We are seeking a Threat Analyst to join our rapidly growing Information Securityteam. This is a unique opportunity for an aspiring and motivated professional to be at the forefront of our cyber defence strategy, protecting our brand from existing and emerging threats. You will combine the expertise of a Threat Hunter and Cyber Threat Intelligence Analyst, and will work alongside our Senior Threat Analyst to build our threat intelligence and hunting capabilities from the ground up. You’ll have a major input on what new tooling and services we use and the backing to implement this.
You’ll be an innovative collaborator with strong technical and communication skills, and an appetite for complex problem solving. Seize the opportunity to join a dynamic security team, reporting to the Head of Cyber Defence, and lead the development of advanced CTI and threat hunting strategies, seamlessly integrating into our security processes and driving continuous improvements.
Our Future Health will be the UK’s largest ever health research programme, bringing people together to develop new ways to detect, prevent and treat diseases. We are a charity, supported by the UK Government, in partnership with charities and industry. We work closely with the NHS and with public authorities across all nations and regions of the UK.
Our plan is to bring together 5 million volunteers from right across the UK who will be asked to contribute information to help build one of the most detailed pictures we have ever had of people’s health. Researchers will be able to use this information to make new discoveries about human health and diseases. So future generations can live in good health for longer.

REQUIREMENTS

We are prioritising talent over experience for this role. While we don’t expect you to have expertise in every area, some experience in cyber threat intelligence and/or threat hunting, along with familiarity with Microsoft’s security products, is essential.

You will have some of the following skills and experience:

• Experience in Cyber Threat Intelligence
• Experience in Threat Hunting
• Experience with the Microsoft Sentinel SIEM/SOAR platform
• Proficient in writing KQL
• Strong understanding of threat intelligence principles and practices.
• Strong understanding of security risk management
• Understanding of threat modelling
• Knowledge of ISO 27001 and other commonly used security standards
• Understanding of modern cloud technologies
• Ideally experience with the Microsoft Defender suite, Microsoft Entra and Microsoft Purview
• Ideally experience with Microsoft Azure
• Exposure to Agile working
• Ability to translate between technical and non-technical teams
• Desire to be part of a small fast-paced team
• Relevant certifications, such as: CISM, CISA, CISSP, CCSP, Microsoft certifications (MS-500, AZ-500, AZ-700, SC-200, SC-300), CompTIA Security+ and Cloud+, Cloud Security Alliance CCSK, GIAC CTI, GIAC CFR

In this role, your key responsibilities will include but not be limited to:

• Working closely with the wider information security team, including our MSP SOC, to improve the overall security posture of the organisation.
• Implementing and utilising our cyber threat intelligence approach, including tooling and feeds.
• Maintaining a current understanding of the cyber threat landscape with a focus on the health research sector.
• Triaging, analysing, and responding to threat intelligence alerts from partners and other stakeholders.
• Tracking relevant threat actors, specifically their tactics, techniques, and procedures (TTPs).
• Providing threat input to support the assessment of security risk and threat modelling activities of Our Future Health.
• Implementing and iterating our threat hunting approach through use of cutting edge hunting techniques, including automation of aspects of the threat hunting process.
• Creating threat hunting hypotheses and performing threat intelligence led proactive threat hunts across the estate.
• Contributing to detection engineering initiatives by identifying opportunities for, and implementation of new detections and improvements to existing detections.
• Leveraging in-house knowledge to enrich and benefit the SIEM and SOC (e.g. managing Sentinel watchlists, assisting with triage, sharing knowledge of our technical estate with the MSP analysts, etc.)
• Assisting with incident investigation and insider threat monitoring.
• Producing written reports and providing verbal briefings which capture the relevance of cyber threats to Our Future Health to a variety of internal stakeholders.