Threat Analyst

Flexible remote working options

As a Threat Intelligence Analyst at NTT DATA, you\'ll utilize your expertise to collect, analyze, and report on cyber threats, enabling our clients to proactively defend against attack campaigns and adversarial actions. You will play a crucial role in interpreting the threat landscape, providing actionable insights, and integrating intelligence into advanced security operations. This role, within our UK Security Practice, provides the opportunity to contribute to high-impact cybersecurity initiatives while working flexibly across a hybrid work model.

Core Responsibilities

• Threat Intelligence Analysis and Collection

• Research, track, and analyze Indicators of Compromise (IOCs) and threat actor profiles using sources that include open-source (OSINT), dark web forums, government feeds, and commercial intelligence platforms.

• Conduct detailed analysis of Threat Actor Tactics, Techniques, and Procedures (TTPs) and malware.

• Deliver actionable intelligence insights to enhance detection, prevention, and response embedded within the threat lifecycle.

• Maintain up-to-date geopolitical knowledge influencing the cyber threat landscape.

• Threat Assessment and Reporting

• Develop and deliver weekly threat briefs, annual landscape overviews, and ad-hoc risk signals for both technical and non-technical audiences.

• Produce detailed reports based on industry-specific campaigns or identified vulnerability patterns.

• Communicate emerging threats to relevant technical stakeholders, influencing rapid mitigation strategy formulation.

• Intelligence Integration and Technology Alignment

• Integrate threat intelligence feeds (TIPs) into platforms like SIEM or SOAR, prioritizing automation workflows where required.

• Refine search prevention frameworks using custom threat correlation rules.

• Collaborate directly with SOC teams to enhance real-time detection and response capabilities.

• Monitoring Threat Campaigns and Emerging Techniques

• Track and assess malware campaigns, underground forums, and marketplaces to identify emerging attack vectors.

• Analyze threat data to produce predictive insights about probable trends and future adversarial strategies.

• Provide targeted support to incident response teams with contextualized intelligence.

• Stakeholder Collaboration and Communication

• Brief clients and internal teams about current threat landscapes and risks relevant to their operations.

• Contribute to cross-functional threat modeling, risk assessment workshops, and proactive planning.

• Represent NTT DATA at external security forums and intelligence-sharing communities.

• Strong proficiency with threat intelligence platforms like MISP, ThreatConnect, or Anomali, Security Alliance.

• Deep familiarity with MITRE ATT&CK framework, dark web monitoring techniques, and attack simulation techniques.

• Demonstrated skills in cyber threat modeling, malware reverse engineering, and API-triggered automation.

• Certifications and Technical Proficiency

• Certifications Preferred: CREST CPTIA, GCTI, MITRE ATT&CK CTI or related.

• Must meet UK SC Clearance eligibility guidelines.

• Advanced scripting capabilities (Python, PowerShell preferred).

• Batchelor’s Degree in Cybersecurity, International Relations, or Intelligence Studies strongly preferred.

• Direct experience working in government, military, or intelligence organizations advantageous.

• Experience identifying and neutralizing Advanced Persistent Threats (APTs) in target environments.

• Deliver minimum 15 intelligence reports/month, meeting a quality accuracy benchmark above 95%.

• Reduce detection and response times by 25% via improved monitoring techniques.

• Establish three new high-quality threat detection models with technical playbooks per quarter.

We’re a business with a global reach that empowers local teams, and we undertake hugely exciting work that is genuinely changing the world. Our advanced portfolio of consulting, applications, business process, cloud, and infrastructure services will allow you to achieve great things by working with brilliant colleagues, and clients, on exciting projects.

Our inclusive work environment prioritises mutual respect, accountability, and continuous learning for all our people. This approach fosters collaboration, well-being, growth, and agility, leading to a more diverse, innovative, and competitive organisation. We are also proud to share that we have a range of Inclusion Networks such as: the Women’s Business Network, Cultural and Ethnicity Network, LGBTQ+ & Allies Network, Neurodiversity Network and the Parent Network.

For more information on Diversity, Equity and Inclusion please click here: Creating Inclusion Together at NTT DATA UK | NTT DATA (https://uk.nttdata.com/creating-inclusion-together)

We offer a range of tailored benefits that support your physical, emotional, and financial wellbeing. Our Learning and Development team ensure that there are continuous growth and development opportunities for our people. We also offer the opportunity to have flexible work options.

You can find more information about NTT DATA UK & Ireland here: https://uk.nttdata.com/

We are an equal opportunities employer. We believe in the fair treatment of all our employees and commit to promoting equity and diversity in our employment practices. We are also a proud Disability Confident Committed Employer - we are committed to creating a diverse and inclusive workforce. We actively collaborate with individuals who have disabilities and long-term health conditions which have an effect on their ability to do normal daily activities, ensuring that barriers are eliminated when it comes to employment opportunities. In line with our commitment, we guarantee an interview to applicants who declare to us, during the application process, that they have a disability and meet the minimum requirements for the role. If you require any reasonable adjustments during the recruitment process, please let us know. Join us in building a truly diverse and empowered team.

Note: This job posting is for illustration purposes and does not include any extraneous navigation items or site-specific boilerplate such as search or share actions.