Operational Cyber Threat Intelligence Analyst - #1783031

Position: Operational Cyber Threat Intelligence Analyst

Location: Hybrid – Manchester

Type: Full-Time

About Us

We are the tech company with people at heart.

At Advania, we believe in empowering people to create sustainable value through the clever use of technology. As one of Microsoft's leading partners in the UK, specialising in Azure, Security, Dynamics 365, and Microsoft 365, we have a proven track record of success in delivering transformational IT services.

Job Purpose

Under the umbrella of Advania’s Security and Networks Department, the Operational Cyber Threat Intelligence Analyst will report into the Threat Intelligence Manager within the Cyber Threat Intelligence Team.

The role will be responsible for the day-today delivery of Operational Cyber Threat Intelligence (CTI) to clients spanning multiple industries, as well as production of reporting and client briefings.

This is a hands-on role and requires both a broad technical knowledge of cyber security, as well as specific focused knowledge of CTI tools and processes. Knowledge and/or experience of modern IT Systems, particularly Microsoft solutions and network infrastructure is advantageous. Previous experience working for an MSSP or MSP is also beneficial, however not essential.

This is an exciting opportunity to join a diverse team in a well-established Tech company that puts its people first. Furthermore, there are excellent benefits included in our employment package, and regular opportunities to provide feedback.

Duties And Responsibilities

• Triage, investigate, and remediate or escalate threat events using a threat intelligence platform (TIP) and SIEM toolsets.
• Deliver regular threat intelligence to the security operations centre (SOC).
• Support the Threat Hunting team with hypothesis generation and testing.
• Identify an evaluate new sources of information for use in intelligence collection.
• Analyse large volumes of complex data from security tools, logs, and incident reports to identify potential threats and assess their risk level.
• Proactively research and analyse emerging cyber threats, malware variants, and attacker Tactics, Techniques, and Procedures (TTPs) from various open and closed sources, including threat intelligence feeds, dark web monitoring, and open-source reporting.
• Contribute intelligence to incident response activities in collaboration with other departments/teams.
• Contribute to the development and implementation of comprehensive security policies and procedures to strengthen the organisation's overall cyber defence posture.
• Stay up-to-date with the latest cyber security trends and developments through continuous learning and participation in industry conferences and training programs.
• Mentor and share best practice with colleagues.
• Establish strong working relationships with colleagues and clients.
• Support sales team with bids for new business.
  
  

Experience And Qualifications

• Experience conducting threat research and producing reporting a variety of stakeholders, preferably to a technical audience.
• Experience tracking threat actors, campaigns, and processing Intelligence following the National Intelligence Model (NIM) or similar frameworks.
• Strong understanding of the cyber threat landscape and preferably experience with MITRE ATT&CK and Kill Chain analysis.
• Strong problem solving, critical thinking, and investigative skills.
• Ability to work independently, to support individual and team tasks in line with the wider Security and Networks strategy.
• Excellent professional skills, in the form of emotional intelligence, team working, information management, and communication.
• Experience working with commercial CTI toolsets and SIEM toolsets, preferably
  
  

Desirable Criteria

• Demonstrable understanding of the cybersecurity ecosystem and infrastructure technologies (e.g. firewall logs, network security tools, malware detonation devices, proxies, IPS/IDS).
• BSc or MSc in Cyber Security, preferably including modules on ethical hacking, digital forensics, information security or threat intelligence.
• One or more of the following industry certifications: SANS, Crest CRTIA/CCTIM, Security+, or similar.
• Experience in secured cloud architectures (Azure, AWS, or similar) and engineering solutions.
• An understanding of operating systems and their programming interfaces such as UNIX Shell and PowerShell.
• An awareness of cyber security related standards and regulations, for example, NIST, CIS, ISO 27001 and PCI DSS.
• Experience leading teams and providing deputy support to management.
• Experience designing a service, reviewing effectiveness of services, procurement, or business project work within a SOC environment.
  
  

 

Budgeted salary for this role is £35,000, plus Benefits.

Our Selection Process

We are committed to ensuring an equitable experience for all candidates, regardless of race, religion or belief, ethnic or national origin, disability, age, citizenship, marital, domestic or civil partnership status, sexual orientation, gender identity, or any other basis as protected by applicable law.

Please do let us know if you’ll need any reasonable adjustments as part of the selection process by highlighting these on your application form.

As part of our commitment to our clients we will need to carry out background checks, including a criminal record check, for all offers of employment. If you have any unspent criminal convictions or questions about the screening process, please notify your recruiter once the application has been submitted.

We are the tech company with people at heart.

Tech is created for people. Our services impact every part of life. We are passionate about understanding your issues, your business, your needs. Our business is built around understanding people, and our employees are empowered to act on this understanding every day.