The Cyber Intelligence Specialist will play a key role in safeguarding the organisation’s digital infrastructure as part of a Critical National Infrastructure (CNI) environment. This role is responsible for identifying, assessing, and mitigating cybersecurity risks, as well as developing and implementing security frameworks and solutions. The successful candidate will proactively monitor threats, manage incident response, enhance threat intelligence capabilities, and ensure cyber resilience across the organisation and its customer environment.
Key Responsibilities:
Threat Detection & Monitoring
• Continuously monitor networks, systems, and applications for suspicious activity and cyber threats.
• Analyse and investigate security alerts, escalating as required.
Incident Response & Recovery
• Lead and support incident response activities to minimise disruption and recovery times.
• Conduct forensic investigations, root cause analysis, and incident reporting.
Vulnerability & Risk Management
• Perform vulnerability assessments, penetration testing, and regular security audits.
• Identify potential risks and recommend mitigation strategies and security enhancements.
Security Engineering
• Design, configure, and maintain security tools and infrastructure (e.g., firewalls, IDS/IPS, endpoint protection, VPNs).
• Enhance secure network and cloud architectures across hybrid environments.
Compliance & Governance
• Develop and enforce cybersecurity policies, standards, and procedures.
• Ensure compliance with regulatory and industry frameworks (GDPR, ISO 27001, NIS2).
• Maintain audit readiness and contribute to cyber risk reporting.
Cyber Threat Intelligence
• Collect, analyse, and interpret threat intelligence to inform proactive defence strategies.
• Collaborate with internal teams, suppliers, and customers to exchange intelligence and support remediation.
Security Awareness & Training
• Support cyber awareness programmes to reduce human risk.
• Create training materials and deliver workshops on security best practices.
Essential Technical Skills & Experience:
• Degree in Cybersecurity, Computer Science, Information Security, or related field (or equivalent experience).
• Demonstrated experience in a cybersecurity role, such as SOC Analyst, Threat Intelligence Analyst, or Incident Responder.
• Hands-on experience with security platforms such as SIEM (e.g. Splunk, QRadar), IDS/IPS, firewalls, EDR/XDR.
• Strong understanding of network security, encryption, authentication, and security protocols.
• Knowledge of threat intelligence frameworks (e.g. MITRE ATT&CK).
• Experience with vulnerability management tools and methodologies.
• Familiarity with compliance frameworks (GDPR, ISO 27001, NIS2).
Desirable Skills & Certifications:
• Cybersecurity certifications such as:
o CISSP (Certified Information Systems Security Professional)
o CEH (Certified Ethical Hacker)
o CompTIA Security+ or CySA+
o CISM (Certified Information Security Manager)
• Experience in cloud security (AWS, Azure, GCP) and secure DevOps practices.
• Knowledge of scripting (Python, PowerShell, Bash) for automation and analysis.
Interpersonal & Professional Skills:
• Strong written and verbal communication skills; able to engage across all organisational levels.
• Ability to build effective relationships with stakeholders and third parties.
• Analytical mindset with excellent problem-solving capability.
• High attention to detail and professional integrity when handling sensitive data.
• Able to prioritise effectively and perform under pressure.
• Proactive, team-oriented, and driven by continual improvement.
