×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Data Security

Senior Cyber Threat Intelligence Analyst

Job in Newcastle upon Tyne, Newcastle, Tyne and Wear, SY7, England, UK
Listing for: GCS
Full Time position
Listed on 2026-02-16
Job specializations:
  • IT/Tech
    Cybersecurity, Data Security
Job Description & How to Apply Below
Location: Newcastle upon Tyne

Experience Level: 7–10 Years

Reports to:

Director - Cyber Security Practice/ Manager - Cyber Threat Intelligence

Salary:
Negotiable - includes relocation bonus, Visa Sponsorship and medical cover.

Role Overview

The Senior Threat Intelligence Analyst will play a dual role as both a hands‑on intelligence practitioner and a Threat Intelligence Platform (TIP) specialist, responsible for deploying, configuring, operating, and optimizing TIP solutions within an enterprise‑scale intelligence ecosystem.

This role is ideal for analysts who have moved beyond pure reporting and now operate at the intersection of intelligence operations, tooling, and platform engineering. You will work closely with backend engineers, data engineers, and AI teams to ensure intelligence workflows are automated, scalable, and operationally relevant. While strategic intelligence skills remain important, this role places strong emphasis on TIP configuration, data modeling, ingestion pipelines, workflow customization, and analyst enablement.

Key Responsibilities
  • Threat Intelligence Platform (TIP) Deployment & Configuration
    • Lead or supported the deployment, configuration, and tuning of Threat Intelligence Platforms such as:
      Anomali (Threat Stream / Enterprise), Threat Connect, MISP / OpenCTI, Recorded Future, Intel 471, Group-IB (integration layer)
    • Configure data models, entities, and relationships aligned with operational CTI workflows.
    • Design and manage ingestion pipelines for internal telemetry, OSINT, commercial feeds, and custom sources.
    • Implement STIX/TAXII-based integrations, API connectors, and enrichment workflows.
    • Customize workflows, playbooks, tagging schemas, scoring logic, and lifecycle states within the TIP.
  • Intelligence Operations & Analysis
    • Perform tactical, operational, and strategic threat analysis using data curated and processed via the TIP.
    • Validate, enrich, and contextualize IOCs, TTPs, malware families, threat actors, and campaigns.
    • Map intelligence to MITRE ATT&CK, kill chains, and organizational risk scenarios.
    • Support incident response, SOC, detection engineering, and vulnerability management teams with actionable intelligence.
    • Conduct adversary and campaign tracking, ensuring data quality and analytical integrity.
  • Automation & Workflow Optimization
    • Design and implement automation workflows within the TIP to reduce analyst toil.
    • Work with SOAR platforms and scripting tools to enable intelligence‑driven response actions.
    • Optimize scoring, deduplication, false‑positive reduction, and prioritization logic.
    • Collaborate with engineers to expose TIP data via APIs and downstream systems (SIEM, EDR, ASM).
    • Contribute to feedback loops for continuous improvement of intelligence quality and relevance.
  • Platform Governance & Data Quality
    • Define and enforce intelligence data standards, schemas, and naming conventions.
    • Ensure data lineage, traceability, and confidence scoring across all intelligence objects.
    • Monitor platform health, ingestion failures, data drift, and feed degradation.
    • Support role‑based access controls, sharing policies, and compliance requirements.
    • Assist in platform audits, migrations, or TIP-to-TIP transitions when required.
    • Act as a bridge between analysts and engineers, translating intelligence requirements into technical configurations.
    • Create standard operating procedures (SOPs), onboarding guides, and workflow documentation for TIP usage.
    • Mentor junior analysts on platform usage, intelligence modeling, and analytical tradecraft.
    • Participate in architecture reviews for new CTI modules, feeds, or AI‑driven enhancements.
    • Desired Skills & Experience Core CTI & TIP Expertise (Mandatory)
    • 7–10 years of experience in Cyber Threat Intelligence roles.
    • Hands‑on experience deploying, configuring, and operating TIPs in production environments.
    • Strong understanding of STIX 2.x, TAXII, IOC lifecycle management, and intelligence ontologies.
    • Experience integrating TIPs with SIEM, SOAR, EDR, and vulnerability management tools.
    • Proven ability to customize workflows, scoring models, enrichment logic, and automation.
    Technical & Platform Skills
    • Strong familiarity with APIs, JSON, Python scripting, and data ingestion pipelines.
    • Experience with log…
    Position Requirements
    10+ Years work experience
    Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
    To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
     
     
     
    Search for further Jobs Here:
    (Try combinations for better Results! Or enter less keywords for broader Results)
    Location
    Increase/decrease your Search Radius (miles)

    Job Posting Language
    Employment Category
    Education (minimum level)
    Filters
    Education Level
    Experience Level (years)
    Posted in last:
    Salary
    Advanced Search