1 to 25 of 289 Permanent Threat Intelligence Jobs

Hargreaves Lansdown is seeking a talented and experienced Cyber Threat Intelligence Manager to join our dynamic Cyber Defence team in Bristol. As our CTI Manager, you will play a critical role in protecting our organisation from cyber threats by proactively identifying, analysing, contextualising, and escalating potential risks. We operate a threat-centric cyber defence posture and CTI … you are passionate about cyber security, have a keen eye for detail, and thrive in a challenging and rewarding work environment, we encourage you to apply for the Cyber Threat Intelligence Manager position. What you'll be doing Responsible for the strategic direction and day-to-day running of the Cyber Threat Intelligence (CTI) function. Driving … the creation and ongoing management of the Threat Intelligence Strategy. Build and cultivate strong working relationships with key stakeholders across the whole of Hargreaves Lansdown, such as Cyber Defence Management, CISO 'Heads of' and Digital/Technology risk management, to ensure owners are aware of managed and unmanaged threats. Act as a direct line manager for members of More ❯

Senior Security Engineer - Cyber Threat Mitigation Lead WASHINGTON, District Of Columbia, United States Apply Job Description ECS is seeking a Senior Security Engineer - Cyber Threat Mitigation Lead to work in our Washington, DC office. ECS Federal is a leading information security and information technology company in Washington, DC. We are looking to hire a Senior Security Engineer - Cyber … Threat Mitigation Lead to lead a cross functional team (Cyber Threat Intelligence, Hunt, and Analytics) on a long-term contract in Washington DC. The position is full time/permanent and will support a US Government civilian agency. The position is available immediately upon finding a qualified candidate with the appropriate background clearance. The successful candidate will … be a deeply technical leader with hands-on engineering experience, a clear understanding of attacker behavior, and the ability to convert threat intelligence into actionable detections and countermeasures. This position also owns the quality and clarity of team deliverables, ensuring all intelligence products, detections, and reports effectively communicate their value and impact. Lead and mentor a cross More ❯

investigations to clients across all of Citi's businesses and regions, and partnerships with other Citi business groups, law enforcement agencies, governments and industry counterparts. CSIS Global Security and Intelligence Centers (GSIC): CSIS has three main GSICs located in Tampa, London, and Singapore. All CSIS GSICs are responsible for the execution of four core programs, including: CCTV/Alarm … detection and panic alarm systems for threats and use the systems and CCTV systems to initiate and coordinate a security response to security and safety incidents or crisis events. Threat Monitoring - execute disruptive, targeted and executive threat monitoring plans following the CSIS Intelligence Threat Monitoring Procedures. GSICs also engage and leverage the CSIS Strategic Intelligence … Team, as well as disseminating approved mass-call solutions to provide instant notification of threats and response guidance to employees impacted by security and safety events. The CSIS GSIC Intelligence Analyst role is responsible for executing threat intelligence monitoring and response, workplace violence, and traveler assistance program guidelines. As such, this role is required to maintain effective More ❯

investigations to clients across all of Citi's businesses and regions, and partnerships with other Citi business groups, law enforcement agencies, governments and industry counterparts. CSIS Global Security and Intelligence Centers (GSIC): CSIS has three main GSICs located in Tampa, London, and Singapore. All CSIS GSICs are responsible for the execution of four core programs, including: CCTV/Alarm … detection and panic alarm systems for threats and use the systems and CCTV systems to initiate and coordinate a security response to security and safety incidents or crisis events. Threat Monitoring - execute disruptive, targeted and executive threat monitoring plans following the CSIS Intelligence Threat Monitoring Procedures. GSICs also engage and leverage the CSIS Strategic Intelligence … Team, as well as disseminating approved mass-call solutions to provide instant notification of threats and response guidance to employees impacted by security and safety events. The CSIS GSIC Intelligence Analyst role is responsible for executing threat intelligence monitoring and response, workplace violence, and traveler assistance program guidelines. As such, this role is required to maintain effective More ❯

Position Title: Cyber Security Threat Hunter, Tier 3 Location: USCENTCOM MacDill AFB Department: Cyber Security Operations Cell (CSOC) Position Overview: The Tier 3 Cyber Security Threat Hunter is a senior-level role responsible for proactively identifying, investigating, and mitigating advanced cyber threats within the organization's network. The ideal candidate will leverage extensive experience in threat intelligence, incident response, and security monitoring to enhance our cyber defense posture. This role requires a deep understanding of the cyber threat landscape, as well as advanced analytical, critical thinking and technical skills. Key Responsibilities: • Threat Detection and Analysis: Utilize advanced tools, SIEM, SOAR, EDR and Cyber Threat Intelligence Platforms and methodologies to identify anomalies and … networks. • Incident Response: Lead investigations of security incidents, providing in-depth analysis and timely resolution. Collaborate with other security teams and command directorates to remediate vulnerabilities and mitigate threats. • Threat Intelligence: Assist in gathering and analyzing threat intelligence data from various sources to understand emerging threats and vulnerabilities. Implement IOCs into the threat intelligence More ❯

Cyber Threat Intelligence Analyst Hemel Hempstead | Hybrid: 3 Days WFH/2 Days On-SiteUp to £60,000 + Excellent Benefits Security Clearance: SC Cleared + Eligible for DV ClearanceA great opportunity to take your cyber threat intelligence skills to the next level? This is an exciting opportunity to join a fast-growing, mission-driven cyber … team working at the forefront of Defence and National Security.The Cyber Threat Intelligence Analyst will play a key role in identifying and neutralising emerging threats that could impact our most critical national infrastructure. This is a hands-on, high-impact role where you’ll shape the threat intel capability and directly support security operations in a cutting … edge SOC environment.As a Cyber threat Analyst, you will: Managing and automating threat intel feeds from multiple open and closed sources Monitoring OSINT, dark web forums, and internal telemetry for threat indicators Translating raw technical data into actionable insights for security teams Collaborating with SOC and Incident Response teams to support real-time threat mitigation Creating More ❯

We are a Global Recruitment specialist that provides support to the clients across EMEA, APAC, US and Canada. We have an excellent job opportunity for you. Role Title: Threat Intelligence Business Analyst Location: Knutsford WA16 9EU | Hybrid, 60% Office, 40% Remote Duration: 31/03/2026 Rate:402GBP/Day(Inside IR35) Role Description: The Threat Intelligence Business Analyst plays a critical role in identifying and translating business problems and intelligence requirements into actionable solutions that support the strategic objectives of the Chief Security Office (CSO). Operating within a cross-functional analytics team, the role supports the development and delivery of capabilities within the DataWalk platform by gathering requirements, shaping operational designs … and ensuring stakeholder alignment. The analyst acts as a bridge between business stakeholders, intelligence analysts, and technical teams, ensuring that solutions are viable, scalable, and embedded effectively across the organisation. Key Accountabilities • Identify and analyse business problems and intelligence requirements that require change or enhancement • Collaborate with stakeholders to obtain, document, and validate business requirements for DataWalk • Identify More ❯

We are a Global Recruitment specialist that provides support to the clients across EMEA, APAC, US and Canada. We have an excellent job opportunity for you. Role Title: Threat Intelligence Business Analyst Location: Knutsford WA16 9EU | Hybrid, 60% Office, 40% Remote Duration: 31/03/2026 Rate:402GBP/Day(Inside IR35) Role Description: The Threat Intelligence Business Analyst plays a critical role in identifying and translating business problems and intelligence requirements into actionable solutions that support the strategic objectives of the Chief Security Office (CSO). Operating within a cross-functional analytics team, the role supports the development and delivery of capabilities within the DataWalk platform by gathering requirements, shaping operational designs … and ensuring stakeholder alignment. The analyst acts as a bridge between business stakeholders, intelligence analysts, and technical teams, ensuring that solutions are viable, scalable, and embedded effectively across the organisation. Key Accountabilities • Identify and analyse business problems and intelligence requirements that require change or enhancement • Collaborate with stakeholders to obtain, document, and validate business requirements for DataWalk • Identify More ❯

CI Cyber Threat Analyst support (Level IV) will ensure all required reports are complete with minimal errors and that all processes, activities, and reports are conducted with in established time frames. He or she will also ensure analysts are trained in and follow current standard operating procedures. They will contribute to the following annual production requirements: Duties may include … Produce weekly actionable Technical CI (Cyber) status reports in collaboration with teammates, NGA partners and intelligence community peers, as necessary. Provide relevant input for the CI Cyber Branch to create 36 weekly cyber status reports, each report due NLT 0800 each Monday morning. Status reports will include (as applicable): Threat data collected and reported by NGA Technical CI … team and network security personnel. Intelligence reported by the Intelligence Community. Fusion of all source threat analysis derived from multiple intelligence sources (INTs). Imagery when available. Information that can be used to inform security decisions. Produce monthly Technical CI threat reports in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. More ❯

We are building a Cyber Threat team. It's a great time to join us in our expansion, and work with a portfolio of high profile clients, with the opportunity to work on a large client base. Our Cyber Threat |Intelligence Analyst will be a critical member of the dedicated SOC team and run our Malware Information … Sharing Platform (MISP) instance, to deliver actionable operational and tactical threat intelligence. This involves monitoring, analysis, and dissemination of threat information to support our customer security posture. We need strong analytical skills, deep knowledge of threat intelligence frameworks, and the ability to collaborate optimally across teams with varied strengths and partners. You do need to hold … What you'll be doing: Develop and integrate automated feeds and enrichment sources. Provide training sessions and documentation for SOC staff on effective usage of MISP. Supervise various sources (threat feeds, OSINT, dark web, internal logs) for emerging threats; and facilitate threat intelligence. Analyse collected data to identify patterns, indicators of compromise, and emerging adversary behaviours. Produce monthly More ❯

We are building a Cyber Threat team. It's a great time to join us in our expansion, and work with a portfolio of high profile clients, with the opportunity to work on a large client base. Our Cyber Threat |Intelligence Analyst will be a critical member of the dedicated SOC team and run our Malware Information … Sharing Platform (MISP) instance, to deliver actionable operational and tactical threat intelligence. This involves monitoring, analysis, and dissemination of threat information to support our customer security posture. We need strong analytical skills, deep knowledge of threat intelligence frameworks, and the ability to collaborate optimally across teams with varied strengths and partners. You do need to hold … What you'll be doing: Develop and integrate automated feeds and enrichment sources. Provide training sessions and documentation for SOC staff on effective usage of MISP. Supervise various sources (threat feeds, OSINT, dark web, internal logs) for emerging threats; and facilitate threat intelligence. Analyse collected data to identify patterns, indicators of compromise, and emerging adversary behaviours. Produce monthly More ❯

your career places you never envisioned, in creative workspaces where innovation thrives and where your technical expertise is recognized and rewarded. The Opportunity The Senior Security Analyst in Active Threat and Vulnerability Defense will play a key role in strengthening our organization’s cybersecurity posture by integrating real-time threat intelligence and adaptive risk prioritization across enterprise … assets. You will be responsible for identifying, assessing, and communicating vulnerabilities across P&G systems, enhancing our security toolkit through automation and technology integration, and collaborating with threat-informed defense teams, patching teams, application owners, development teams, and security leaders throughout the organization. Key Responsibilities Proactive Vulnerability Assessment: Conduct thorough assessments of vulnerabilities across endpoints, servers, networks, and cloud … assets. Use advanced tools and techniques to identify weaknesses before they can be exploited. Continuous Threat and Vulnerability Monitoring: Implement continuous monitoring processes to track vulnerabilities and threats in real time, leveraging threat intelligence feeds and automated tools to maintain an up-to-date understanding of the threat landscape. Automation and Orchestration: Lead initiatives to develop More ❯

Watchfloor Analysts to support our cybersecurity operations. This role involves monitoring, analyzing, and responding to security incidents in real-time, ensuring the protection of critical systems. Key Responsibilites: • Advanced Threat Monitoring and Analysis: Lead threat monitoring activities to detect and analyze complex security incidents using SIEM tools, IDS/IPS, EDR, and other advanced security platforms. • Incident Response … and Coordination: Direct and manage incident response actions, from identification through containment, eradication, and recovery. • Threat Intelligence Application: Leverage threat intelligence sources to inform proactive threat hunting and incident analysis, maintaining awareness of evolving threat landscapes. • Documentation and Process Improvement: Ensure thorough documentation of incidents and contribute to the continuous improvement of SOC playbooks … Oversee shift-based SOC operations, ensuring 24/7 coverage and adherence to established incident response procedures. • Cross-Functional Collaboration: Work closely with SOC leadership, incident response teams, and threat intelligence analysts to strengthen the organization's overall security posture. Qualifications: Technical Expertise: - Extensive experience with cybersecurity tools, including SIEM (e.g., Splunk, Sentinel), EDR, IDS/IPS, firewalls More ❯

This senior role requires deep expertise in detecting, analyzing, and responding to sophisticated cyber threats, with responsibilities that include mentoring junior staff and enhancing SOC processes. Key Responsibilities: • Advanced Threat Monitoring and Analysis: Lead threat monitoring activities to detect and analyze complex security incidents using SIEM tools, IDS/IPS, EDR, and other advanced security platforms. • Incident Response … eradication, and recovery. • Mentorship and Training: Provide guidance, training, and mentorship to junior and mid-level analysts, fostering a culture of continuous improvement and knowledge sharing within the team. • Threat Intelligence Application: Leverage threat intelligence sources to inform proactive threat hunting and incident analysis, maintaining awareness of evolving threat landscapes. • Documentation and Process Improvement … Oversee shift-based SOC operations, ensuring 24/7 coverage and adherence to established incident response procedures. • Cross-Functional Collaboration: Work closely with SOC leadership, incident response teams, and threat intelligence analysts to strengthen the organization's overall security posture. Qualifications: Educational Background: - Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field. Equivalent experience More ❯

threats to understand and refine processes and controls. Your responsibilities will include but are not limited to being an escalation point and expert on cyber incidents of various types, threat hunting for TTPs prioritized by internal and external threat intelligence, owning team process improvements as well as mentorship, and staying on top of industry technology and cyber … threat advancements. We are a passionate global team dedicated to helping keep our clients and our firm safe.# RESPONSIBILITIES Maintain a core competency in event analysis and serve as an escalation point for noteworthy investigations, deeper investigations, and those that require critical attention. Continue to build out new capabilities within the program aligned with our attack surface. Opportunities include … dashboards, direct alerting, risk-based alerting, reports, and other objects as needed in Splunk. Continue to maintain a depth of knowledge within the cyber security field. This entails following threat actor activity targeting the industry and speaking knowledgeably at regular internal threat intelligence briefings. Leveraging threat intelligence, experience, and other inputs to perform active threat More ❯

compliance tab for instruction on how the CANDIDATE must obtain this letter)Job Summary:An advanced-level security professional, participates in advanced information security related projects, performs deep-dive threat hunting, incident response, vulnerability management, and security architecture design, focusing on complex and novel threats that bypass automated systems. Is trained and experienced in meeting security needs of the … its employees in multiple locations and ensure people, processes, and technology aligns with the desired security posture of the organization. This role typically requires extensive experience, advanced skills in threat detection and mitigation, and may involve developing and optimizing security tools and processes. Cybersecurity Specialist 3 may serve as lead worker for projects and team.Entry QualificationsBachelor's degree in … or related field or equivalent experience and four (4) years of proven experience and demonstrated success in technology leadership with emphasis on information security and data governance.Key Responsibilities:Advanced Threat Hunting:? Proactively search for sophisticated, covert threats that evade automated detection.? Possess a deep understanding of cybersecurity threats, vulnerabilities, security frameworks, and monitoring (link removed)plex Incident Response:? Investigate More ❯

Cyber Intelligence Analyst Location: Huntsville, AL Work Type: Onsite Remote Work: No Job Description Work as a member of a threat intelligence team responsible for understanding how emerging cyber threats impact the client organization while conducting highly detail-oriented security threat analysis and working with clients to validate and characterize threats. Support incident detection, response operations … provide input on new detection strategies and remediation guidance. Form accurate and precise analysis and escalate it to appropriate teammates or internal teams for additional assistance or review. Provide intelligence context to support the fine-tuning of signatures. Qualifications 8+ years of experience with cybersecurity 4+ years of experience conducting threat research focused on nation-state, criminal, or … as social networking sites, blogs, and microblogs, and internet mapping tools Experience with computer network protocols and operations Knowledge of cyber intrusion vectors, malware, networking, and monitoring Knowledge of threat intelligence tradecraft, including structured analytic, contrarian, and imaginative analytic techniques Ability to write concise analytical products and assessments Top Secret clearance Bachelor's degree Additional Qualifications Experience with More ❯

analysis capabilities. Team personnel provide front line response for digital forensics/incident response (DFIR) and proactively hunting for malicious cyber activity. MicroSys is supporting a customer by delivering intelligence support to customer through proactively identifying, analyzing, and responding to cyber threats to inform the customer's vulnerability management (VM) efforts. In support of the customer's strategic direction … MicroSys is looking for motivated individuals who can support the development of new and innovative Cyber Threat Intelligence techniques, to be the tip of the spear for VM's threat intelligence capabilities. Responsibilities: • Proactively gather, analyze, and disseminate timely and accurate CTI to support operational decision-making • Identify emerging cyber threats, vulnerabilities, trends, and recommend countermeasures … through training and research • Ingest and analyze information from various classified and unclassified sources • Produce written reports summarizing gathered CTI • Conduct in-person and virtual briefings on vulnerabilities or threat actors • Identify intelligence gaps, specify collection requirements to fill gaps in information, and evaluate resulting intelligence requirements Required Skills: • U.S. Citizenship • Must have an active TS/ More ❯

on an evaluation of their potential and support them throughout their time at Cloudflare. Come join us! Available Locations: London, UK About the Team Cloudforce One is Cloudflare's threat operations and research team, responsible for identifying and disrupting cyber threats ranging from sophisticated cyber criminal activity to nation-state sponsored advanced persistent threats (APTs). Cloudforce One works … in close partnership with external organizations and internal Cloudflare teams, continuously developing operational tradecraft and expanding ever-growing sources of threat intelligence to enable expedited threat hunting and remediation. Members of Cloudforce One are at the helm of leveraging an incredibly vast and varied set of data points that only one of the world's largest global … networks can provide. The team is able to analyze these unique data points, at massive scale and efficiency, synthesizing findings into actionable threat intelligence to better protect our customers.The team's core disciplines are data engineering, data science, devops, and security. We use data science and machine learning to process large volumes of data and build threat More ❯

better, be more and ultimately, be more fulfilled. SOC Consultant Hybrid-3 days onsite Requirement: 10+ years of experience in Cyber security Designing & implementation on Network Security, SIEM, SOAR & Threat Intelligence. Key Responsibilities: Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response. Log Source Integration Configure … Defender for Endpoint), VMDR (e.g., Qualys), and other OT/IT systems into Sentinel. Custom Analytics & Detection Rules Develop, and fine-tune KQL-based analytics rules tailored to OT threat scenarios, ensuring high-fidelity alerts and minimal false positives. Threat Intelligence Integration Integrate threat intelligence feeds into Sentinel to enhance detection capabilities and contextualize alerts … landscape. Incident Response Automation Design and implement playbooks using Logic Apps to automate incident response workflows for common OT security events. Execution of the use cases on SIEM, SOAR & Threat Intelligence Build custom workbooks and dashboards to visualize OT security posture, threat trends, and SOC performance metrics. More ❯

better, be more and ultimately, be more fulfilled. SOC Consultant Hybrid-3 days onsite Requirement: 10+ years of experience in Cyber security Designing & implementation on Network Security, SIEM, SOAR & Threat Intelligence. Key Responsibilities: Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response. Log Source Integration Configure … Defender for Endpoint), VMDR (e.g., Qualys), and other OT/IT systems into Sentinel. Custom Analytics & Detection Rules Develop, and fine-tune KQL-based analytics rules tailored to OT threat scenarios, ensuring high-fidelity alerts and minimal false positives. Threat Intelligence Integration Integrate threat intelligence feeds into Sentinel to enhance detection capabilities and contextualize alerts … landscape. Incident Response Automation Design and implement playbooks using Logic Apps to automate incident response workflows for common OT security events. Execution of the use cases on SIEM, SOAR & Threat Intelligence Build custom workbooks and dashboards to visualize OT security posture, threat trends, and SOC performance metrics. More ❯

better, be more and ultimately, be more fulfilled. SOC Consultant Hybrid-3 days onsite Requirement: 10+ years of experience in Cyber security Designing & implementation on Network Security, SIEM, SOAR & Threat Intelligence. Key Responsibilities: Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response. Log Source Integration Configure … Defender for Endpoint), VMDR (e.g., Qualys), and other OT/IT systems into Sentinel. Custom Analytics & Detection Rules Develop, and fine-tune KQL-based analytics rules tailored to OT threat scenarios, ensuring high-fidelity alerts and minimal false positives. Threat Intelligence Integration Integrate threat intelligence feeds into Sentinel to enhance detection capabilities and contextualize alerts … landscape. Incident Response Automation Design and implement playbooks using Logic Apps to automate incident response workflows for common OT security events. Execution of the use cases on SIEM, SOAR & Threat Intelligence Build custom workbooks and dashboards to visualize OT security posture, threat trends, and SOC performance metrics. More ❯

better, be more and ultimately, be more fulfilled. SOC Consultant Hybrid-3 days onsite Requirement: 10+ years of experience in Cyber security Designing & implementation on Network Security, SIEM, SOAR & Threat Intelligence. Key Responsibilities: Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response. Log Source Integration Configure … Defender for Endpoint), VMDR (e.g., Qualys), and other OT/IT systems into Sentinel. Custom Analytics & Detection Rules Develop, and fine-tune KQL-based analytics rules tailored to OT threat scenarios, ensuring high-fidelity alerts and minimal false positives. Threat Intelligence Integration Integrate threat intelligence feeds into Sentinel to enhance detection capabilities and contextualize alerts … landscape. Incident Response Automation Design and implement playbooks using Logic Apps to automate incident response workflows for common OT security events. Execution of the use cases on SIEM, SOAR & Threat Intelligence Build custom workbooks and dashboards to visualize OT security posture, threat trends, and SOC performance metrics. More ❯

better, be more and ultimately, be more fulfilled. SOC Consultant Hybrid-3 days onsite Requirement: 10+ years of experience in Cyber security Designing & implementation on Network Security, SIEM, SOAR & Threat Intelligence. Key Responsibilities: Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response. Log Source Integration Configure … Defender for Endpoint), VMDR (e.g., Qualys), and other OT/IT systems into Sentinel. Custom Analytics & Detection Rules Develop, and fine-tune KQL-based analytics rules tailored to OT threat scenarios, ensuring high-fidelity alerts and minimal false positives. Threat Intelligence Integration Integrate threat intelligence feeds into Sentinel to enhance detection capabilities and contextualize alerts … landscape. Incident Response Automation Design and implement playbooks using Logic Apps to automate incident response workflows for common OT security events. Execution of the use cases on SIEM, SOAR & Threat Intelligence Build custom workbooks and dashboards to visualize OT security posture, threat trends, and SOC performance metrics. More ❯

Specialist Springfield, VA or St. Louis TS/SCI Supporting NGA Salary: $115,000/year Atleast 2-3 years' experience What You'll Get to Do: Provide cyber threat intelligence services for the collection, fusion, analysis, creation, and distribution of threat intelligence from government entities, commercial feeds, open sources, and other partners to obtain situational … awareness of the threat environment. Cyber threat intelligence services shall develop and disseminate reports and tippers to internal and external stakeholders based on events, alerts, and incidents on the customer systems and networks. Provide advanced cybersecurity analytics (ACA) services which aggregates and analyzes products, data, and information to identify trends and patterns, anomalous activity, provide situational awareness … Analytics will provide advanced cybersecurity services on an expanded 12x5service support level during core hours and on-call support with two-hour response time during non-core hours. Cyber Threat Intel Services will provide advanced cybersecurity services on an expanded 12x5 service support level during core hours and on-call support with two-hour response time during non-core More ❯