This role is responsible for analyzing incoming information for the purposes of identifying threats to the systems, infrastructures, resources and services critical to SIOC. Candidates in this role are involved in all segments of the intelligence lifecycle including identifying intelligence information requirements to support CTI function as well to support consumer demands, supporting operationalization of Intelligence Requirements, analyzing incoming intelligence information for relevance and impact and supporting the dissemination of products and collection of feedback from consumers. Ideal candidates must be able to make recommendations for changes to security controls to detect or protect against compromises and must be able to brief stakeholders on emerging threats or threat actors. Ideal candidates should have a strong background in intelligence collection and analysis with an emphasis on cyber-security in the financial/industrial/govt sector.
Standard Job Requirements
•Collaborate with the CTI Lead to define and review Intelligence information sources and requirements to support CTI function to ensure that incoming intelligence information sources are relevant to the bank
•Collaborate with Threat Data Management and Data Ingestion analyst to identify the data sources required due to changing nature of threats to support Intelligence Requirements coming from consumers within the bank
•Provide Threat Data Management with confidence-related reporting to assess intelligence data source alignment to the CTI function's underlying Intelligence Requirements; highlight information gaps and validate sources
•Leverage information processing technologies to ingest and process data for analysis
•Conduct an analysis of the incoming intelligence information to determine the relevance and impact to the enterprise with the aim of developing a forward-looking view of the threat landscape
•Couple intelligence analysis with specific proactive recommendations for the SOC and other parts of the business
•Collaborate with Communications Specialist to provide intelligence briefings to areas of the business on threats or threat actors and the risk they bring to the enterprise
•Work with CTI Lead and Communications Specialist to collect feedback from consumers and adjust processes, methodologies and intelligence requirements to more effectively meet business needs
•Support ongoing maintenance of Intelligence Analysis strategy, processes and methodologies
•Provide functional reports covering intelligence products created, requirements supported, recommendations made etc.
Auto req ID
Role ( Job Role )
State / Province
Primary job category
(8660) IBM United Kingdom Limited
Is this role a commissionable/sales incentive based position?
Up to 50% or 3 days a week (home on weekends - based on project requirements)
IBM Business Group
City / Township / Village
IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.
Required Technical and Professional Expertise
•Understanding of industry standard intelligence analysis models and techniques with analytical skills
•Ability to translate business requirements into actionable intelligence analysis coupled with information security risk determinations
•Understanding of current security intelligence threat types, threat actors and their associated TTPs
•Experience leveraging Open Source Intelligence (OSINT) collection tools and intelligence vendor portals
•Experience with one or more threat intelligence platforms (ex. Threat Connect, Eclectiq IQ, i2)
•Experience with intelligence analysis tools (ex. Maltego, i2 Analyst Notebook, Palantir)
•Effective verbal and written communications skills, experience with intelligence-specific writing style
•Should be with a technical hands on experienced and with a good understanding of common technology platforms and security technologies
Experience in IT Security and Investigations
Demonstrated experience of leading teams of investigators on diverse and complex investigations
Demonstrated capability in handing large scale investigations involving Targeted Threat Actors
Demonstrated presentation skills, able to articulate and present to a wide audience from technical to the board room
Demonstrated experience of maintaining and developing Digital Investigation Service capabilities
Demonstrated experience of contributing to IT Security projects
Demonstrated experience of SOC, Digital Forensic and Incident Response operations.
Preferred Technical and Professional Experience
Training, Qualifications, and Certifications
Bachelor's Degree in Cybersecurity/Computer Science with an emphasis in cyber-intelligence
Bachelor's Degree in Intelligence Studies, Security Studies, International Relations or Law Enforcement/Criminal Justice studies with a concentration in cyber-space
SANS certifications (GSEC, GCIH, GCFA etc.), Systems Security Certified Practitioner (SSCP)
Experience working as a cyber threat intelligence analyst preferably with a financial/industrial/govt institution
Right to work in the UK and EU without additional Visa.
Needs SC or ability to get SC clearance added in eligibility
Early Professional Track