recruitment approach

We value diversity and inclusion, striving to build equitable teams. We partner with organizations supporting underrepresented groups and offer various internal support networks.

If you require reasonable adjustments during the recruitment process, contact ukrecruitment@capitalone.com. For technical support or questions, email Careers@capitalone.com. Capital One is committed to diversity and equal opportunity.