Company: BP
Skills: IT - Analysis & Management
Experience: 10 + Years
Education: High School/Secondary
Employment Type: Full Time Salaried Employee
Location: Sunbury, United Kingdom

In order to apply for this position, applicants MUST meet the following criteria. If your resume does not match these criteria, you will not be able to apply for this position.

The Cyber Emergency Response Team (CERT) Cyber Threat Intelligence Analyst is charged with maintaining a clear and constant view of the tactical and operational cyber threat landscape across industry verticals and government to ensure key stakeholders across the organization benefit from this insight and are informed of any shifts in the landscape. In addition, the team is responsible for the proactive and detailed analysis of threats identified through reporting as well as internally developed capabilities in order to proactively enhance cyber defense and threat hunting capabilities. This mission is critical to the protection of BP assets, our customers, the brand and shareholder value.

  • Monitor the global cyber threat landscape through; open source channels, vendor feeds, participation in industry / government information sharing organizations / platforms and cultivated personal relationships
  • Identification of processes that can be automated and orchestrated to ensure maximum efficiency of collection and dissemination of consolidated threat intelligence to internal stakeholders and external partners
  • Engage relevant stakeholders to establish intelligence requirements, agree prioritisation and track progress
  • Develop high value reporting mechanisms and distribution channels that places the most relevant information in the hands of decision makers
  • Ensure customers are regularly canvassed for feedback
  • Establish BP as a valued contributor to information sharing efforts
  • Develop and maintain capability to fully understand the latest tactics, techniques and procedures of advanced adversaries
  • Participation in and support of external engagements with industry partners, law enforcement and the security community at large
Essential Education:

Certifications, Qualifications & Experience:
  • Formal education and degree in Information Security, Cybersecurity, Computer Science or similar and/or commensurate demonstrated work experience in the same.
  • Extensiveyears of experience in Cyber Intelligence Operations.

  • Proven experience in identifying and responding tactically to advanced attacker methodologies both within the corporate environment as well as external attack
  • Excellent communication and interpersonal skills with the ability to produce clear and concise reports for targeted audiences across internal and external stakeholder groups
  • Experience in a liaison role, working with customers and third parties
  • Experience in supporting fast paced operations and working in ambiguous situations

Essential Skills:
  • Expert level knowledge and demonstrated experience of intelligence sharing platforms / protocols
  • Experience operating within a collective defense environment with internal stakeholders and external partners
  • Expert level knowledge leading diverse teams in an operational environment to produce new intelligence using novel techniques
  • Expert level knowledge of the intelligence lifecycle
  • Expert level knowledge of intelligence analysis principles either though formal education / training or equivalent professional experience
  • Expert level knowledge and demonstrated experience in analysis and dissecting advanced attacker tactics, techniques and procedures that informs adjustments to cybersecurity controls
  • Ability to develop and track key performance indicators (KPIs) and metrics for evaluation of operational effectiveness as well as providing recommendations for control improvement and mitigating control adjustments
  • Working knowledge of key information risk management and security related standards
Advantageous Skills:
  • Industry certifications e.g. Certified Information Systems Security Professional (CISSP)