F&R is looking for a few highly skilled cyber security specialists to help staff a new location in Nottingham. This new facility will be home to a number of critical cyber security disciplines, designed to improve the overall security posture of F&R– including its assets, data and operations. Be part of an exciting, fast-paced environment that will help F&R strengthen its position.
Our Information Security & Risk Management (ISRM) team is looking for a Cyber Security Analyst to help build out our cyber threat intelligence capabilities. This role will provide cyber intelligence and threat-driven analysis of the risks to F&R; help track current cyber threats; and develop and curate threat indicators to help improve the overall quality of F&R's defenses. You should have a strong understanding of security incidents, the spectrum and state of current malware, intrusion techniques & hacking – from amateur to Advanced Persistent Threat (APT) - and how to conduct successful intelligence collection and investigation around them.
- Identify and evaluate new sources of intelligence, and integrate numerous types of cyber security data sources into cyber threat analysis products.
- Develop critical intelligence partnerships to develop and curate high quality threat analysis and indicators
- Leverage understanding of tactics, techniques and procedures associated with advanced threats to add custom signatures that mitigate cyber threats to F&R
- Analyze network and host activity associated with both successful and unsuccessful intrusions by advanced cyber threat actors
- Perform cyber threat intelligence activities according to best practices, maintaining a standard of the highest quality & confidentiality across multiple geographies
- Produce threat intelligence reports and briefings, that provide situational awareness of cyber threats impacting the company's global network infrastructure, to every level of the organization.
- Partner with security operations teams to provide best-in-class monitoring, response, and reporting for network and computer incidents.
- Bachelor's Degree in Information Systems / Technology, Computer Science / Engineering or equivalent field of study or a minimum of 4 years of IT experience
- Technical background in computer systems and networks
- Hands on experience in the cyber threat intelligence field
- Experience developing intelligence processing, indicator curation & threat modeling
- Background in collecting, analyzing, and interpreting data from various sources, detailing the results and preparing substantial analysis products
- Awareness of intelligence enrichment practices (PassiveDNS, Domain Registration pivoting, VirusTotal, etc.)
- Strong verbal & written communication skills
- Awareness of cyber security industry trends and developments
- Is willing to go through Government or Industry security clearance process when required (e.g. HMG BPSS, HMG SC, Disclosure and Barring Service Check (DBS)).
- Experience with data analysis tools—Excel (basic data analysis), Splunk, Business Intelligence and collaborative analytics tools
- Experience with detection rule writing (Suricata, Snort, Yara, etc.)
- Experience performing network traffic analysis utilizing raw packet data, net flow, IDS, and custom sensor output.
- Experience with local and multiple country regulations governing cyber intelligence processing and handling of sensitive data
- Experience conducting cyber threat hunting operations using known adversary tactics, techniques and procedures to detect advanced threats to the enterprise
- Familiarity with CND-based analytical models (Kill Chain, ATT&CK, etc.)
- Familiarity with scripting / programming (Python preferred)
At Thomson Reuters, we believe what we do matters. We are passionate about our work, inspired by the impact it has on our business and our customers. As a team, we believe in winning as one - collaborating to reach shared goals, and developing through challenging and meaningful experiences. With more than 45,000 employees in more than 100 countries, we work flexibly across boundaries and realize innovations that help shape industries around the world. Making this happen is a dynamic, evolving process, and we count on each employee to be a catalyst in driving our performance - and their own.
As a global business, we rely on diversity of culture and thought to deliver on our goals. To ensure we can do that, we seek talented, qualified employees in all our operations around the world regardless of race, color, sex/gender, including pregnancy, gender identity and expression, national origin, religion, sexual orientation, disability, age, marital status, citizen status, veteran status, or any other protected classification under country or local law. Thomson Reuters is proud to be an Equal Employment Opportunity/Affirmative Action Employer providing a drug-free workplace.