Senior Cyber Threat Intelligence Specialist

Join Police Digital Service in a NMC Senior Cyber Threat Intelligence Specialist role (Hybrid/Lancashire)

£55,000-£60,000

Police Digital Service are looking to hire a Senior Cyber Threat Intelligence (CTI) Specialist. This role is recommended for those with significant cyber threat intelligence experience

As a member of the Threat Intelligence team, you'll be involved with:

• Developing awareness for the policing community of the cyber risks to critical services by continually assessing the threat landscape and informing stakeholders.
• Reporting cyber risks to service, executive, and operational stakeholders for mitigation decisions.
• Limiting the impact of known cyber risks by engaging forces in pre-incident planning and preparatory activities.
• Constraining attack surfaces through proactive threat intelligence working directly alongside the threat hunting and malware service.

About Police Digital Service

We exist to harness the power of digital, data and technology to enable UK policing to better protect the communities it serves. Ours is a team of experts in commercial services, technical assurance, data, digital transformation and innovation, with a unique experience in policing and national programme delivery.

The National Management Centre will provide visibility and control of information risks for Policing. It will support the 24x7x365 nature of the police operations, providing a threat detection and response capability for digital services before, during and after cyber attacks, enabling stakeholders to understand and proactively manage risk across the technology estate at both the national and force level.

Why Join us?

You can find out more here:
Benefits – Police Digital Service (pds.police.uk)

Key Responsibilities

• Providing expertise and support through the use of analytical products to assist mitigation practices at a tactical and operational level.
• Analysis of advanced persistent threats including the tactics, techniques, and procedures (TTPs) of attackers.
• Conducting analysis at a tactical and operational level, identifying and using appropriate analytical tools and techniques to interpret gaps, patterns and trends, assess threat, risk and harm and make recommendations in support of decision making, prioritisation and resource allocation.
• Correlating intelligence from a variety of sources, to develop and lead understanding and analysis of contextually relevant threats.
• Performing a broad range of tasks, bringing together output from stakeholders within Cyber SOC, Malware, Threat Hunting and Vulnerability teams.
• Preparing and delivering analytical alerts, reports, and briefings to stakeholders to provide a clear and concise evidence-based understanding of the subject matter, including providing advice and guidance.
• Working proactively to serve the policing community with limited direct oversight (depending on role and capabilities), and to take ownership of deliverables.
• Identifying, developing and training other CTI analysts using appropriate analytical tools and techniques.

What you need to succeed in the role 

Essential:

• Ability to acquire SC and NPPV3 level clearances
• Strong interest in cyber security and threat actors
• Insatiable thirst for knowledge
• Ability to translate complex cyber issues to relevant audiences, both verbally and written
• Experience in internal and external stakeholder management and engagement 
• Knowledge of current threat landscape including specific awareness of adversarial cyber actors, including their TTPs
• Experience in utilising open-source intelligence and the development of tools to assist with this
• Experience in conducting malware, phishing, and SIEM log analysis
• Knowledge of relevant CTI sources
• Excellent knowledge of adversarial cyber actors, including their TTPs and the adversary lifecycle
• Comprehensive experience in conducting malware, phishing, and SIEM log analysis
• Experience with threat modelling systems and risk assessment models
• Extensive experience in utilising open-source intelligence  
• Experienced CTI analyst with the ability to progress service provided to police forces, lead development, and train juniors  
• Demonstrated ability to manage customer relationships  
• Strong leadership skills with the ability to prioritise and operate in a methodical and disciplined manner
• Ability to operate in high-pressured environments with proven experience of support provided during cyber incidents

Desirable:

• Relevant qualifications including: CREST Registered Threat Intelligence Analyst, GIAC Cyber Threat Intelligence (GCTI), and/or
• Completed Intelligence Analysis course (e.g. NIAT, RISC UK or similar)
• Demonstrated experience in developing and delivering cybercrime or risk reduction recommendations and / or strategies
• Understanding of UK Police cyber and IT environments

Working Arrangements
At the NMC, you will benefit from hybrid working, getting the advantages of both face-to-face team engagement and home working. NMC employees have the opportunity to work in our modern office environment for in-person collaboration, however you will also get the opportunity to work from home 2 days a week.