Threat Intelligence Analyst

Job Type:

Build a brilliant future with Hiscox
 

Position: Threat and Vulnerability Analyst

Reporting to: Red Team Leader (Cyber Fusion Centre)

Location: York (UK) or Lisbon (Portugal) Type:

Permanent Band: I

Company description

Hiscox is a diversified international insurance group with a powerful brand, strong balance sheet and plenty of room to grow. Listed on the London Stock Exchange and headquartered in Bermuda (with the bulk of group leadership sitting in London), Hiscox has over 3,000 staff across 14 countries and 34 offices. Structured by geography and product, Hiscox’s long-held business strategy has helped them grow from a niche Lloyd’s underwriter to an international insurance group with a powerful and trusted consumer brand.

The Role

The Threat and Vulnerability Analyst works in our Cyber Fusion Centre, which is responsible for the protection, detection and response capabilities used to safeguard our business from cyber threats. You will be responsible for the proactive identification of threats to our systems and networks, together with potential vulnerabilities that could be exploited by malicious threat actors. Your work will be essential in enhancing our security posture by providing insights into potential attack vectors and security weaknesses. You will be responsible for emulating the threats we face, by mimicking the Tactics, Techniques and Procedures (TTPs) used by real-world hackers. The primary focus of your role will involve the use of our core Threat and Vulnerability Management (TVM) platforms used to perform routine security scanning and analysis. You will triage and prioritise the scan results and work with our Ethical Hackers and Security Engineers to determine appropriate mitigations. You will also work closely with our Blue Team to ensure that any vulnerabilities are understood, and that the Blue Team monitoring capabilities are optimised to detect attempts to exploit them. You will be on the front-line of protecting our business from the latest cyber threats, and will need to be comfortable working in a high performance operational team.

The role is based in either York (UK) or Lisbon (Portugal) and is a permanent position. Travel to other team locations will be required as necessary.

Key Responsibilities

• Manage the daily operations and maintenance of our TVM platforms, ensuring we have the latest scan libraries and threat intelligence to support detailed scans of our infrastructure.

• Analyse and prioritise the outputs from TVM platforms and translate into mitigation actions for our Fusion Centre CI/CD pipelines.

• Perform routine vulnerability assessments of our infrastructure and applications, document your findings and recommendations for remediation.

• Perform network reconnaissance to gather information about potential high value targets in our network, ensuring we understand where our assets are and what vulnerabilities they are exposed to.

• Track open security vulnerabilities in our estate and manage them through the lifecycle to closure.

• Escalate more complex issues to our Ethical Hackers for further investigation. • Collaborate with our Blue Team to validate their detection and response capabilities.

• Support the coordination of Penetration Tests performed by our external third parties.

• Support the planning and delivery of Red and Blue Team exercises as required.

• Support in-flight security incidents by providing insight into our vulnerability exposure and what potential threat vectors a malicious actor may be trying to target.

• Prepare detailed reports and briefings for various stakeholders outlining the nature of our threats, their potential impact and recommended mitigation approach.

• Maintain an up-to-date knowledge of the latest threat actors and their TTPs and share your knowledge with other members of the team as required.

Candidate Profile

• 0 to 3+ years experience in a cyber analyst role, preferably with a focus on TVM technologies.

• Excellent working knowledge of the vulnerability management lifecycle.

• Excellent analytical skills with the ability to work under own initiative.

• Comprehensive knowledge of common hacking techniques and the latest cyber threats.

• Good working knowledge of using cyber threat intelligence and attack modelling frameworks.

• Have the desire to pursue a career in Ethical Hacking, and be willing to undertake further training.

• Be highly curious and demonstrate lateral thinking and problem solving. • Good presentation and report writing skills.

• BSc or MSc in Cybersecurity is essential if you have no formal experience.

• Industry recognised qualifications such as CompTIA PenTest+ and GIAC GPEN are desirable.

Diversity & Benefits

At Hiscox we care about our people. We hire the best people for the job and we’re committed to diversity and creating a truly inclusive culture, which we believe drives success.  Working life doesn’t always have to be in the office, so we have introduced hybrid working to encourage a healthy work life balance.  This hybrid working model is set by the team rather than the business to enable you to manage your own personal work-life balance.  We see it as the best of both worlds; structure and sociability on one hand, and independence and flexibility on the other.  Our benefits package includes a bonus, contributory pension, 25 days annual leave plus 2 Hiscox days and a 4 week paid sabbatical with every 5 years’ worth of service, private medical for all the family and much more

Work with amazing people and be part of a unique culture