Enable job alerts via email!
Cyber Security Threat Intelligence Manager
IAG GBS
United Kingdom
On-site
GBP 50,000 - 70,000
Full time
Boost your interview chances
Create a job specific, tailored resume for higher success rate.
Job summary
A leading company in the aviation sector seeks a Cyber Threat Intelligence Analyst to enhance security operations. The role involves designing a CTI function, collaborating with external partners, and providing actionable intelligence to stakeholders. Candidates should have a strong background in cybersecurity and excellent communication skills.
Qualifications
- Bachelor's degree or higher in relevant fields.
- Several years in cybersecurity, focusing on threat intelligence analysis.
Responsibilities
- Design and implement a greenfield CTI capability.
- Define strategic approach to intelligence collection and analysis.
- Deliver actionable intelligence reports to stakeholders.
Skills
Education
Tools
Job description
Our vision of Technology Excellence - to be industry leaders in the use of technology - means there has never been a more exciting time to be part of IAG.
By joining IAG, you will play an important role in providing IT services to our many operating companies, enabling them to work in the most efficient and effective manner. You will be empowered to challenge the norm through the creative use of technology, helping to transform the customer journey.
You will be employed by IAG Global Business Services (GBS), part of the International Airlines Group, one of the world's largest airline groups, with 573 aircraft flying to 268 destinations and carrying around 113 million passengers each year.
IAG GBS provides a scalable, best-in-class platform of procurement, finance, and IT business services to IAG's operating companies, including Aer Lingus, Avios, British Airways, IAG Cargo, Iberia, Iberia Express, LEVEL, and Vueling.
Accountabilities
- Build and Operationalize the CTI Function
Design and implement a greenfield CTI capability supporting proactive threat detection, situational awareness, and decision-making across the SOC and wider security organization. - Threat Intelligence Strategy and Framework
Define the strategic approach to intelligence collection, analysis, dissemination, and feedback loops aligned with business risks and SOC priorities. - MSSP Collaboration and Threat Feed Integration
Work with the MSSP to ensure timely ingestion, correlation, and operationalization of threat intelligence feeds, TTPs, and IOCs into detection and response workflows. - Define Intelligence Requirements and Outputs
Establish intelligence requirements (PIRs), expected deliverables, and SLAs for threat reporting, actor profiling, and campaign tracking. - Support SOC and CIRT Operations
Provide contextualized intelligence to support incident triage, investigation, and response, enabling threat hunting, alert enrichment, and risk prioritization. - Stakeholder Communication and Education
Deliver concise, actionable intelligence reports to technical and non-technical stakeholders, including operating companies, risk teams, and leadership. - External Partnerships and Information Sharing
Build relationships with external threat intel providers, industry ISACs, and government bodies to enhance internal threat insights and stay ahead of emerging threats. - Future-State Planning and Business Case Development
Define the roadmap for expanding CTI capabilities, including tooling, staffing, and integration, and develop a business case for a broader internal threat intelligence team.
This role involves travel and working across multiple sites. Willingness and ability to travel for meetings, workshops, and related activities are required.
External:
- Third-party partners and solution providers
Internal:
- Cybersecurity teams, particularly the cyber program
- Group Security Teams
- Senior managers and customers across the Group and business areas
- Colleagues from operating companies
- IAG Tech teams
Education:
Bachelor's degree or higher in Computer Science, Information Security, Cybersecurity, Intelligence Studies, or related fields.
Certifications:
- Relevant cybersecurity and threat intelligence certifications are highly desirable, such as:
- CISSP, CTIA, GCTI, CCTHP, CySA+, C/TIA, GCIH
- Strong understanding of cybersecurity principles, technologies, and attack vectors.
- Familiarity with threat actor TTPs.
- Proficiency in analyzing malware, phishing, and malicious activities.
- Knowledge of network security protocols, endpoint security, and SIEM systems.
- Understanding of the cyber threat landscape, especially in aviation.
- Ability to convert threat knowledge into active threat hunting.
- Research skills on emerging attacks, actors, malware, and TTPs.
- Excellent English communication skills for conveying security insights to all levels, including senior leadership.
- Several years in cybersecurity, focusing on threat intelligence analysis.
- Experience in a threat intelligence team or SOC environment.
- Experience with threat intelligence platforms, OSINT tools, and dark web monitoring.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
