Company Description
Anglo American is a leading global mining company focused on the responsible production of copper, premium iron ore and crop nutrients – future-enabling products that are essential for decarbonising the global economy, improving living standards, and food security. Our portfolio of world-class operations and outstanding resource endowments offers value-accretive growth potential across all three businesses, positioning us to deliver into structurally attractive major demand growth trends.
Our integrated approach to sustainability and innovation drives our decision-making across the value chain, from how we discover new resources to how we mine, process, move and market our products to our customers – safely, efficiently and responsibly. Our Sustainable Mining Plan commits us to a series of stretching goals over different time horizons to ensure we contribute to a healthy environment, create thriving communities and build trust as a corporate leader. We work together with our business partners and diverse stakeholders to unlock enduring value from precious natural resources for our shareholders, for the benefit of the communities and countries in which we operate, and for society as a whole. Anglo American is re-imagining mining to improve people’s lives.
Job Description
We are seeking a Cyber Threat Intelligence Coordinator to lead and enhance our Global Cyber Threat Intelligence programme across all business units. This role involves overseeing the selection, deployment, and maintenance of key technologies such as Threat Intelligence Platforms, Dark Web monitoring tools, SIEM, SOAR, and script libraries. The successful candidate will collaborate across Global IM to shape and implement a strategic roadmap, expand the intelligence programme into operational environments, and deliver actionable insights that support critical decision-making. Responsibilities also include forecasting and analysing the global threat landscape, monitoring threats through to resolution, and designing a global intelligence collection plan aligned with business needs. This is a unique opportunity to drive a threat-led approach in a global organisation committed to innovation and resilience in cybersecurity.

WHO WE ARE

At Anglo American, we’re redefining what it means to mine responsibly. We lead with integrity, care deeply about people and the planet, and constantly push the boundaries of innovation to work safer and smarter. From reducing water and energy use to pioneering precision extraction technologies, we’re committed to sustainable practices that deliver real impact—today and for generations to come.

Qualifications

• An undergraduate qualification (Bachelors / Honours degree or equivalent) in computer science, business informatics, engineering/technology or equivalent experience
• Networking Fundamentals: Understanding of networking protocols, TCP/IP, DNS, HTTP, and other key protocols to analyze network traffic and identify anomalies.
• Operating Systems: Proficiency in various operating systems (Windows, Linux, macOS) to comprehend potential vulnerabilities and attack techniques.
• Cybersecurity Concepts: In-depth knowledge of cybersecurity principles, including encryption, authentication, intrusion detection/prevention systems, firewalls, and access controls.
• Malware Analysis: Familiarity with analyzing malware behavior, code, and characteristics to identify indicators of compromise (IoCs) and understand potential threats.
• Digital Forensics: Basic understanding of digital forensics principles to investigate and analyze evidence related to cyber incidents.
• Security Tools: Proficiency in security tools such as SIEM (Security Information and Event Management), SOAR (Security Orchestration Automation and Response) and EDR (Endpoint Detection and Response).
• Threat Intelligence Platforms: Experience with threat intelligence platforms (e.g., ThreatConnect, MISP, Anomali, ThreatStream) for collecting, managing, and sharing threat data.
• Programming and Scripting: Familiarity with scripting languages like Python, PowerShell, or Bash for automating tasks and data manipulation

• Lead in designing the selection criteria, deployment and ongoing maintenance of threat intelligence related technology such as Threat Intelligence Platform, Threat Intelligence sources, Dark Web monitoring tools, SIEM, SOAR and script library.
• Engage across Global IM to develop, innovate and implement the strategic roadmap for effective threat intelligence management.
• Lead the growth of the Threat Intelligence programme into the Operational Environments across all whole Anglo American Businesses to tangibly affect Group Technical and Global IM critical tasks and inform decision making as the Cyber Operations team adopts a threat-led approach.
• Forecast strategic analysis of the threat landscape pertinent to the Global business and maintain their validity through the control of sources.
• Identify threats to global business and monitor such threats through to threat closure or until a control measure has been identified.
• Lead the design of the global intelligence collection plan and identify and comprehend business intelligence requirements in support of intelligence production.
• Collaborate with Cyber Operations disciplines to enable a threat intelligence led approach to security.
• Prepare and disseminate threat intelligence reports and briefings to internal and external stakeholders.
• Design Standard Operating Procedures (SOPs) and other publications to support the Threat Intelligence team in conducting their work.
• Represent Anglo American in industry intelligence forums
  

  LI-AB2

Qualifications

• An undergraduate qualification (Bachelors / Honours degree or equivalent) in computer science, business informatics, engineering/technology or equivalent experience
• Networking Fundamentals: Understanding of networking protocols, TCP/IP, DNS, HTTP, and other key protocols to analyze network traffic and identify anomalies.
• Operating Systems: Proficiency in various operating systems (Windows, Linux, macOS) to comprehend potential vulnerabilities and attack techniques.
• Cybersecurity Concepts: In-depth knowledge of cybersecurity principles, including encryption, authentication, intrusion detection/prevention systems, firewalls, and access controls.
• Malware Analysis: Familiarity with analyzing malware behavior, code, and characteristics to identify indicators of compromise (IoCs) and understand potential threats.
• Digital Forensics: Basic understanding of digital forensics principles to investigate and analyze evidence related to cyber incidents.
• Security Tools: Proficiency in security tools such as SIEM (Security Information and Event Management), SOAR (Security Orchestration Automation and Response) and EDR (Endpoint Detection and Response).
• Threat Intelligence Platforms: Experience with threat intelligence platforms (e.g., ThreatConnect, MISP, Anomali, ThreatStream) for collecting, managing, and sharing threat data.
• Programming and Scripting: Familiarity with scripting languages like Python, PowerShell, or Bash for automating tasks and data manipulation.

Additional Information