Senior Cyber Threat Intelligence Analyst

WPP IT provides IT services for WPP, the world’s largest communications services group. As a creative transformation company, WPP is helping its clients transform the future through extraordinary work. WPP IT is an integral part of that journey and we are proud to provide technology for some of the world’s most creative brands.

Visit our LinkedIn page to see what we're up to!

Why we're hiring:

At WPP, technology is at the heart of everything we do, and it is WPP IT’s mission to enable everyone to collaborate, create and thrive. WPP IT is undergoing a significant transformation to modernise ways of working, shift to cloud and micro-service-based architectures, drive automation, digitise colleague and client experiences and deliver insight from WPP’s petabytes of data. 

As we continue on this journey, we require a Senior Cyber Threat Intelligence Analyst will be responsible for the management and ongoing development of both strategic and tactical Cyber Threat Intelligence capabilities within the cyber security operations team.

Developing and maintaining a clear understanding of the threat landscape, you will identify new sources of intelligence, aggregate and nalyse data to provide accurate and actionable recommendations. You will manage the complete cyber threat intelligence lifecycle and ensure this is appropriately integrated into relevant processes and tools.

The Senior Cyber Threat Intelligence Analys will perform activities and analysis across the estate with a view to understanding the motivations, tactics, techniques and procedures used by threat actors towards the organisation and produce accurate documentation on  findings to prioritise remediation activity. 

You willl be responsible for compiling, articulating and presenting cyber threat intelligence briefings to senior management as well as publishing clear and concise threat intelligence reports

What you'll be doing:

• Develop, configure and manage a suite of cyber threat intelligence sources
• Evaluate intelligence for accuracy, reliability, and relevance across multiple intelligence sources
• Develop and maintain close links with cyber threat intelligence functions within partner organisations and government agencies
• Perform analysis across the estate, looking for threats to critical infrastructure, resources and services
• Develop and produce threat intelligence reports, to provide key metrics into other internal cyber functions (Security Incident Response, Threat Hunting, etc.).
• Carry out research and discovery across the estate with a view to produce reports on CTI detections and trends (i.e. highlighted IOCs, Vulnerabilities, Malware).
• Manage the complete IoC lifecycle
• Providing analysis to feed into the overall security posture, assisting with supporting activities to further increase defences, harden potential attack surfaces and implement better protection mechanisms.
• Line Management and personal development of less experience member within the CTI function.
• Act as CTI lead in the handling and remediation of security incidents.
• Take ownership for the continual improvement of the firms cyber threat intelligence capability
• Maintain strong awareness with stakeholder groups of current threat landscape
• Review, analyse and contextualise complex threat intelligence data for wider consumption with business partners

What you'll need:

• 5+ years operational experience as a threat intelligence analyst, with good working knowledge of security incident response and malware analysis.
• Experience of threat modelling and common frameworks such as the cyber kill chain and MITRE.
• Hands-on experience with Network security, Digital Forensics and IPS/IDS systems.
• Hands-on experience with dark web analysis, including the associated tooling and adversarial slang.
• Solid understanding of supporting frameworks like MITRE ATT&CK, LM Cyber Kill Chain, IA Diamond Model, etc.
• Excellent knowledge of supporting processes, like DFIR, Threat Hunting, Malware Analysis and red/purple team exercises.
• Excellent knowledge of threat intelligence tooling, both commercial and open source.
• Good understanding of Security Operations and supporting functions, technologies and methodologies.
• Ability to document findings into reports that can be understood across all levels of the organisation.
• Strong presentation and communication skills, both verbal and written.
• Working knowledge of threat hunting 

Who you are:

You’re open: We are inclusive and collaborative; we encourage the free exchange of ideas; we respect and celebrate diverse views. We are open-minded: to new ideas, new partnerships, new ways of working.

You’re optimistic: We believe in the power of creativity, technology and talent to create brighter futures or our people, our clients and our communities. We approach all that we do with confidence: to try the new and to seek the unexpected.

You’re extraordinary: we are stronger together: through collaboration we achieve the amazing. We are creative leaders and pioneers of our industry; we deliver extraordinary every day.

What we'll give you:

Passionate, driven people – We champion a culture of people that do extraordinary work.

Scale and opportunity – We offer the opportunity to create, influence and deliver projects at a scale that is unparalleled in the industry.

Challenging and stimulating work – Unique work and the opportunity to join a group of creative problem solvers. Are you up for the challenge?