Cyber Intelligence Lead

Terms: Permanent Location: Cheltenham, Gloucestershire Salary: £65 – £90k

Who are we looking for?

As CORVID’s capabilities have matured, the need for a dedicated focus on the collection and exploitation of cyber intelligence has been identified. We are looking for a technologist with strong software development skills and an understanding of the application of intelligence.

This is a hands-on role which will see the successful candidate designing and delivering a range of projects, from developing innovative proof-of-concept systems and overseeing their development, to the development of strategies and systems for managing intelligence holdings. The role will require an individual with a diverse yet balanced range of technical, analytical and strategic skills.

Key responsibilities:

  • Meet the intelligence demands of CORVID and its customers.
  • Identify and collect relevant cyber threat information, as well as identifying new and existing intelligence sources.
  • Conduct proactive and reactive CTI collection, analysis, production, and dissemination of intelligence products with a current or future impact to the business.
  • Design and develop systems that process large volumes of data, with a focus on data quality, confidence and usability.
  • Research, develop and demonstrate the value of new forms of intelligence.
  • Maintain oversight of data sources, intelligence production processes, intelligence management systems, and the integration of intelligence into relevant services.
  • Assess the value of third party open and commercial sources.
  • Highlight the value and uses of intelligence through staff training, seminars and mentoring.

Skills and experience:

  • Proven hands-on technical expertise in the field of cyber/information security, with ten years' experience in a cyber role(s).
  • Understanding of cyber risk concepts.
  • Understanding of threat intelligence analysis concepts.
  • Experience of the cyber incident response ecosystem.
  • Familiarity with the technical engineering requirements associated with the production of intelligence.
  • Ability to track industry developments and relevant new technologies.
  • Research interests in specific TA groups is not essential, but would be utilised.

You'll have a significant understanding of:

  • The intelligence lifecycle and information lifecycle management.
  • The production and use of indicators, feeds, threat briefings and intel reports.
  • Attribution, TTPs and the taxonomies associated with current threat actor groups.
  • Incident response and intelligence analysis methodologies, including familiarity with common analysis frameworks.
  • Attack methodologies and familiarity with common threat and attack models used during IR and intel analysis.
  • OpSec for intelligence production.
  • Advanced malware detection and analysis techniques.
  • At least one high-level programming language, and an ability to prototype proof of concept architectures.
  • ‘Big data’ including data analysis techniques and the use of both structured and unstructured tools/storage platforms.

How to apply

This role is no longer available. Thank you to all applicants.