Security Threat Intelligence Analyst

Why we're hiring:

The Security Threat Intelligence Analyst provides operational, tactical, and strategic intelligence to support WPP’s detection engineering, incident response, threat hunting, and vulnerability management functions. Aligned to the ASO pillars (Assess, Safeguard, Operate), this role analyses threat data, adversary behaviour, emerging TTPs, and industry developments.

What you'll be doing: 

• Threat Intelligence Collection & Analysis (Assess)
  • Monitor external threat data sources and industry feeds.
  • Evaluate intelligence for accuracy, reliability, and relevance.
  • Produce tactical and operational intelligence outputs.
• Threat Contextualisation & Safeguarding Support (Safeguard)
  • Identify and analyse threats targeting WPP infrastructure.
  • Support detection engineering with TTP insights.
  • Assist in threat-led vulnerability prioritisation.
• Operational Enablement & Cross‑Function Collaboration (Operate)
  • Partner with SOC, IR, Threat Hunting, and VM teams.
  • Produce intelligence reports for internal stakeholders.
  • Maintain indicator repositories (IOCs, hashes, domains).
• Research & Strategic Intelligence Development
  • Conduct research into emerging threats, malware, and campaigns.
  • Develop strategic threat assessments.
• Knowledge Management & Documentation
  • Maintain structured documentation of intelligence processes.
  • Ensure intelligence artefacts are stored and retrievable.

What you'll need:

• Essential:
  • 3+ years operational experience in CTI or SOC.
  • Strong analytical skills.
  • Proficiency with CTI frameworks (MITRE ATT&CK, kill chain).
  • Ability to translate technical threat data into business insight.
• Desirable:
  • GCTI, GREM, GCFA, GCIH certifications.
  • Experience supporting detection engineering or threat hunting.
  • Knowledge of ISO 27001 and WPP standards.

Who you are: