Senior CIRT / Threat Intel Analyst

Company: S&P Global, Inc.
Apply for the Senior CIRT / Threat Intel Analyst
Location: London
Job Description:

About the Role

As a Cyber Incident Response Analyst, you will be part of the Cyber Defence team that develops and oversees the company’s security program, ensuring S&P Global is protected from existing and emerging threats. In close partnership with Security Operations and Threat Intelligence, you will detect, analyze, and decisively respond to security incidents, enrich investigations with timely intelligence, and help drive proactive defences. While based in the UK, you will support response and intelligence needs globally. Candidates should have a genuine interest in cyber security and a strong grasp of attacker tactics, techniques, and procedures (TTPs). This role requires a detail‑oriented, critical thinker who understands how adversaries exploit systems, networks and people – and how to respond. Experience applying threat intelligence to investigations and improving detections is highly desirable.

Responsibilities

  • Coordinate and triage response to cybersecurity events and conduct forensic analysis across endpoints, networks, cloud and SaaS.
  • Integrate threat intelligence into investigations (e.g., enrich IOCs, map activity to MITRE ATT&CK, identify likely threat actors/TTPs and assess potential impact).
  • Understand the threat landscape through collaboration with industry peers, FS‑ISAC, trust groups and commercial/open‑source intelligence, translating insights into actionable recommendations.
  • Develop, maintain and operationalise Incident Response playbooks and SOPs; include PIRs, collection plans and feedback loops to refine detections.
  • Work closely with the SOC to investigate incidents and deliver containment, remediation and root‑cause analysis; produce high‑quality, intelligence‑informed incident reports.
  • Create and tune detections (e.g., SIEM/SOAR, EDR) using intelligence signals (TTPs, behaviours, YARA/Sigma where applicable).
  • Produce and present consumable intelligence outputs (e.g., flash alerts, threat overviews, executive briefs) tailored to technical and non‑technical stakeholders.
  • Contribute to vulnerability/threat surfacing (e.g., emerging CVEs, exploit trends) and advise on risk‑based prioritisation.
  • Deliver actionable incident and hunting metrics to management; assess detection coverage and recommend improvements.
  • Follow the end‑to‑end incident response lifecycle and support post‑incident lessons learned with intelligence‑driven enhancements.
  • Build an understanding of key S&P technology, systems and business practices to contextualise threats and drive pragmatic defences.
  • Participate in information‑sharing activities (e.g., FS‑ISAC submissions) in line with TLP and legal/compliance requirements.

Qualifications

  • Working knowledge of common cyber attacks, tools and attacker tradecraft; ability to map activity to MITRE ATT&CK and articulate likely TTPs.
  • Demonstrated experience handling security events in critical environments and applying intelligence to accelerate triage and response.
  • Experience analysing system, application and cloud/SaaS logs to investigate security and operational issues; comfort enriching with IOCs and behaviours.
  • Hands‑on experience with a SIEM (Splunk preferred) for investigations, alert creation, reporting and threat hunting.
  • Ability to produce clear, actionable intel and incident reports, including executive‑ready summaries and visuals.
  • Familiarity with threat intel workflows: collection planning, source evaluation, indicator lifecycle, PIRs, TLP and feedback loops to detections.
  • Experience with one or more TIPs or intel data sources (e.g., MISP, OpenCTI, Recorded Future) and STIX/TAXII concepts.
  • 3+ years of information security experience with a focus on incident response, threat hunting or threat intelligence.
  • Excellent communication skills for varied business and technical audiences; strong presentation skills.
  • Comfortable working in a fast‑paced environment; passion for cyber security.
  • Advanced knowledge of network protocols (TCP/IP, HTTP) and operating systems.

Preferred Qualifications

  • Experience in the financial services industry.
  • Familiarity with threat hunting techniques (hypothesis‑driven, ATT&CK‑aligned, behaviour‑based).
  • Windows and Linux administration tools and concepts.
  • Understanding of threat actors and the cyber‑crime ecosystem, including initial access vectors, monetisation paths and supply‑chain/SaaS attack patterns.
  • Exposure to malware/TTP analysis at a functional level and creation of detections (e.g., Sigma/YARA) is a plus.
  • Experience producing finished intelligence products (tactical through executive) and briefing senior stakeholders.
  • Relevant certifications (e.g., GCTI, GCFA/GCFR, GCIH, FOR578) or equivalent experience.
  • Familiarity with information‑sharing standards and practices (FS‑ISAC, TLP) and legal/compliance considerations.
  • Knowledge of cloud provider threat models and telemetry (AWS, Azure, GCP, M365/SaaS).
  • Second language and/or geopolitical awareness for actor context is a plus.

Benefits

  • Health & Wellness: health care coverage designed for the mind and body.
  • Flexible Downtime: generous time off to keep you energized.
  • Continuous Learning: access to a wealth of resources to grow your career and learn valuable new skills.
  • Invest in Your Future: competitive pay, retirement planning, a continuing education program with a company‑matched student loan contribution and financial wellness programmes.
  • Family Friendly Perks: benefits for partners and children, including best‑in‑class perks for families.
  • Beyond the Basics: retail discounts, referral incentive awards and other perks.
  • For more information on benefits by country visit S&P Global Benefits.

Equal Opportunity Employer

S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US candidates only: Know your rights: workplace discrimination is illegal.

#J-18808-Ljbffr…

Posted: June 6th, 2026
Popular Searches
Jobs by Sector
Jobs by Location

Admin jobs | Airport jobs | Amazon Driver jobs | Amazon Warehouse Operative jobs | Apprentice Electrician jobs | Apprenticeship jobs | Bricklaying jobs | Business Analyst jobs | Business Development Manager jobs | Care Assistant jobs | Care Home jobs | Caregiver jobs | Civil Service jobs | Class 1 Driver jobs | Cleaner jobs | Cleaning jobs | Council jobs | Cyber Security jobs | Data Analyst jobs | Data Entry jobs | Data Scientist jobs | Delivery Driver jobs | Digital Marketing jobs | Driver jobs | Driving jobs | Electrician jobs | Graphic Designer jobs | Healthcare Assistant jobs | HGV Class 2 Driver jobs | HGV Driver jobs | HGV jobs | HGVClass 1 Driver jobs | Hospital jobs | Housing jobs | Immediate Start jobs | It Consultant jobs | It Support jobs | Jobs for 16 Year Olds | Joiner jobs | Labourer jobs | Management jobs | NHS jobs | Night Shift jobs | Offshore jobs | Online jobs | Paralegal jobs | Personal Assistant jobs | Project Manager jobs | Receptionist jobs | Sales Assistant jobs | Scrum Master jobs | Security Guard jobs | Security jobs | Security Officer jobs | SEO jobs | Support Worker jobs | Teaching Assistant jobs | Van Driver jobs | Warehouse jobs | Warehouse Operative jobs | Web Designer jobs | Weekend jobs | Work From Home jobs

Accountancy jobs | Administration jobs | Advertising jobs | Aerospace jobs | Apprenticeships jobs | Automotive jobs | Banking jobs | Call Centre jobs | Catering jobs | Charity jobs | Construction jobs | Creative jobs | Customer Service jobs | Digital jobs | Education jobs | Engineering jobs | Finance jobs | FMCG jobs | Graduate jobs | Healthcare jobs | Hospitality jobs | HR jobs | Insurance jobs | IT jobs | Legal jobs | Leisure jobs | Logistics jobs | Management Consultancy jobs | Manufacturing jobs | Marketing jobs | Media jobs | Nursing jobs | Oil and Gas jobs | PA jobs | Part time jobs | Pharmaceutical jobs | PR jobs | Property jobs | Public Sector jobs | Recruitment Sales jobs | Renewable Energy jobs | Retail jobs | Sales jobs | Science jobs | Secretarial jobs | Senior Appointments jobs | Social Work jobs | Teaching jobs | Telecoms jobs | Temporary jobs | Tourism jobs | Transport jobs | Travel jobs | Utilities jobs | Wholesale jobs

Jobs in Aberdeen | Jobs in Belfast | Jobs in Birmingham | Jobs in Bolton | Jobs in Bournemouth | Jobs in Bradford | Jobs in Bristol | Jobs in Cambridge | Jobs in Cardiff | Jobs in Cornwall | Jobs in Coventry | Jobs in Derby | Jobs in Devon | Jobs in Doncaster | Jobs in Dundee | Jobs in East Anglia | Jobs in East Midlands | Jobs in Edinburgh | Jobs in Essex | Jobs in Exeter | Jobs in Glasgow | Jobs in Hull | Jobs in Inverness | Jobs in Ipswich | Jobs in Isle Of Wight | Jobs in Kent | Jobs in Leeds | Jobs in Leicester | Jobs in Liverpool | Jobs in London | Jobs in Luton | Jobs in Manchester | Jobs in Middlesbrough | Jobs in Milton Keynes | Jobs in Newcastle Upon Tyne | Jobs in Newport, Gwent | Jobs in North East | Jobs in North West | Jobs in Northampton | Jobs in Northern Ireland | Jobs in Norwich | Jobs in Nottingham | Jobs in Peterborough | Jobs in Plymouth | Jobs in Reading | Jobs in Scotland | Jobs in Sheffield | Jobs in South East | Jobs in South West | Jobs in Southampton | Jobs in Stoke On Trent | Jobs in Sunderland | Jobs in Surrey | Jobs in Swansea | Jobs in Swindon | Jobs in Telford | Jobs in Wales | Jobs in Wolverhampton | Jobs in Wrexham | Jobs in York | Jobs in Yorkshire