Cyber Threat Intelligence Lead - Shape Next-Gen Cyber Defense

We're rebooting an icon and building the future of finance. Find out why you should join us.

Agile Working Options: Job Share; Flexibility in when hours are worked; Hybrid Working

Location: Bristol, Edinburgh or London

Hours: Full-time – 35 hours

Working Pattern: Our work style is hybrid, which involves spending at least two days per week, or 40% of our time, at one of our office sites. Colleagues with disabilities can be supported with workplace adjustments including hybrid working expectations in line with our Flexibility Works policy.

What you’ll be doing… In this role you’ll assume line management responsibilities and will take a lead role in transforming how threat data is gathered, enriched, analysed, and put into practice across the Group. This includes boosting the efficiency of CTI tooling, deepening the use of structured analytic techniques, and delivering clear technical and people leadership to the team. Contributions will directly aid in strengthening defensive outcomes, raising trust in intelligence outputs, and ensuring threat intelligence is reliable, timely, and geared towards decisions. This role offers significant scope to influence how intelligence products are produced, consumed, and embedded across Lloyds Banking Group, crafting the future of our cyber defence capability.

Why Join us? If you think all banks are the same, you’re wrong. We’re a pioneering, fast-changing business that’s shaping finance as a force for good. If you’re after a role where you can have an impact and do the best work of your career, you’ve just found it.

What we’re looking for:

• Proven background in cyber threat intelligence, encompassing threat actor analysis, campaign tracking, and intelligence reporting, with a strong technical focus on data and tools (5+ years experience).
• Strong understanding of CTI tooling and platforms, with experience upgrading tooling, boosting integration, and growing the operational value of threat intelligence systems.
• A formal intelligence qualification or equivalent professional training (for example military, government, law enforcement, or recognised commercial intelligence programmes), or demonstrable use of detailed intelligence methodologies.
• Demonstrated people management experience, including line management, performance development, and capability building.
• The ability to transform intricate cyber threat data into clear, practical insights for both technical and non-technical audiences.

We know that great talent comes from many backgrounds. Whilst this job advert may reference specific years of experience, we recognise that skills are developed in many ways, so if you have relevant, transferable experience, we encourage you to apply.

This is a place for you… We offer reasonable workplace adjustments for colleagues with disabilities, including flexibility in office attendance, location and working patterns. And, as a Disability Confident Leader, we guarantee interviews for a fair and proportionate number of applicants who meet the minimum criteria for the role with a disability, long-term health or neurodivergent condition through the Disability Confident Scheme.

We also offer a wide-ranging benefits package, which includes…

• A generous pension contribution of up to 15%
• An annual bonus award, subject to Group performance
• Share schemes including free shares
• Benefits you can adapt to your lifestyle, such as discounted shopping
• 30 days’ holiday, with bank holidays on top
• A range of wellbeing initiatives and generous parental leave policies

Ready for a career where you’ll learn and thrive? Apply today and find out more.