Threat Intelligence Specialist in London

Help us to make a world of difference. Urenco is a global leader in the production of low carbon energy. We work at the cutting edge of the transition to a sustainable, net zero world. We are seeking an experienced Threat Intelligence Specialist to strengthen and evolve URENCO's Threat Intelligence capability within the Threat Defence and Cyber Security Operations team. Based primarily at our Paddington site, this role will play a key part in delivering intelligence-led security outcomes across the organisation. You will report to the Threat Intelligence Manager and be based on a hybrid basis, with a minimum expectation of two days per week on site. On-site working patterns will be agreed with your Line Manager, in line with the direction of the Head of Threat Defence and Cyber Security Operations. When working on-site, you will collaborate closely with local Information Security Managers to ensure alignment with health and safety obligations, site-specific security requirements, and operational best practices.

At Urenco we're committed to giving you opportunities to be your best. If you feel you meet some, but not all of what we're looking for, please still apply. We believe in embracing the passion and potential of our people, and to achieve this we offer market leading training and development experiences, along with the opportunity to be mentored and coached by some of the smartest minds in the industry.

What you'll do:

• Threat Intelligence Delivery & Operations: Deliver and mature Threat Intelligence (TI) services under the direction of the Threat Intelligence Manager, supporting the wider Threat Defence and Cyber Security Operations function. Monitor, assess, and investigate the external threat landscape, identifying cyber threats, risks, and potential impacts to the organisation, escalating as appropriate. Produce and deliver high-quality, actionable Threat Intelligence through written reports and verbal briefings for technical and non-technical audiences. Manage Threat Intelligence sources and tooling, including dark web monitoring, credential exposure monitoring, alerting, and associated platforms. Work closely with the Managed Security Service Provider (MSSP) to support TI services, tool integration, and continuous capability improvement. Deputise for the Threat Intelligence Manager when required.
• Threat Integration & Response: Support cyber security incident response processes and vulnerability management processes, including emergency response for zero-day threats. Support threat management and threat modelling activities by identifying threat vectors and developing security monitoring use cases in collaboration with the wider CISO function. Provide Threat Intelligence services on demand to internal stakeholders in line with the agreed service catalogue.
• Stakeholder Engagement & Information Sharing: Lead Brand Protection and Information Sharing activities, ensuring timely and appropriate dissemination of intelligence to internal and external stakeholders. Build and maintain strong relationships with internal stakeholders, embedding Threat Intelligence into risk modelling, assessment, and decision-making. Develop and maintain external partnerships across the civil nuclear sector to enable effective Threat Intelligence information sharing.
• Continuous Improvement & Strategic Contribution: Identify and implement improvements to enhance the quality, timeliness, and effectiveness of Threat Intelligence outputs and services. Review and develop Threat Intelligence processes, tooling, documentation, and relevant policies, highlighting external risks to the organisation. Contribute to the ongoing development of the Threat Defence and Cyber Security Operations Strategy through Threat Intelligence, using a combination of in-house capability, outsourced services, and tooling. Collaborate across Threat Defence and Cyber Security Operations on ad-hoc and urgent business requirements to support the protection of the organisation.

What do you need to thrive in this role?

• Vocational Qualifications & Skills Essential: Proven experience working in a threat defence or threat intelligence capacity. Excellent critical thinking and analytical skills, with the ability to produce accurate, insightful, and actionable intelligence assessments. Strong written and verbal communication skills, including the ability to confidently deliver spoken intelligence briefings to both technical and non-technical audiences. Must hold a recognised Threat Intelligence or intelligence-related certification, such as: CREST Practitioner Threat Intelligence Analyst (CPTIA), SANS GCTI, or an equivalent, industry-recognised qualification. Foreign language capability is desirable but not essential.
• Experience Required: Demonstrable experience delivering or supporting a Threat Intelligence function, working closely with information security teams, including Computer Incident Response Teams (CIRT), Computer Emergency Response Teams (CERT / CSIRC), and Security Operations Centres (SOC). Proven experience contributing to the development and delivery of a cyber defence or cyber security strategy. Demonstrable experience defining, producing, and maintaining Threat Intelligence deliverables, reporting, and performance metrics. Strong understanding of the range of cyber threat intelligence sources and the methods used to collect, validate, and analyse intelligence. Knowledge of current geopolitical themes and their relevance to URENCO's cyber threat landscape. Good understanding of the full spectrum of cyber threat actors, including insight into the capability and intent of specific Advanced Persistent Threat (APT) groups. Knowledge of cybercrime groups, including their operations, tactics, techniques, procedures (TTPs), and supporting infrastructure. Solid understanding of cyber incident management and incident response processes.

What can you expect from us?

• Annual leave of 27 days per annum.
• A generous bonus scheme based on achievement of personal and company objectives.
• A diverse range of family friendly policies.
• A defined contribution pension scheme: contributions start at 4% (employee) and 10% (employer).
• Hybrid Working Pattern: up to two days working remotely on average per week.
• Flexible start and finish times, with a 1.30pm finish on Fridays.
• Flexible benefits package; including life assurance and income protection.
• Paid time off for volunteering.
• The opportunity to join our private medical and dental insurance schemes.
• Education and training; we take pride in helping people learn and develop by supporting, accelerating and directing your learning.

Security vetting: Due to the nature of the industry that Urenco operates in, all personnel regardless of employment status working for Urenco are required to obtain security clearance at the level required for their role. Security clearances are assessed in accordance with regulations and official guidance issued by the relevant competent authorities for national security vetting. In certain circumstances, additional enhanced security clearance considerations apply to roles within Urenco owing to the particular activities that the Urenco Group undertakes in relation to uranium enrichment. Successful candidates will need to satisfy security requirements, and all offers of appointment are made subject to the successful approval of all checks initiated.

Creating a diverse and inclusive workforce: As a truly global company with a presence in the UK, USA, Germany, and the Netherlands, we know that our individual differences make us stronger. Putting people at the heart of our business, we strive to create an open and inclusive workplace that allows every voice to be heard and diversity to thrive. If you require any reasonable adjustments to the recruitment process, please let our talent acquisition team know.