Cyber Threat Intelligence Lead

We are looking for a cyberthreat intelligence analyst who will help us to identify and understand the cyberthreats facing the organisation, and will provide decision makers and technical teams with actionable information needed to help them to effectively secure their services. This is vital to align our threat model against the real-world threat to the Cabinet Office, and therefore core to strategic priorities. The role will closely support the Cyber Security team, to provide automated ingestion of tactical insights on the real-world threat, and input to threat modelling, security reviews, red teams, alert/vulnerability, and incident response.

• Perform threat identification and collection activities through our CTI platform and open-source intelligence gathering
• Maintain knowledge and understanding of the cyberthreats facing the Cabinet Office and the IT and digital services that it delivers
• Coordinate the implementation, and manage the operation of, threat intelligence tools and platforms; Act as SME for threat intelligence through reporting and briefings at strategic, tactical and operational levels, providing actionable and timely insights on relevant cyberthreats using robust analytical methodologies
• Provide subject matter expertise on actual or anticipated threats to assist stakeholders in their proactive risk management, mitigation and control
• Support threat detection and incident response activities with research and analysis
• Build relationships and work with stakeholders from within Cyber Security and the wider organisation to define standing intelligence requirements
• Build relationships and work with other government departments and the National Technical Authorities to share intelligence enable the wider organisation to use threat intelligence for informed decision making.

Threat Intelligence

You should have a strong grasp of the current cyberthreat landscape, including experience with frameworks like MITRE ATT&CK, and be able to communicate these clearly to others.

Analytical Skills

We need someone who's adept at identifying and interpreting cyberthreats, turning complex data into actionable insights for our team, from Detection Engineering to the Red Team.

Communication Skills

Effective communication is important. You'll need to be able to explain complex cyber security concepts to both technical teams and non-technical stakeholders.

Additional information:

Cabinet Office policy is that a minimum 60% of your working time should be spent at your principal workplace. For some roles, due to their nature and the business need, this may be up to 100%. Requirements to attend other locations for official business will also count towards this level of attendance.