Threat Intelligence Specialist

  • Sainsburys
  • Edinburgh
  • 04/08/2020
Full time Data Science Data Analytics Business Intelligence Artificial Intelligence Statistics

Job Description

Threat Intelligence Specialist

- 20000Y4F)
Threat Intelligence SpecialistSainsbury’s Bank & AFSEdinburgh, Lochside
In a nutshellRepoting into the Head of Info Sec, as a Cyber Threat Intelligence Specialist, you’ll play an important role in protecting the bank from cyber-attacks and advanced threat actors. You will responsible for defining, shaping and operating the Threat Intelligence capability for the bank. This individual will provide different teams in the bank information about targeting and the threat landscape, and using information derived from all intelligence disciplines to determine changes in actor activity, capabilities, intent, and resources.
What you need to do

  • Engage with other functions to provide input and requirements to influence threat mitigation strategies.
  • Conduct analysis of internal risk and security data and controls to identify security weaknesses.
  • Own and execute the Threat Management framework for the bank.
  • Provide analysis and dissemination of threats from a wide range of intelligence sources including; open sources, hacker forums, peer exchange forums worldwide
  • Maintain detailed threat actor profiles on adversaries of interest/relevance to the bank covering tactics, techniques and procedures, intent, goals and strategic objectives
  • Review intelligence from multiple internal sources such as JS SOC, IT Security, Fraud, etc to assess and react to threats
  • Maintain knowledge of the threat landscape by monitoring various internal and external intelligence sources
  • Handle incoming research requests and intelligence requirements from other teams acting as the lead point of contact for the threat intelligence engagement
  • Assist with technology aspects of investigations lead by JS Security, SBAFS IT Security, fraud, and financial crime teams
  • Support the security and education awareness initiatives with targeted updates to colleagues and customers to make more security aware.
  • Support the Policy Standard Owner and ensure appropriate enterprise-wide assurance is being undertaken;

What success looks like

  • A defined and clear strategy for the bank’s threat intelligence capability to support a proactive and effective security regime.
  • Improved cyber security awareness for colleagues and customers.
  • A focused and clear articulation and consideration of threats in making security risk decisions
  • Better awareness of the cyber threats the bank is/may be exposed to and this is managed in line with the bank’s risk appetite.
  • You will have a good network with various public and private organisations to improve situation awareness and facilitate meaningful information sharing to keep the bank safe.
  • Good collaboration with the JS Security Operations Centre as part of internal shared service leveraged capability to ensure threat intelligence proposition is delivered to the bank in an optimised fashion.
  • Facilitate a metrics and reporting framework to measure the efficiency and effectiveness of the threat intelligence, and increase the maturity of the capability and review it with stakeholders at the executive levels.
  • Build and nurture external networks consisting of industry peers, ecosystem partners, vendors and other relevant parties to address common trends, findings, incidents and cybersecurity risks.
  • Information security proposition to support the bank’s risk appetite and strategic intent.

What you need to know and show

  • You will have a wealth of experience with Cybersecurity Tactics, Techniques and Procedures (TTPs), working within a cyber threat intelligence role and have knowledge and understanding regarding technical and intelligence threats.
  • You’ll have the ability to collect, analyse, and interpret qualitative and quantitative data from multiple sources including extracting indicators and exercising critical thinking in assessing the threat
  • Demostrate a strong technical understanding of networking, internet protocols and information security
  • Advanced knowledge of global threats to international cyber security and conversant in the tactics, techniques and procedures used by cyber adversaries
  • Good experience of using the established TI frameworks such as MITRE ATT&CK Framework
  • Ability to deliver to a schedule, prioritise conflicting tasks, and service occasional time-critical requests as required
  • The ability to work solo on complex problems and an exceptional flair for working in a team in fast moving situations
  • Experience maintaining relationships with IT and business stakeholders up to Exco level.

Colleague Conduct RulesThe individual performing this role is expected to adhere to the conduct rules as specified by our regulators (PRA and FCA).
Individual Conduct Rules (apply to all colleagues)

Rule 1: You must act with integrity

Rule 2: You must act with due skill, care and diligence

Rule 3: You must be open and cooperative with the FCA, the PRA and other regulators

Rule 4: You must pay due regard to the interests of customers and treat them fairly

Rule 5: You must observe proper standards of market conduct

Our benefitsIn addition to the all-important competitive salary, pension & bonus offering, we totally get that life outside work is important to us all. So we want to shout out some of our other great benefits…

  • We offer flexible working to help you achieve a good work/life balance.
  • Opportunity to buy extra holidays is on the table.
  • Discounts on your weekly shop, buying a laptop or sofa? We’ve got it covered through your Sainsbury’s, Argos and Habitat store discount card.
  • Cycle to work scheme and great coffee and cake!

A little about us & our cultureWe’re proud of our heritage as the UK’s first supermarket bank. As digital technology drives the banking landscape we want to be at the cutting edge of this technology, offering award winning innovative digital banking products to our customers. Technology is where we see our growth therefore we need innovators to join us and drive the next phase of our evolution.
We’re a friendly bunch who collectively share a passion to make our customers’ financial lives easier. As part of the wider Sainsbury’s Group, being one of the UK’s most trusted brands, it brings our colleagues a wealth of opportunities to fulfil their potential. Here, you can be part of something bigger and help to create a new approach that puts the customer at the heart of everything we do.

It’s important that our colleagues reflect the diversity of the communities we serve. Our inclusive recruitment policy means we’re committed to training and developing all our colleagues, treating everyone fairly and equally when they come and work with us.
As this role involves working within a regulated environment any offer will be subject to satisfactory background checks including criminal record check, credit check, fraud check and employment references.

Primary Location


Work Locations

Sainsburys Bank Lochside Sainsbury's Bank 3 Lochside Avenue Edinburgh EH12 9DJ




Full-timeAdvertised Salary Competitive