Share this Job

Threat Intelligence Analyst

Date: Jul 15, 2021

Location: London, United Kingdom

Company: KPMG UK

Title: Threat Intelligence Analyst (Grade D)
Business unit: Security Operations
Department: ITS

The Team
The role holder will be a key person in the SecOps team, providing cyber and information security threat intelligence to strengthen KPMG UK’s situational awareness about current and emerging threats, supporting information risk-related decisions and activities. The role holder will have responsibility for the development and delivery of a threat intelligence capability which is insightful, contextual and actionable.

Key Stakeholders
CISO, Head of Information Assurance, TISO and SecOps leaders
Business and functional managers across the firm
Chief Information Officer, Technology Information Security Officer and the IT security community in the firm

The Role
Threat intelligence
• Key member of the first line of defence threat intelligence team
• Collect, process and analyse threat information
• Manage the relationship with any external providers of threat intelligence
• Communicate threat intelligence to relevant stakeholders to support evidence-based decision making
• Support the firm’s mission to build client trust and confidence with regard to information security generally and threat intelligence specifically
• Stay abreast of industry best practice in relation to threat intelligence

Policy
• Support the development of the UK firm’s information security policies, to ensure threat intelligence is reflected in policy controls
• Promote good information security practice and standards across the firm
Risk management
• Support the management of the threat event catalogue used in the Information Risk Management framework
• Foster an environment that drives appropriate information risk control behaviour, including early anticipation, identification and mitigation of information risk, escalating issues in line with the Information Risk Management Framework.

Awareness and collaboration
• Establish strong relationships with business and functional teams
• Establish effective relationships with IT service providers and other relevant stakeholders
• Build on and preserve the firm’s reputation with clients, with regard to information security


The Person
Technical knowledge and qualifications
• A minimum of 1 years’ experience of information security with some experience in a specific threat intelligence capacity if possible
• Knowledge of threat intelligence sources and analysis methodologies preferred
• Knowledge of information security standards (e.g. Cyber Essentials, ISF Standard of Good Practice for Information Security, ISO 27001, NIST Cybersecurity Framework, CIS Top 20 Controls)
• Good understanding of privacy requirements (including GDPR)
• Sound working knowledge of the IT security aspects of IT infrastructure (network and servers) and services, including Cloud computing
• Good analytical capability
• Very good writing and reporting skills
• Security certifications preferred
Leadership skills
• Ability to deal with a broad range of stakeholders at all levels, both internal and external, in a confident and assured manner
• Ability to prioritize and manage a complex workload, including multiple tasks
Analytical skills
• Strong analytical and problem solving skills
• Proven ability to identify and articulate information security requirements, risks and issues, and to make clear decisions and recommendations
• Ability to understand business drivers and risk appetite and to align threat intelligence accordingly
Personal qualities
• A good team player, with the ability to act independently and exercise sound judgment
• Excellent communication skills, both written and verbal
• Multi-cultural awareness and sensitivity
• Strong integrity, independence and resilience
• Attention to detail


Job Segment: Intelligence Analyst, Defense, Risk Management, Database, Cloud, Government, Finance, Technology