A leading global financial institution is looking for a Threat Intelligence & Detection Analyst to join its cybersecurity function. This is a hands-on role for someone who thinks in adversary behaviour, not just indicators — someone equally comfortable producing finished intelligence as they are pivoting into an active investigation or running a structured hunt.
What you'll be doin
- gTracking threat actors, campaigns, and emerging attack techniques relevant to the financial services sector — and translating that intelligence into actionable outputs for both technical and non-technical audience
- sConducting structured threat hunts across endpoint, network, and log telemetry to surface activity that evades automated detectio
- nSupporting incident response activities end-to-end — from initial triage and containment through to root cause analysis and post-incident revie
- wDeveloping and refining detection logic, working closely with engineering and SOC teams to close gaps identified through intelligence and hunting wor
- kMaintaining awareness of the external threat landscape, including TTPs associated with financially motivated and state-sponsored threat group
- sContributing to threat intelligence sharing initiatives and engaging with industry and government partners where relevan
t
What we're looking f
- orHands-on experience in threat intelligence, incident response, or threat hunting — ideally across more than one of these disciplin
- esWorking knowledge of the MITRE ATT&CK framework and how to apply it practically in detection and investigation workflo
- wsProficiency with SIEM platforms, EDR tooling, and network forensics — you know how to find what you're looking f
- orAbility to produce clear, well-structured intelligence reporting for varied audienc
- esAnalytical mindset with a genuine curiosity about adversary behaviour and attack tradecra
- ftExperience in financial services or other regulated environments is an advantage, but not a requireme
nt
