Threat Intelligence Manager - Strategic

About the OpportunityJob Type: Permanent

Application Deadline: 28 February 2025

Title                  Threat Intelligence Manager - Strategic

Department       FIL – Cyber Defence Operations

Location           Kingswood, Surrey

Reports To       Senior Technical Consultant - CDO

Level                5

We share a commitment to making things better for clients and each other. We continually explore modern technology and different ways of working to put our clients first. So, bring your boldest ideas to our Cyber Defense Operations team and feel like you are making progress.

About your team

Technology function across FIL is responsible for all global aspects of Technology, Digital, Cybersecurity, and Innovation. Fidelity is a value-driven, customer-obsessed organization and in Technology we are fortunate to play a direct role in helping our clients with one of the most important aspects of their lives – their financial well-being.

Within the Technology function is our Global Cyber & Information Security (GCIS) that operates enterprise security services and controls. These are designed to mitigate Cyber and Information Security risks ensuring that Fidelity's business operates securely. The Technical Cybersecurity teams monitor both the internal and external threat environment, responding to security alerts and events in close to real time, as well as providing security assurance and access management services across the enterprise technology and business environment. Our global innovative Cyber Defence Operations team sits within GCIS and provides proactive, cutting-edge solutions to protect clients’ digital assets and infrastructure against evolving cyber threats.

About your role
 

As a Strategic Threat Intelligence Manager, you will be responsible for leading the proactive identification and management of risks that could impact the firm from cyber adversaries and changes in Geopolitical landscapes. You will focus on understanding and anticipating evolving cyber threats, regulatory challenges, and geopolitical risks that could affect the integrity and security of the company and its customers. Your insights will be integral to ensuring our leadership team and security operations are well-informed and prepared to take preventative actions.

You will be comfortable working with stakeholders at all levels, performing comprehensive threat assessments and able to view cyber threats at a global level. This role requires you to demonstrate understanding of MITRE attack techniques, threat groups TTP’s and an understanding on how best to represent and prioritise these threats in a large organisation, and present these to stakeholders clearly stipulating the risks and answering the ‘why’ and ‘what’. The role will be supported by a global Detect & Respond team and Detection Engineering team who are looking at this role to provide them with high efficacy information and IOC’s. It will also be supported by a strong security leadership team who are keen to develop an in-house threat intelligence capability underpinned by our investment in leading security tooling. Our leadership team will be looking at this role to assist in prioritising defensive spend to make sure we continue to provide a secure service to our clients.

About you

Key Responsibilities

As a Strategic Threat Intelligence Manager, you are an experienced Threat Intelligence professional managing multiple sources of security information and turning this information into actionable information for our global stakeholders and technical teams. This is a critical role expected to build and maintain relationships inside and outside of the organisation and help to shape and mature our Cyber Defence and wider business security strategy.

• Ensure we understands our top threat actors and groups, and their motivations
• Perform regular Threat Landscape analysis and ensure our operational security teams are provided with actionable information
• Produce detailed, actionable intelligence reports that articulate critical threats and risks arising from Cyber Adversaries, changes in Geopolitical landscape, and any regulatory changes in a consumable format for readers.
• Lead and develop collaboration with wider stakeholders in the business to regularly present threats and landscape changes
• Proactively research and collaborate to implement mitigations against impending attacks
• Build upon and develop our threat intelligence strategy to continually improve our capability
• Create continuous improvement loops with security teams including operations, vulnerability management etc.
• Represent us (and provide input) at open and closed industry forums
• Work in cohesion with Tactical & Operational manager to manage our threat intelligence supplier relationships, and our TIP.
• Responsible to enhance and develop roadmap for the Strategic Threat Intel function.
• Perform review of intel sources feeding into the function and ensure their credibility and confidence aligns with business needs.
• Mentor and support development of analysts in the function

Experience and Skills Required

• Experience and strong understanding of cyber threat groups, TTP’s (including relation to MITRE attack) and their motivations.
• Proven experience and ability to work with a TIP and develop threat models based on Threat Actors monitored by the business.
• Experience continually improving a threat intelligence program.
• Strong reporting ability, with an understanding on how to tailor reports to different audiences.
• Comprehensive understanding of how threat intelligence differs at a tactical, operational, and strategic level.
• A minimum of 3 years of experience in a CTI capability, with at least 2 years in a Cyber Defense / Security Operations setup. 
• Competent in a scripting language, preferably Python.
• Strong communication skills with evidence of being in a position responsible for communicating technical issues to non-technical users, such as formal stakeholder engagement/communications
• Banking or Finance industry related experience desirable

• Motivated, self-started who can create a pragmatic plan to deliver.
• An understanding of business needs and commitment to delivering high-quality, and efficient services to the global business.
• Experience with Microsoft Defender, Azure Sentinel, ServiceNow, and other cybersecurity tools.
• Exceptional analytical, strategic thinking, and problem-solving abilities supporting the SOC. 

Feel rewarded.

For starters, we’ll offer you a comprehensive benefits package. We’ll value your wellbeing and support your development. And we’ll be as flexible as we can about where and when you work – finding a balance that works for all of us. It’s all part of our commitment to making you feel motivated by the work you do and happy to be part of our team. For more about our work, our approach to dynamic working and how you could build your future here, visit careers.fidelityinternational.com.

For more about our work, our approach to dynamic working and how you could build your future here, visit careers.fidelityinternational.com.

As an international financial services organisation, we are in-scope of international regulations in the way that we carry out our work. This position is involved in work that is regulated by the FCA and/or the PRA and their Individual Conduct Rules (COCON) apply to it, along with any other regulation. We provide training on COCON and how it affects our employees. More information about COCON can be found in the Employment Handbook.