Back to jobs
New

Analyst, Cyber Threat Intelligence

London

Who we are

S-RM is a global intelligence and cyber security consultancy. Since 2005, we’ve helped some of the most demanding clients in the world solve some of their toughest information security challenges.

We’ve been able to do this because of our outstanding people. We’re committed to developing sharp, curious, driven individuals who want to think critically, solve complex problems, and achieve success.

But we also know that work isn’t everything. It’s about the lives and careers it helps us build. We’re immensely proud of this culture and we invest in our people’s wellbeing, learning, and ideas every day.

We’re excited you’re thinking about joining us

 

Working in Cyber at S-RM

Our Cyber Security division is the fastest-growing part of S-RM. The cyber sector is always evolving, and our Incident Response and Managed Services practices are in more demand than ever.

We’re building a team to meet this challenge.  We’re quick to respond, innovate, and improve.  We don’t get too hung up on hierarchy or bureaucracy.  If your ideas are good enough, we’ll empower you to implement them.  If you’re the best person to talk to a customer, you’ll get that opportunity, regardless of the title in your email signature. And when you need a hand, your team will always have your back.

We also don’t believe there’s a typical cyber security professional.  We’ve built a team of intelligence analysts, technical specialists, software developers, investigators, risk managers, and more.  You’ll always find a range of perspectives and expertise to help you learn and grow.

If that sounds like your kind of team, we’d like to hear from you.

 

The role

Cyber Threat Intelligence (CTI) is an integral part of S-RM's Managed Services practice. As a CTI Analyst, you will work closely with the Global Cyber Threat Intelligence Lead and Customer Success Managers to deliver high-value intelligence services to clients. Your core responsibilities will include: 

  • Dark Web Monitoring: Use threat intelligence platforms and specialist tools to conduct targeted research across dark web sources, and set up and deliver regular monitoring engagements for clients. 
  • Managed Threat Intelligence Services: Conduct targeted investigations using threat intelligence platforms, tools, and open-source intelligence across a growing portfolio of managed intelligence offerings. 
  • CTI-lead analysis: Support in-depth investigations with a strong threat intelligence component, including conducting research and drafting client-facing reports. 
  • Thought leadership: Contribute to public write-ups and presentations on emerging vulnerabilities, trends, and threat actor techniques. 
  • Business development: Help cultivate relationships with external intelligence-sharing partners and identify opportunities to grow the practice. 

 

Beyond these core responsibilities, you will be expected to stay current with threat intelligence developments and collaborate closely with S-RM's Incident Response and Risk & Resilience teams where CTI adds value to their engagements. You will also work alongside the Managed Detection and Response (MDR) and Attack Surface Management (ASM) teams to ensure unified service delivery across all managed service offerings.

This role offers the opportunity to shape the development of S-RM's CTI services — working with the practice lead, managed service teams, and technical development teams to identify opportunities for innovation and improvement. We will actively support your professional growth, including opportunities to develop and share domain expertise through internal initiatives. 

 

What we're looking for

Candidates with the following qualifications and experience are likely to succeed as Cyber Threat Intelligence Analysts at S-RM.

That said, if you don't think you meet all of the criteria below but are still interested in the role, please apply. Nobody checks every box — we're looking for candidates who are particularly strong in a few areas and have some interest and capability in others. 
 

We nurture a culture of equality, diversity, and inclusion, and are dedicated to developing a workforce that reflects a variety of talents, experiences, and perspectives. 

Required Skills: 

  • Excellent written and verbal communication skills, with the ability to produce clear, concise, and well-structured analytical reports. Candidates should be prepared to demonstrate strong writing ability (e.g., via a writing sample or assessment). 
  • Strong analytical and problem-solving skills, including the ability to work with incomplete, ambiguous, or conflicting information, and to assess the credibility, reliability, and relevance of sources and data. 
  • Strong attention to detail and the ability to maintain focus and quality when processing large volumes of data across multiple sources. 
  • Understanding of foundational cyber concepts, such as common attack vectors (e.g., phishing, credential misuse), high-level security terminology, and general threat actor motivations. 
  • Understanding of core intelligence concepts, including the intelligence lifecycle, requirements gathering, and the distinction between tactical, operational, and strategic intelligence outputs. 
  • A demonstrated interest in the cyber threat landscape, including financially-motivated activity (e.g., ransomware, extortion), as well as broader geopolitical, industry-specific, or emerging threats. 

 

Preferred Skills: 

  • Academic or professional background in a research-focused discipline (qualitative or quantitative), such as Political Science, International Relations or Security Studies, Intelligence Studies, Criminology, Cybersecurity, Data Science, or related fields. 
  • Experience using OSINT methodologies and/or threat intelligence platforms (e.g., Recorded Future, Flashpoint, MISP, VirusTotal, Shodan, Maltego, or similar tools) to collect, enrich, and analyse threat data from open, deep, and dark web sources. 
  • Familiarity with dark web environments, underground forums, or illicit marketplaces, including an awareness of how threat actors communicate and operate in these spaces. 
  • Ability to contextualize findings into business-relevant assessments, including potential impact, likelihood and recommended mitigations. 
  • A foundational understanding of how cyber threats are categorised and communicated, including awareness of widely-used frameworks such as MITRE ATT&CK, the Diamond Model, or the Cyber Kill Chain. 
  • Experience engaging with clients or stakeholders across the intelligence lifecycle, from requirements gathering through delivery, or a demonstrated willingness to develop this skill. 
  • Proficiency in a second language is a strong advantage, particularly Russian, Spanish, Arabic, Portuguese, French, Mandarin, or other languages relevant to cyber threat actor communities. 

 

Successful candidates are likely to show the following personal attributes:  

  • An investigative mindset and genuine enthusiasm for research. 
  • A collaborative approach and willingness to work across teams. 
  • Ability to manage competing priorities and deliver under pressure. 
  • Initiative and ownership — a self-starter who identifies opportunities to enhance S-RM's cyber capabilities. 

 

Certifications & Training:

Relevant industry certifications are not required for this role. However, we value evidence of continued learning. The following are considered beneficial: 

  • Cyber Threat Intelligence: GCTI, CTIA, CREST CRTIA 
  • Cybersecurity Foundations: Security+, CySA+ 
  • OSINT & Open Source Research: GOSI, C|OSINT, SANS SEC497, OSINT Combine courses, Trace Labs OSINT training 
  • Investigative Research & Verification: Bellingcat Online Investigation Workshops, etc. 

Participation in OSINT competitions (e.g., Trace Labs Search Party CTF) or contributions to open source research communities are also welcomed as evidence of practical skill development. 

Candidates must have permission to work in the UK by the start of their employment 

Our benefits

We offer thoughtful, balanced rewards and support to help our people do their best work and live their lives outside of work. This includes but is not exhaustive of:

 

  • 25 days holiday per year in addition to public holidays (+1 day for every year of service up to a maximum of 30 days in total);yes
  • Hybrid working and flexible working hours;
  • Matching pension contribution up to 7% (up to a maximum of 14% combined), and financial education;
  • Life Insurance 4X annual salary.

Parental Support:

  • Fertility treatment leave – 5 days of leave per cycle of treatment per year;
  • Maternity leave – 26 weeks of full pay followed by 13 weeks of half pay;
  • Paternity leave – 6 weeks of full pay.

Various Health and Medical Benefits including:

  • Medical insurance (taxable benefit) for you and your family;
  • Virtual GP for you and your family members that live in the same household;
  • EAP programme for you and your immediate family;
  • Free access to the world-famous mindfulness app

 

The application process

We want to get to know you, and for you to get to know us, to see if we’d be a good fit. We are responsive and respectful of people’s time throughout our hiring process:

A typical application process includes:

  • Initial screening of your application by our recruiting team.
  • An interview to assess your baseline technical skills.
  • An interview to discuss your previous experience, broader competencies, and suitability for the role.

 

To apply for this role, please submit a tailored cover letter and CV to: Job Application for Analyst, Cyber Threat Intelligence at S-RM

Create a Job Alert

Interested in building your career at S-RM? Get future opportunities sent straight to your email.

Apply for this job

*

indicates a required field

Phone
Resume/CV*

Accepted file types: pdf, doc, docx, txt, rtf

Cover Letter

Accepted file types: pdf, doc, docx, txt, rtf