Overview

Senior Technical Analyst (Hybrid/ London, UK)

Key Responsibilities

• Use tools such as Elastic/Kibana, Python, VirusTotal, Censys/Shodan, and DNS Forensics to extract, analyze, and automate workflows.
• Produce well-written, concise, and actionable technical analysis reports tailored to both technical and non-technical audiences.
• Synthesize raw telemetry data to identify patterns and unique signatures, conduct analysis on exploit kits and actors/groups' technical capabilities against the industry, and enhance mid-to-senior level leaders\' decisions on near-term threats.
• Produce actionable/operational reports and briefings for members using both sourced data and original research and analysis.
• Conduct deep dives on specific threats, attacks/campaigns, incidents, and vulnerabilities, using multiple sources and proven data analytic skills to enhance members\' understanding of threat and mitigation ability.
• Lead projects, mentor analysts globally, and assume responsibilities as requested.
• Interact with FS-ISAC members in person and virtually, engaging with them on threat intelligence, analytical projects, and other technical work.
• Sector incident response responsibilities are a requirement of this position. When sector-level incidents occur related to EMEA or a hybrid of threats that could impact EMEA members, assist the EMEA Intelligence Officer and Chief Intelligence Officer with sector-level response and information sharing as appropriate. This may require working on weekends and odd hours and being part of an on-call capability in the region.
• This role requires teamwork and collaboration across all regions and with Communities of Interest (COIs), Working Groups, and member-facing efforts.

Key Qualifications

• Experience with monitoring and detection technology
• Strong understanding of vulnerability analysis
• Experience with handling incident response
• Demonstrated experience writing reports and documentation
• Understanding of AI/Machine Learning
• Experience in designing and implementing security controls and systems
• Knowledge of general computer and network security, security protocols, and threat modeling
• Proficiency in one or more general-purpose programming languages to build and test cyber threat intelligence products and solutions
• Skills in data analysis
• Proven focus on metric-driven delivery

Basic Qualifications

• Technical Analysis Skills 7 to 10 years of applicable professional experience
• Strong experience in threat research, with a proven ability to identify and analyze emerging cyber threats
• Proficiency in Elastic/Kibana for data visualization, analysis, and monitoring
• Practical experience in threat hunting, including identifying patterns and adversary behavior
• Skills in data analysis to derive actionable insights from complex datasets
• Experience with EclecticIQ (EIQ) or equivalent threat intelligence platforms
• Expertise in writing and optimizing queries using tools such as VirusTotal and URL Scan IO
• Experience with tools for analyzing NetFlow data and vulnerabilities
• Exceptional writing and communication skills, with the ability to produce clear, concise, and impactful reports
• Strong interpersonal skills, with the ability to perform professionally under pressure and build effective relationships
• Proven ability to develop and monitor metrics to measure intelligence outcomes
• Proven ability to manage multiple concurrent reporting tasks while maintaining high standards of quality and meeting deadlines consistently
• Intellectually curious and oriented to on-time delivery of work product
• Familiarity with intelligence standards and tradecraft, ethical considerations and regulatory environments surrounding cybersecurity threat intelligence
• Ability to work independently with minimal direction
• Demonstrated history of teamwork and dependability
• Global work experience is a plus

Preferred Qualifications

• Familiarity with DNS Forensics, including IOC pivoting, link analysis, and adversary pursuit cycles
• Understands malware analysis, including identifying, analyzing, and mitigating malicious threats
• Experience using tools like DNS Coffee for IOC lookups
• Proficient coding ability (Java/Python/Perl) for automation and technical processes
• Demonstrated ability to identify patterns in threat data and optimize queries for analytical tools
• Familiarity with automating processes using Python and integrating outputs into workflows
• Leadership experience in mentoring analysts or managing deliverables
• Self-motivated and results-oriented, with strong problem-solving skills

Education And Experience

• Bachelor\'s degree or equivalent practical experience
• 7-10 years experience as a technical cyber threat analyst is preferred
• 3-5 years experience in cybersecurity with a focus on securing software and data-intensive products is preferred
• Experience in technical analysis is preferred

Work Environment

This position reports to the FS-ISAC\'s Intelligence Officer, EMEA and will work from FS-ISAC\'s London Office, utilizing a hybrid office schedule with at least two days per week in the office. Regardless of work location, the position requires a professional work environment, and the candidate must be able to meet the physical demands associated with the professional environment. Reasonable accommodation may be provided to enable individuals with disabilities to perform essential functions.

FS-ISAC has reviewed this description to ensure that essential functions and basic duties have been included. It is not intended to be construed as an exhaustive list of all functions, responsibilities, skills, and abilities. Supervisors may assign additional functions and requirements as appropriate. All candidates must already be authorized to work in the United Kingdom.

FS-ISAC provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, or genetics. In addition to federal law requirements, FS-ISAC complies with applicable federal and local laws governing nondiscrimination in employment in every location in which the company has facilities.

Job location: London, United Kingdom