Cyber Threat Analyst

Cyber Threat Analyst

Shift Pattern : Standard 40 Hour Week (United Kingdom)

Scheduled Weekly Hours : 40

Corporate Grade : F - Officer

Reporting Line : (UK Division) Information Technology

Location : UK-London

Worker Type : Permanent

The London Metal Exchange is the world centre for the trading of industrial metals the majority of all non-ferrous metal futures business is transacted on our platforms.

Last year 149 million lots were traded equating to $15 trillion and 3.5 billion tonnes notional with a market open interest high of 1.9 million lots.

A member of HKEX Group the LME brings together participants from the physical industry and the financial community to create a robust and regulated market where there is always a buyer and a seller where there is always a price and where there is always the opportunity to transfer or take on risk 24 hours a day.

Investors value the LME as a vibrant futures exchange but also for its close links to industry. The possibility of physical delivery via the world-wide network of LME-approved warehouses makes it the perfect hedging venue for industry and provides a reference price they trust.

The Exchange provides producers and consumers of metal with a physical market of last resort and most importantly with the ability to hedge against the risk of rising and falling world metal prices.

This role is an entry-level position within the Information Security team at the London Metal Exchange (LME). This role will be a junior member of the penetration testing team to conduct penetration testing of LME systems and applications. Penetration testing will include scoping performing assessments identifying vulnerabilities documenting technical exploitation steps and providing recommendations and remediations.

You will work closely with IT Engineering Security Operations and Infrastructure teams to ensure that security controls are effectively implemented and maintained across LMEs platforms.

• Participate in offensive assessments (red team penetration testing breach and attack simulation bug bounty) and defensive security operations (threat hunting incident handling investigation and forensics detection engineering) for LME systems and infrastructure;
• Support security incidents and act as stretch capacity for incident response and threat handling; Participate with on-call duties and after-hours support of incident management for incident escalations;
• Participate in Red / Blue Team testing identify gaps / weaknesses in monitoring capabilities and recommend / implement changes;
• Review intelligence feeds and generate advisories as needed. Stay up-to-date with current and emerging trends that represent a threat to LME.
• Support threat hunting based on the defined threat model and specific attack scenarios. Perform analysis of existing data to discover patterns and build use cases to detect malicious activity;
• Optimise detection and response rules; Support the testing and recertify SIEM rules against threat models and detection frameworks;

• Assist in the deployment and maintenance of security tools and platforms (e.g. E-Mail Security DLP SIEM Endpoint Protection).
• Develop and support the automation of security tools configuration and updates using scripting (e.g. Python PowerShell Bash NPM).
• Contribute to Infrastructure as Code (IaC) efforts using Terraform or Ansible.
• Help monitor and maintain secure configurations across Windows Linux and Kubernetes environments.

• Provide support for incident response and troubleshooting related to security tooling and access controls.
• Provide support for Red / Blue team testing and penetration testing.
• Help maintain documentation standards and procedures related to security engineering and platform protection.
• Participate in on-call and weekend support rotations as needed

• Desirable : A University degree or equivalent qualifications in a STEM subject such as Computer Science or Engineering and / or Information Systems.
• Desirable : Entry-level certifications such as CompTIA Security Microsoft SC-900 or AWS Cloud Practitioner.
• Activity on TryHackMe HackTheBox and OSCP-related / Red Team training (or some equivalent the named platforms).
• Demonstrable activity on Github showing code tools development and / or contributing to projects and repos in the offensive security space.

• Experience in IT security engineering or DevOps (internships or academic projects included).
• Basic understanding of :
• Ethnical Hacking & Penetration Testing
• Networking and security protocols (TCP / IP HTTPS DNS Firewalls Proxy).
• Operating systems (Windows Linux / Unix Kubernetes).
• Scripting or programming (Python Bash PowerShell).
• CI / CD tools and cloud platforms (e.g. Ansible Tower Bitbucket Hashicorp Vault Pipelines AWS Azure)
• Working knowledge of SDLC
• Security Tooling (e.g. EDR SIEM Antivirus)

• Curiosity about emerging threats and technologies
• Ability to assess and prioritize tasks / risks
• Attention to detail
• Enthusiastic about security engineering and automation.
• Strong analytical and problem-solving skills.
• Effective communicator with good documentation habits.
• Team-oriented proactive and adaptable in a fast-paced environment.
• Willingness to learn and grow within a critical infrastructure environment

The LME is committed to creating a diverse environment and is proud to be an equal opportunity recruiting for our teams we welcome the unique contributions that you can bring in terms of education ethnicity race sex gender identity expression and reassignment nation of origin age languages spoken colour religion disability sexual orientation and doing so we want every LME employee to feel our commitment to showing respect for all and encouraging open collaboration and communication.

Required Experience : IC

• ArcGIS
• Intelligence Community Experience
• GIS
• Python
• Computer Networking
• Data Collection
• Intelligence Experience
• R
• Relational Databases
• Analysis Skills
• Data Management
• Application Development

Employment Type : Full-Time

Experience : years

Vacancy : 1