Key skills
AWSAzureCloudCyber SecurityGoogle Cloud PlatformKubernetesGCPGoogle CloudServerlessMentoringCommunicationZero Trust
About this role
Role Overview
- Identify and shape tactical and strategic responses to current and emerging cyber threats
- Work with vendors and partners to ensure threat content and analysis is timely, accurate, and supports future needs
- Support the delivery of the Threat Management programme, including assessments, threat modelling, prioritisation, and remediation
- Maintain and improve Threat Management processes, tools, and procedures to ensure effective detection, assessment, and mitigation of threats
- Research nation‑state actors, campaigns, and malware across open, deep, and dark web sources to produce predictive intelligence
- Create timely, relevant, accurate, and actionable threat intelligence
- Build strong relationships across Group CISO, security, technology, cloud, architecture and incident management teams to coordinate threat mitigation
- Provide guidance on remediation strategies, security best practice, and risk reduction aligned to organisational and regulatory requirements
- Contribute to attack‑simulation and social‑engineering testing using industry best practices
- Prepare and present threat reports, dashboards, and recommendations tailored to technical and senior audiences
- Support performance metrics, continuously evaluating and improving Threat Management controls and processes
- Help identify, document, assess, and mitigate risks, working with other teams to design effective controls
Requirements
- Professional cyber security certifications (e.g., OCSP, CISSP, GCTI, GREM, CEH)
- 5+ years’ experience in cybersecurity, with strong background in Threat Management and defensive security in regulated environments
- Deep knowledge of common security threats, attack vectors, and threat‑analysis frameworks (e.g., MITRE ATT&CK, Cyber Kill Chain, Diamond Model)
- Skilled in using threat management, incident response, and remediation tools, including OSINT and specialist platforms (e.g., Shodan, Censys, DomainTools, VirusTotal, SIEM, EDR)
- Experience with Red Teaming, Purple Teaming, and automated attack techniques
- Strong understanding of security standards and regulations (NIST CSF, PCI DSS, GDPR/DPA 2018, ISO 27001)
- Experience managing threats in cloud environments (Azure, AWS, GCP), including Zero Trust models, containers, and Kubernetes/serverless architectures
- Excellent analytical skills with the ability to turn complex technical information into clear recommendations
- Strong communication skills, able to explain technical concepts to non‑technical stakeholders and senior leaders
- Confident decision‑maker, able to work independently under pressure, with high confidentiality and pace
- Capable of mentoring junior team members, reviewing outputs, and maintaining high quality standards
- Self‑motivated, organised, and able to prioritise effectively
Tech Stack
- AWS
- Azure
- Cloud
- Cyber Security
- Google Cloud Platform
- Kubernetes
Benefits
- 25 days holiday, increasing through length of service, with option to buy or sell
- Bupa health insurance as a benefit in kind
- An enhanced pension plan and life insurance
- Annual performance-based bonus
- Onsite gyms or local discounts where no onsite gym available
- Various other benefits and online discounts