Senior Threat Analyst

We are seeking a Senior Threat Analyst to join our rapidly growing Information Security team. This is a unique opportunity for a seasoned cyber security professional to be at the forefront of our cyber defence strategy, protecting our brand from existing and emerging threats. You will combine the expertise of a Threat Hunter and Cyber Threat Intelligence Analyst, and have the autonomy to build our threat intelligence and hunting capabilities from the ground up. You'll have a major input on what new tooling and services we use and the backing to implement this.

You'll be an innovative collaborator with strong technical and communication skills, and an appetite for complex problem solving. Seize the opportunity to join a dynamic security team, reporting to the Head of Cyber Defence, and lead the development of advanced CTI and threat hunting strategies, seamlessly integrating into our security processes and driving continuous improvements.

What you’ll be doing

• Working closely with the wider information security team, including our MSP SOC, to improve the overall security posture of the organisation.
• Developing, implementing and utilising our cyber threat intelligence approach, including tooling and feeds.
• Maintaining a current understanding of the cyber threat landscape with a focus on the health research sector.
• Triaging, analysing, and responding to threat intelligence alerts from partners and other stakeholders.
• Tracking relevant threat actors, specifically their tactics, techniques, and procedures (TTPs).
• Providing threat input to support the assessment of security risk and threat modelling activities of Our Future Health.
• Developing, implementing and iterating our threat hunting approach through use of cutting edge hunting techniques, including automation of aspects of the threat hunting process.
• Creating threat hunting hypotheses and performing threat intelligence led proactive threat hunts across the estate.
• Contributing to detection engineering initiatives by identifying opportunities for, and implementation of new detections and improvements to existing detections.
• Leveraging in-house knowledge to enrich and benefit the SIEM and SOC (e.g. managing Sentinel watchlists, assisting with triage, sharing knowledge of our technical estate with the MSP analysts, etc.)
• Assisting with incident investigation and insider threat monitoring.
• Producing written reports and providing verbal briefings which capture the relevance of cyber threats to Our Future Health to a variety of internal stakeholders.
• Supporting the Head of Cyber Defence in building out and maturing our broader threat capabilities.

Requirements

• Significant experience in Cyber Threat Intelligence.
• Significant experience in Threat Hunting.
• Experience with the Microsoft Sentinel SIEM/SOAR platform.
• Proficient in writing KQL.
• Excellent understanding of threat intelligence principles and practices.
• Proven understanding of security risk management.
• Understanding of threat modelling.
• Knowledge of ISO 27001 and other commonly used security standards.
• Understanding of modern cloud technologies.
• Experience with Microsoft Azure.
• Ideally experience with the Microsoft Defender suite, Microsoft Entra and Microsoft Purview.
• Exposure to Agile working.
• Ability to translate between technical and non-technical teams.
• Desire to be part of a small fast-paced team.
• Relevant certifications, such as: CISM, CISA, CISSP, CCSP, Microsoft certifications (MS-500, AZ-500, AZ-700, SC-200, SC-300), CompTIA Security+ and Cloud+, Cloud Security Alliance CCSK, GIAC CTI, GIAC CFR.

Join us - let’s prevent disease together.