Cyber Threat Intelligence AnalystUtilitiesRemote working6 months+£600 - £650 per dayIn short: Cyber Threat Intelligence Analyst required to join a large utilities provider in supporting their small Cyber Threat team with typical activities.Threat Modelling experience would be very nice-to-have but not essential.In full:Job DescriptionAssisting the Head of Security Defence & Posture in the management of all aspects of threat intelligence, including:Monitor and process the regular (daily/weekly/monthly/quarterly/yearly) reports produced by the open source and premium intelligence vendors that we have access toMonitor the Cyber Threat Intelligence (CTI) "news" dashboards and feeds to identify relevant threats and vulnerabilitiesPerform threat modelling using threat intelligence and business knowledge to identify the most prominent cyber threats and actors for different areas of the businessProduce ad-hoc, daily, weekly and monthly threat intelligence briefings and reports, both for a technical audience and for senior leadershipAct upon actionable elements from reports:Extract actionable intelligence related to tactics, techniques and procedures (TTP's), mapping them to the MITRE ATT&CK and share the actionable intelligence with relevant Cyber Security teams.Ensure indicators of compromise (IOC) are ingested into the platform (mostly automated already)Notify leadership when new, industry relevant threats appear on our radarCreate and fine tune dark web threat detection rulesProcess "potentially compromised credentials" alertsProcess dark web monitoring alertsProcess ransomware alerts > validate with Global Security Operations Centre (GSOC) if a business relationship with the impacted third party company exists and assess potential impactRaise request for information (RFI's) for high interest topicsMonitor the Threat Intelligence Platform to:Ensure intelligence is properly ingested and exported to security monitoring and defence toolingAdjust the delivery parameters to increase the amount of intelligence flowing to security toolingEvaluate existing and potentially relevant intelligence feedsAdd in and fine tune data sourcesPerform threat intelligence analysis and advanced researchBuild complete and highly detailed threat actor profiles, emulation plans & collaborate with the Purple Team and Threat Hunting TeamDefine new enrichment capabilities and new intel integration opportunitiesMaintain and develop documentationMaintain and update the post incident reports (PIRs) and the threat actor libraryComplete ad-hoc and time sensitive threat intelligence report development requestsDevelop scripts to parse data from a wide range of sourcesCandidates will ideally show evidence of the above in their CV in order to be considered.Please be advised if you haven’t heard from us within 48 hours then unfortunately your application has not been successful on this occasion, we may however keep your details on file for any suitable future vacancies and contact you accordingly. Pontoon is an employment consultancy and operates as an equal opportunities employer.