Threat Analyst in Nottingham

As a Threat Intelligence Analyst at NTT DATA, you'll utilize your expertise to collect, analyze, and report on cyber threats, enabling our clients to proactively defend against attack campaigns and adversarial actions. You will play a crucial role in interpreting the threat landscape, providing actionable insights, and integrating intelligence into advanced security operations. This role, within our UK Security Practice, provides the opportunity to contribute to high-impact cybersecurity initiatives while working flexibly across a hybrid work model.

Core Responsibilities

• Threat Intelligence Analysis and Collection: Research, track, and analyze Indicators of Compromise (IOCs) and threat actor profiles using sources that include open-source (OSINT), dark web forums, government feeds, and commercial intelligence platforms. Conduct detailed analysis of Threat Actor Tactics, Techniques, and Procedures (TTPs) and malware. Deliver actionable intelligence insights to enhance detection, prevention, and response embedded within the threat lifecycle. Maintain up-to-date geopolitical knowledge influencing the cyber threat landscape.
• Threat Assessment and Reporting: Develop and deliver weekly threat briefs, annual landscape overviews, and ad-hoc risk signals for both technical and non-technical audiences. Produce detailed reports based on industry-specific campaigns or identified vulnerability patterns. Communicate emerging threats to relevant technical stakeholders, influencing rapid mitigation strategy formulation.
• Intelligence Integration and Technology Alignment: Integrate threat intelligence feeds (TIPs) into platforms like SIEM or SOAR, prioritizing automation workflows where required. Refine search prevention frameworks using custom threat correlation rules. Collaborate directly with SOC teams to enhance real-time detection and response capabilities.
• Monitoring Threat Campaigns and Emerging Techniques: Track and assess malware campaigns, underground forums, and marketplaces to identify emerging attack vectors. Analyze threat data to produce predictive insights about probable trends and future adversarial strategies. Provide targeted support to incident response teams with contextualized intelligence.
• Stakeholder Collaboration and Communication: Brief clients and internal teams about current threat landscapes and risks relevant to their operations. Contribute to cross-functional threat modeling, risk assessment workshops, and proactive planning. Represent NTT DATA at external security forums and intelligence-sharing communities.

Success Metrics (6-12 Months)

• Deliver minimum 15 intelligence reports/month, meeting a quality accuracy benchmark above 95%.
• Reduce detection and response times by 25% via improved monitoring techniques.
• Establish three new high-quality threat detection models with technical playbooks per quarter.

Certifications and Technical Proficiency

• Strong proficiency with threat intelligence platforms like MISP, ThreatConnect, or Anomali, Security Alliance.
• Deep familiarity with MITRE ATT&CK framework, dark web monitoring techniques, and attack simulation techniques.
• Demonstrated skills in cyber threat modeling, malware reverse engineering, and API-triggered automation.
• Certifications Preferred: CREST CPTIA, GCTI, MITRE ATT&CK CTI or related.
• Advanced scripting capabilities (Python, PowerShell preferred).
• Bachelor's Degree in Cybersecurity, International Relations, or Intelligence Studies strongly preferred.

Qualifications

• Must meet UK SC Clearance eligibility guidelines.
• Direct experience working in government, military, or intelligence organizations advantageous.
• Experience identifying and neutralizing Advanced Persistent Threats (APTs) in target environments.

Benefits

We offer a range of tailored benefits that support your physical, emotional, and financial wellbeing. Our Learning and Development team ensures that there are continuous growth and development opportunities for our people. We also offer the opportunity to have flexible work options. We are also proud to share that we have a range of Inclusion Networks such as: the Women's Business Network, Cultural and Ethnicity Network, LGBTQ+ & Allies Network, Neurodiversity Network and the Parent Network.