Threat Intelligence Analyst

Marcus Donald are looking for a highly enthusiastic analyst to join a growing Cyber Threat Management team which is driving a threat-led approach to cyber security.

This is a great opportunity to work alongside threat hunting, vulnerability management and offensive security professionals who are identifying gaps, improving controls, and testing our cyber defence capabilities.

What will you be doing? Threat Intelligence Analyst:

• You will be one of the go-to teammates for prioritising our cyber defence activities; answering our intelligence requirements, prioritising our pertinent threat groups, and helping to build methodologies for activity tracking and analysis
• Leading project-based tasks to profile key cyber threats using all the tools and sources you have available to you, so that we can align our defensive efforts against them and understand our exposure
• Reporting on cyber-attacks, incidents and campaigns that have or may impact our systems or data, turning gathered indicators and techniques into long-standing detection methods and recommendations
• Conducting proactive investigations using open source, paid and proprietary tooling to track down and profile cyber threat actors and activity, including during incident response.
• Responding to alerts from our threat intelligence providers, making sure we have taken appropriate action and that the right internal teams are receiving the information
• Supporting incident response activities by providing cyber threat insight and investigating captured activity and indicators

 Who is our ideal candidate? Threat Intelligence Analyst:

• Knowledge of common cyber-attack techniques and how they can be detected and mitigated.
• Familiarity with the Mitre ATT&CK framework and how to apply it in an enterprise environment.
• Experience interpreting technical reports on malware analysis or attack techniques and translating those for non-technical people.
• Experience using open-source tooling for cyber threat investigations; think VirusTotal, Passive DNS and the like.
• Experience using enterprise cyber security tooling including endpoint detection and response, and SIEM platforms.
• Understanding of computer networks, protocols, and networking technologies.
• Knowledge of logging sources and detection capabilities in an enterprise environment
• Perseverance, a willingness to adapt and a high degree of diligence.

Location – Central London Office
Salary - £45,000 - £60,000
Start - 29/11/2021

If you would like to hear more about the role please contact jryan@marcusdonald.com.