Threat Intelligence Analyst

NCC Group
Leeds
1 week ago
Create job alert

Hybrid working from one of our UK offices (Manchester, Cheltenham or London.)


Thanks for checking out our job opening; we are excited that YOU are interested in learning more about NCC Group.


We are on a mission to make society a safer and more secure place. Our people are the ones who make that possible; a global community of talented individuals working together towards a safer future.


We aim to create an environment where everyone can reach their full potential. We work together, we are brilliantly creative, we embrace difference and we want you to join in our mission, to make the world safer and more secure.


Take a look at our website here to learn more about why we’re one of the leading global Cyber Security and Risk Mitigation business…https://www.nccgroup.com/uk/


The Opportunity:

As a Cyber Threat Intelligence Analyst you will play a key role in our Tactical Threat Intelligence team.


Together with colleagues spanning almost all time zones, you will help to make our clients safer and more secure against cyber threats by helping them understand the motivations of relevant actors, identifying their targets and how they operate.


The Global Threat Intelligence Team has built a very strong reputation when it comes to collecting our own data and combining this with open and commercial sources. This role involves analysis of cyber threats, the development of actionable intelligence, and collaboration with various teams.


Your support to the wider organisation will be critical in the development of Fox-IT's Threat Intelligence capabilities and the broader service we offer.


Key Accountabilities:


Threat Intelligence Analysis:

  • Identify, track, and document various Threat Actors. Document and report on their TTPs, IOCs and Infrastructure
  • Monitor and analyse Command and Control (C2) infrastructures, Tactics, Techniques, and Procedures (TTPs), Indicators of Compromise (IOCs), and malicious domains.
  • Map observed threat activity to known frameworks (e.g., MITRE ATT&CK) and produce structured intelligence using formats such as STIX/TAXII.

Support:

  • Provide Threat Intelligence research and contextual analysis to support Digital Forensics and Incident Response (DFIR) and Security Operations (SOC) teams.
  • Combine technical investigations with geopolitical and regional context to deliver comprehensive, context-rich assessments.
  • Respond to internal and external Requests for Information (RFI), offering timely, actionable intelligence.

Collaboration and Information Sharing:

  • Partner with internal teams, external partners, industry peers, and intelligence-sharing communities to enhance the organisation's threat landscape awareness.
  • Engage in information-sharing forums and maintain current knowledge of emerging threats, vulnerabilities, and threat actor trends.

Tool Management:

  • Manage and optimise threat intelligence platforms, sources, and feeds to improve analysis efficiency
  • Evaluate and recommend new tools or platforms to strengthen the Threat Intelligence function's capabilities.


Technical Skills:

  • Experience in Threat Intelligence analysis, ideally with experience in APT research, C2 tracking, and emerging geopolitical threats.
  • • Strong understanding of networking protocols (e.g., TCP/IP, DNS).
  • • Familiarity with the Cyber Threat Intelligence lifecycle and frameworks such as MITRE ATT&CK and the use of STIX/TAXII.
  • • Understanding of offensive security reconnaissance and attacker methodologies
  • • Experience assisting or interfacing with DFIR, IR, and SOC teams.
  • Qualifications (desired but not required):
  • • A bachelor's or master's degree or equivalent experience in Computer Science, Cybersecurity, or Information Security.
  • • Certifications such as SANS FOR578 (Cyber Threat Intelligence) or CREST Threat Intelligence Analyst (CRTIA).
  • • Exposure to geopolitical risk analysis and its impact on the threat landscape.


About your application:

We review every application received and will get in touch if your skills and experience match what we’re looking for. If you don’t hear back from us within 10 days please don’t be too disappointed – we may keep your CV on our database for any future vacancies and we would encourage you to keep an eye on our career opportunities as there may be other suitable roles.


If you do not want us to retain your details, please email . All personal data is held in accordance with the NCC Group Privacy Policy. We are committed to diversity and flexibility in the workplace. If you require any reasonable adjustments to support you during the application process, please tell us at any stage.

Related Jobs

View all jobs

Threat Intelligence Analyst

Threat Intelligence Analyst

Threat Intelligence Analyst

Threat Intelligence Analyst

Threat Intelligence Analyst, SEAR

Malware Analyst

Get the latest insights and jobs direct. Sign up for our newsletter.

By subscribing you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Jobs

Job-Hunting During Economic Uncertainty: Cyber Security Edition

The cybe rsecurity sector sits at the forefront of today’s digital landscape, defending businesses and governments alike from increasingly sophisticated threats. From incident response and network security to cloud protections and zero-trust architectures, cyber security professionals tackle an ever-evolving array of challenges. Yet, even this mission-critical field is not immune to economic turbulence. When broader financial markets experience uncertainty—whether through global recessions, regional downturns, or unexpected macro events—the hiring climate can shift, making roles more selective and budgets tighter. For job seekers in cyber security, this can be disconcerting. You might discover that once-abundant vacancies have become scarce, competition for the remaining positions is fiercer, or company priorities pivot away from large-scale expansions toward essential, cost-justified security projects. At the same time, data breaches and cyberattacks don’t pause during economic slowdowns—if anything, they may escalate as bad actors exploit organizational vulnerabilities. This paradox means that while the market feels tough, demand for cyber security expertise remains robust. In this article, we’ll look at: Why economic uncertainty affects cyber security hiring trends. Strategies for staying competitive, even if the number of open roles shrinks. Methods to highlight your skills, adapt to shifting priorities, and network effectively. Approaches for preserving mental well-being during prolonged searches or uncertain feedback loops. How www.cybersecurityjobs.tech can help you find the ideal security-focused role. By proactively sharpening your skill set, tailoring your professional profile, and engaging with a focused community, you can secure a rewarding cyber security job—even when the broader market feels volatile.

Careers

How to Achieve Work-Life Balance in Cyber Security Jobs: Realistic Strategies and Mental Health Tips

Cyber security is one of today’s most vital and rapidly expanding sectors. As data breaches, ransomware, and other cyber threats continue to evolve, the demand for skilled professionals is surging across industries—from finance and healthcare to government and e-commerce. Whether you’re a penetration tester, security analyst, or threat intelligence expert, you play a key role in safeguarding digital infrastructure and sensitive information. This high-stakes environment, however, often comes with intense pressure. Long hours, constant vigilance, and an ever-changing threat landscape can make it challenging to find time for personal well-being. Many cyber security specialists report difficulty striking a sustainable work-life balance, unsure if it’s even possible in a field that never truly sleeps. Yet, as concerns about mental health and burnout become more pressing, professionals and employers alike are seeking better ways to combine career advancement with a fulfilling personal life. In this comprehensive article, we’ll explore how to achieve a work-life balance in cyber security. You’ll discover strategies for managing 24/7 threat alerts, the importance of realistic expectations, ways to maintain mental health in high-intensity roles, and tips for setting boundaries without compromising your professional growth. Whether you’re new to this dynamic arena or already an established specialist, these insights can help you thrive personally and professionally in the fast-paced world of cyber security.

Careers

Transitioning from Academia to the Cyber Security Industry: How Researchers Can Harness Their Skills to Protect Commercial Environments

Cyber security has become a mission-critical field in an era where data breaches, ransomware attacks, and sophisticated hacking techniques threaten businesses and public institutions alike. As digital transformation touches nearly every facet of modern life, the need for highly skilled individuals capable of defending systems and networks continues to grow. For PhDs and academic researchers with expertise in areas like cryptography, network security, or threat intelligence, this presents an exciting opportunity to deploy your analytical prowess in a high-impact, fast-paced commercial setting. In this guide we’ll explore how academics can successfully pivot from the research lab to the cyber security industry. Learn how to apply rigorous, theory-driven approaches to real-world challenges, from designing secure software architectures to neutralising advanced persistent threats. By embracing the industry’s urgency and end-to-end mindset, you can transform your scholarly insights into robust, market-facing security solutions that protect companies and users on a global scale.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.