Senior Cyber Threat Intelligence Analyst in London

This is a role for someone who wants to make a real, global impact in telecom security from day one. Within GSMA’s T-ISAC, you’ll sit at the centre of international collaboration, helping our members stay ahead of constantly evolving cyber threats. We’re looking for a Senior Cyber Threat Intelligence Analyst who combines deep technical expertise with the ability to think strategically, share knowledge and elevate those around them. You’ll lead meaningful threat assessments, turn intelligence into clear, actionable recommendations and play a vital role in shaping and validating our T-ISAC improvement programme.

If you thrive on working with cutting-edge intelligence platforms, enjoy mentoring others and want to help mature a global security community, this is an opportunity to truly influence the future of telecom security.

The GSMA Industry Security Team is the mobile industry’s focal point for mobile network security. The team is responsible for coordinating GSMA member security working groups, leading industry-wide security initiatives and engaging with global regulators to ensure security is an enabler and not a barrier to next generation mobile services. The team is responsible for a number of industry-wide Cybersecurity schemes including:

• Telecommunications Information Sharing and Analysis Center (T-ISAC).
• Mobile Co-ordinated Vulnerability Disclosure (CVD).
• Network Equipment Assurance Scheme (NESAS).

Working specifically in T-ISAC, as a Senior Cyber Threat Intelligence Analyst, you will drive innovation, foster collaboration and play a pivotal role in safeguarding the telecommunication mobile ecosystem. If you are a seasoned professional with a passion for cybersecurity and intelligence, T-ISAC invites you to join our global team in securing the future of mobile security. The team also undertakes industry research, analysis and event activities both independently and in partnership with other GSMA teams and GSMA member working groups.

You will be responsible as the technical expert in building, designing and delivering T-ISAC infrastructure and tooling. This will enable streamlined integration with other platforms to enhance the ease and encourage an increase of information sharing between our T-ISAC members. You will have knowledge of application development, security best practices, security operations, cyber threat intelligence and experience supporting key security technologies such as TIP, SIEM, EDR, XDR and SOAR; familiarity with MISP and OpenCTI. The successful candidate will also input their technical expertise into new projects/Proof of Concepts which could provide value with T-ISAC and the wider ecosystem.

Key Responsibilities

• Identify and develop tools to facilitate effective collection, sharing and analysis of cyber threat related data.
• Develop secure technical solutions that improve efficiency and the security services.
• Produce high-quality analytical cyber reports to a range of stakeholders; members, internal GSMA staff and leadership team. Analyse complex, multi-source intelligence related to telecommunication industry threats and develop strategic recommendations.
• Serve as the primary author and reviewer for in-depth intelligence reports, briefings and advisories for T-ISAC members and leadership.
• Guide junior analysts, fostering skill development and ensuring adherence to intelligence best practices.
• Facilitate member engagement through threat calls, workshops and industry events, presenting intelligence insights at a deep technical level.
• Collaborate with cyber threat analysts worldwide from other information sharing entities, including T-ISAC member cyber threat teams and threat sharing platform developers.
• Collaborate with external intelligence organisations, government entities and private sector partners to enrich T-ISAC’s intelligence capabilities.
• Evaluate emerging security trends and their implications for telecommunication stakeholders, MNOs, MVNOs and industry members providing forward-looking guidance.
• Represent T-ISAC at international conferences, partner engagements and events, advocating for collaborative cybersecurity practices.
• Conduct thorough assessments of the current platform including its services, functionality, technology stack and architectural design.
• Identify existing gaps and limitations to define the ideal target operating model that aligns with industry best practices, meets the evolving needs of the MNO members and supports effective threat intel sharing and collaboration.
• Develop the technical roadmap to transition from the current state to the target operating model in alignment with the overall T-ISAC strategy.
• Lead, drive and implement the strategic steps, technical developments and enhancements, organisational changes and integrations required to transition from the current state to the envisioned future-state platform that is fully operable and seamlessly integrated within the existing architecture and environment.

You will bring enthusiasm and ownership to this specialised senior role in cyber threat intelligence analysis, joining a dynamic and ambitious team. Your drive will be key to transforming bold ideas into impactful programmes and seeing them through to successful delivery. You will have proven knowledge and expertise in Intelligence, Cybersecurity, Data Analytics, or a related field (equivalent experience will be considered), as well as experience working with ISACs or other information-sharing organisations.

About your skills

You will have:

• Essential

• Experience in cybersecurity intelligence, including collection, analysis and dissemination.
• Experience of using collaborative open source tools as part of your analysis and research processes.
• Deep understanding of Nation-State Actors, Cyber Crime, Hacktivism and advanced threat actor tactics, techniques and procedures (TTPs).
• Experience of building and implementing intelligence platforms e.g. OpenCTI.
• Strong analytical, critical thinking and problem-solving skills.

• Expertise in working with mobile data, protocols and technology such as, but not limited to SS7, MOTIF, HRN, IRSF, GTs.
• Knowledge of mobile network architectures and services.
• Understanding of mobile network and services, threat landscape and the common attacks to which they are exposed.
• Comprehensive understanding of telecommunication industry operations and challenges.
• Proven leadership and mentoring skills within an intelligence team.

• Expertise in using and applying the Mitre ATT&CK framework, MISP, OpenCTI, Meta, EclecticIQ, Governments, Law Enforcement and other COIs (national and international) for threat analysis and strategy development.
• Exceptional verbal and written communication skills, with a track record of presenting to executive audiences.
• Ability to work collaboratively in a virtual, distributed team environment.

Contract type: Short term Contractor

Worker type: Contingent Worker

What We Offer

Working at the GSMA offers you unparalleled access to the mobile industry. We offer a chance to truly shape the direction of mobile, whatever your role. By joining the GSMA, you will be exposed to a fast-paced rapidly evolving environment, working on global solutions, genuinely fascinating and industry-changing projects and a stimulating and dynamic environment designed to enable you to flourish. In addition to architect-designed offices and competitive compensation, our benefits include fantastic learning & development opportunities, generous holiday allowances.