Threat Intelligence Manager

Moonshot believes that marginalised people in society — including minority ethnic people, people from working class backgrounds, women, Disabled and LGBTQIA+ people — must be centred in the work we do. We strongly encourage applications from people with these identities or who are members of other communities who are currently underrepresented in our workforce. We know a diverse workforce will enable us to understand drivers behind violent extremism and online harms in an in-depth way and do better work to counter them. Candidates will be expected to undertake and pass a police check and additional checks for security clearance at an SC level - typically a minimum of three years’ continuous UK residency within the past five years.

About the role: Moonshot is recruiting a manager to coordinate delivery of a series of complex threat monitoring projects supporting high-profile clients. In this role, you will be responsible for supporting a team of analysts and to ensure that project delivery schedules are communicated effectively and delivered. You will also be expected to work to advance our research methodologies including working directly with Moonshot’s product engineering team to optimise existing methods and develop new technical solutions.

Your responsibilities will include:

• Operational Delivery & Team Leadership
  • Manage day-to-day delivery operations across the threat monitoring portfolio.
  • Assign analyst tasking and balance workloads to ensure coverage across multiple clients.
  • Develop and maintain delivery schedules across varying cadences (daily, weekly, monthly, ad-hoc).
  • Ability to write intelligence reports to a high standard.
  • Provide guidance and feedback to analysts (team of 5) to maintain high analytical standards.
  • Troubleshoot operational issues and elevate project risks appropriately.
  • Coordinate rapid-response reporting when threats meet escalation thresholds.
• Technical Operations & Tool Management
  • Coordinate day-to-day communication between analysts and Product Engineering team.
  • Translate analyst operational needs into clear technical requirements for Product Engineering team.
  • Support testing and validation of new collectors, models, and tool features.
  • Troubleshoot technical issues with OSINT collectors and internal monitoring tools.
  • Coordinate setup and maintenance of client-specific dashboards and monitoring configurations.
  • Ensure analysts have functioning technical capabilities to conduct investigations.
  • Stay current on tool capabilities and support training of analysts on technical features.
• Process Development & Standards
  • Contribute to development of standard operating procedures and team policies (e.g., monitoring workflows, analyst safety protocols, escalation procedures).
  • Support development and refinement of threat classification taxonomies and assessment methodologies.
  • Develop quality assurance processes, templates, and style guides for intelligence reporting.
  • Document technical procedures and delivery workflows.
  • Identify process gaps and implement operational improvements.
• Stakeholder Coordination
  • Translate complex technical and analytical findings into clear, actionable intelligence.
  • Support coordination with legal and law enforcement partners on high-priority threats requiring intervention.
  • Present findings to internal stakeholders and participate in client briefings.
  • Work collaboratively across technical and analytical team members.

Essential:

• 3-5 years professional experience conducting analysis and investigations using open-source research, social media monitoring, and OSINT methods.
• Demonstrated experience using OSINT collection tools, social media monitoring platforms, or intelligence analysis software.
• Project management or delivery coordination experience managing multiple concurrent workstreams or clients.
• Strong technical aptitude with ability to quickly learn new tools and technical systems.
• Excellent analytical writing and editing skills with attention to detail and quality standards.
• Experience developing or contributing to analytical standards, SOPs, or process documentation.
• Ability to work under pressure in a fast-paced, high-operational-tempo environment.
• Strong organisational skills and ability to balance competing priorities.
• Excellent interpersonal and communication skills across technical and non-technical audiences.
• Ability to handle sensitive content including threats, harassment, abuse, and explicit material.
• Willingness to be on-call and occasionally work outside regular hours in response to incidents.

Desirable:

• Experience coordinating between analytical teams and technical/engineering teams.
• Background in threat assessment, risk analysis, or intelligence production.
• Experience managing or mentoring junior analysts.
• Familiarity with AI/ML models for content classification or threat detection.
• Understanding of major social media platforms, their technical features, and data access methods.
• Background in protective intelligence, threat management, or corporate security operations.

Benefits:

• 30 days' paid annual leave, excluding bank holidays.
• Private healthcare package with access to specialist mental health cover, including coverage for partners and children.
• Employee Assistance Programme providing access to mental health support.
• Generous maternity and paternity leave: 26 weeks paid maternity leave, 8 weeks paid paternity leave.
• All permanent employees are granted share options upon employment.

Salary: £46,000 - £55,000 (depending on skills and experience).