Cyber Threat Intelligence Manager - Tactical & Operational

About the OpportunityJob Type: Permanent

Application Deadline: 30 April 2025

Job Description

Title                  Cyber Threat Intelligence Manager - Tactical & Operational

Department       FIL – Cyber Defence Operations

Location           Kingswood, Surrey

Reports To       Senior Technical Consultant - CDO

Level                5

We share a commitment to making things better for clients and each other. We continually explore new technology and different ways of working to put our clients first. So bring your boldest ideas to our Cyber Defense Operations team and feel like you’re making progress.

About your team

Technology function across FIL is responsible for all global aspects of Technology, Digital, Cybersecurity, and Innovation. Fidelity is a value-driven, customer-obsessed organization and in Technology we are fortunate to play a direct role in helping our clients with one of the most important aspects of their lives – their financial well-being.

Within the Technology function is our Global Cyber & Information Security (GCIS) that operates enterprise security services and controls. These are designed to mitigate Cyber and Information Security risks ensuring that Fidelity's business operates securely. The Technical Cybersecurity teams monitor both the internal and external threat environment, responding to security alerts and events in close to real time, as well as providing security assurance and access management services across the enterprise technology and business environment. Our global innovative Cyber Defence Operations team sits within GCIS and provides proactive, cutting-edge solutions to protect clients’ digital assets and infrastructure against evolving cyber threats.

About your role
The successful candidate will be experienced in Threat Intelligence, managing multiple sources of security information, and turning this information into actionable information for our global stakeholders and technical teams. This is a critical role expected to build and maintain relationships inside and outside of the organisation and help to shape and mature our Cyber Defence and wider business security strategy.

The successful candidate will be comfortable working with stakeholders at all levels, performing comprehensive threat assessments and able to view cyber threats at a global level. The successful candidate will be able to demonstrate understanding of MITRE attack techniques, threat groups TTP’s and an understanding on how best to represent and prioritise these threats in a large organisation. The role will be supported by a global team of detect and respond analysts who are looking at this role to provide them with high efficacy information and IOC’s. It will also be supported by a strong security leadership team who are keen to mature our in-house threat intelligence capability underpinned by our investment in leading security tooling. Our leadership team will be looking at this role to assist in prioritising defensive spend to make sure we continue to provide a secure service to our clients.

About you

Key Responsibilities

The Cyber Threat Intelligence Manager - Tactical & Operational will be responsible to:

• Regularly assess and ensure we understands our top threat actors and groups.
• Ensure our operational security teams are provided with actionable information.
• Proactively research and collaborate to implement mitigations against impending attacks.
• Work with stakeholders at all levels to make our security risks discovered through threat intelligence are communicated.
• Deliver continual requirements to improve our threat intelligence strategy and capabilities within this area.
• Lead on harnessing and developing our Threat Intel Platform to contribute to our Threat Led approach.
• Create continuous improvement loops with security teams including operations, vulnerability management etc.
• Represent us (and provide input) at open and closed industry forums.
• Working with our existing threat intelligence providers create new and innovative methods to identify interesting and unusual data e.g., through automated scraping of known malicious forums.

Experience and Skills Required

• Experience and strong understanding of Cyber threat groups, TTP’s (including relation to MITRE attack) and motivations behind these groups.
• Competent in a scripting language, preferably Python.
• Experience creating or continually improving a threat intelligence platform.
• Strong reporting ability, with an understanding on how to tailor reports to different audiences.
• Comprehensive understanding of how threat intelligence differs at a tactical, operational, and strategic level.
• Familiarity with automation technologies
• Understanding of how raw security data can flow between technologies and be manipulated to provide useful security information.
• Experience in Cloud environments would be desirable.
• Strong communication skills with evidence of being in a position responsible for communicating technical issues to non-technical users, such as formal stakeholder engagement/communications.
• Banking or Finance industry related experience desirable
• Security Certification like CISSP, GCTI, CPTIA, CCTIM or equivalent preferred.

Feel rewarded

For starters, we’ll offer you a comprehensive benefits package. We’ll value your wellbeing and support your development. And we’ll be as flexible as we can about where and when you work – finding a balance that works for all of us. It’s all part of our commitment to making you feel motivated by the work you do and happy to be part of our team. For more about our work, our approach to dynamic working and how you could build your future here, visit careers.fidelityinternational.com.

For more about our work, our approach to dynamic working and how you could build your future here, visit careers.fidelityinternational.com.

As an international financial services organisation, we are in-scope of international regulations in the way that we carry out our work. This position is involved in work that is regulated by the FCA and/or the PRA and their Individual Conduct Rules (COCON) apply to it, along with any other regulation. We provide training on COCON and how it affects our employees. More information about COCON can be found in the Employment Handbook