Rodeo
ResourcesPartnersSign in

S-RM

Analyst, Cyber Threat Intelligence

London
Posted 2 months ago
Sign up to applySee more jobs like this

How your CV stacks up

1Upload CV
2Analyse CV
3Improve CV

Upload your CV to see how well it fits this job role

?%

Who we are

S-RM is a global intelligence and cyber security consultancy. Since 2005, we've helped some of the most demanding clients in the world solve some of their toughest information security challenges.

We've been able to do this because of our outstanding people. We're committed to developing sharp, curious, driven individuals who want to think critically, solve complex problems, and achieve success.

But we also know that work isn't everything. It's about the lives and careers it helps us build. We're immensely proud of this culture and we invest in our people's wellbeing, learning, and ideas every day.

We're excited you're thinking about joining us

Working in Cyber at S-RM

Our Cyber Security division is the fastest-growing part of S-RM. The cyber sector is always evolving, and our Incident Response and Managed Services practices are in more demand than ever.

We're building a team to meet this challenge. We're quick to respond, innovate, and improve. We don't get too hung up on hierarchy or bureaucracy. If your ideas are good enough, we'll empower you to implement them. If you're the best person to talk to a customer, you'll get that opportunity, regardless of the title in your email signature. And when you need a hand, your team will always have your back.

We also don't believe there's a typical cyber security professional. We've built a team of intelligence analysts, technical specialists, software developers, investigators, risk managers, and more. You'll always find a range of perspectives and expertise to help you learn and grow.

If that sounds like your kind of team, we'd like to hear from you.

The role

Cyber Threat Intelligence (CTI) is an integral part of our Incident Response (IR) and Managed Services practices. As a CTI analyst you will be a critical part of our wider cyber team's success.

You will work across the full intelligence cycle to help our clients respond and recover to security incidents, and stay ahead of evolving threats, including:

  • Threat Actor Intelligence: You will track developments in the ransomware and cybercrime ecosystem, and write and update profiles on key threat actors of interest which will be shared with clients to inform case strategy and externally as thought leadership
  • Threat Actor Engagement: You will monitor leak sites and negotiation portals across our global IR cases, and inform case leads of regular developments. You will assist with researching and drafting attestations on sanctions exposure for given threat actors
  • Dark Web Monitoring: You will use threat intelligence platforms and specialist tools to conduct targeted research the dark web and set up and deliver regular monitoring engagements. You will assist with renewals of these cases
  • Technical IOC Management: You will help collate technical indicators of compromise (IOCs) from across our global IR team, ensure these are enriched and correctly classified, and facilitate dissemination across the organisation to improve the operational effectiveness of our IR and Managed Services teams
  • Incident Data Collection and Analysis: You will help ensure that incident data collected by our global IR team from our engagements is accurate and consistent. You will assist with the management of this dataset, and with analysis to produce regular reporting on trends and insights to use for presentations, events and training sessions
  • CTI-lead analysis: You will assist with in-depth investigations which have a strong threat intelligence component, including conducting research and drafting client-facing reports
  • Blockchain analysis: You will use specialist tools to trace ransom payments to identify sanctions exposure or other compliance risks, and draft reports to present findings to clients
  • Thought leadership: You will contribute to public write ups and presentations on new vulnerabilities, trends, and threat actor techniques
  • Help develop and share domain expertise: We will support you in growing your cyber expertise, including sharing it with the wider team through internal initiatives and programs.
  • Help contribute to business development: You will help cultivate and manage close relationships with external partners who we share intelligence with and help identify business development opportunities.

Reasons to use Rodeo

I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?

Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.

Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.

Start with a chat, not a search bar

Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.

P

Graduate Consultant — 2026 Scheme

PwC·London, UK
£35,000/yr

Why you're a good match

Strong

Your economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.

See breakdown
Save jobNot relevant
View details

It searches the market for you

Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.

Why you're a good match

You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.

See breakdown
Strong

Experience fit

Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.

See breakdown
Strong

Only hits

No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.

Other features of the role include:

  • Variety of casework: no day will be the same. Our team responds to a huge variety of incidents for both public and corporate clients.
  • Range of opportunities: you will have opportunities to broaden your security awareness into testing and advisory projects, in addition to deepening your cyber threat intelligence and incident response expertise.
  • Flexible working practices: responding to incidents can be intense, high-pressure work. We are mindful of our team's work/life balance and offer flexible working options to support your wellbeing.

What we're looking for

Candidates with the following qualifications and experience are likely to succeed as Cyber Threat Intelligence Analysts at S-RM.

That said, if you don't think you meet all of the criteria below but still are interested in the job, please apply. Nobody checks every box—we're looking for candidates that are particularly strong in a few areas and have some interest and capabilities in others.

We nurture a culture of equality, diversity and inclusion and we are dedicated to developing a workforce that displays a variety of talents, experiences and perspectives.

Required Skills:

  • Excellent written and verbal communication skills, with the ability to produce clear and concise reports.
  • Strong analytical and problem-solving skills, including the ability to work with incomplete, ambiguous, or conflicting information.
  • Understanding of foundational cyber concepts, such as common attack vectors (e.g., phishing, credential misuse), high-level security terminology, and general threat actor motivations.
  • Understanding of core intelligence concepts, including the intelligence lifecycle, requirements gathering, and the distinction between tactical, operational, and strategic intelligence outputs.
  • A demonstrated interest in cyber threats, including financially-motivated activity such as ransomware and extortion.

Get help with your application

Your very own career expert that helps elevate your application to the next level.

Get help applying for this job

Preferred Skills:

  • Academic or professional background in a research-focused discipline (qualitative or quantitative), such as Political Science, Intelligence Studies, Criminology, Cybersecurity, Computer Science, Data Science, or related fields.
  • Familiarity with cybersecurity fundamentals, such as threat actor TTPs, IOCs, and relevant frameworks (e.g., MITRE ATT&CK).
  • Ability to contextualize findings into business-relevant assessments, including potential impact, likelihood and recommended mitigations.
  • Experience using OSINT and/or Threat Intelligence platforms (e.g. VirusTotal, Shodan, MISP, Recorded Future).

Successful candidates are likely to show the following personal attributes:

  • An investigative mindset and an enthusiasm for investigations.
  • Exceptional attention to detail, especially when examining indicators, infrastructure data, and adversary behaviours.
  • A collaborative mindset and willingness to collaborate across teams.
  • Ability to thrive under pressure, prioritize multiple tasks, and meet short deadlines.
  • A self-starter, demonstrating initiative, ownership of work and the ability to identify opportunities to enhance S-RM's cyber capabilities.

Relevant industry certifications are not required for this role. However, holding relevant CTI or cyber security related certifications such as the following is beneficial: GCTI, GCFA, SSCP, or Security+

Our benefits

We offer thoughtful, balanced rewards and support to help our people do their best work and live their lives outside of work. This includes but is not exhaustive of:

  • 25 days holiday per year in addition to public holidays (+1 day for every year of service up to a maximum of 30 days in total);
  • Hybrid working and flexible working hours;
  • Matching pension contribution up to 7% (up to a maximum of 14% combined), and financial education;
  • Life Insurance 4X annual salary.

Parental Support:

  • Fertility treatment leave – 5 days of leave per cycle of treatment per year;
  • Maternity leave – 26 weeks of full pay followed by 13 weeks of half pay;
  • Paternity leave – 6 weeks of full pay.

Various Health and Medical Benefits including:

  • Medical insurance (taxable benefit) for you and your family;
  • Virtual GP for you and your family members that live in the same household;
  • EAP programme for you and your immediate family;
  • Free access to the world-famous mindfulness app

The application process

We want to get to know you, and for you to get to know us, to see if we'd be a good fit. We are responsive and respectful of people's time throughout our hiring process.

A typical application process includes:

  • Initial screening of your application by our recruiting team.
  • An interview to assess your baseline technical skills.
  • An interview to discuss your previous experience, broader competencies, and suitability for the role.
Trusted by 25,000+ job seekers

“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”

Jessica, London

Get help applying for this job

Skills

Written Communication
Verbal Communication
Analytical Skills
Problem-Solving
Cyber Concepts
Intelligence Concepts
Interest in Cyber Threats
Research Skills
Collaboration
Attention to Detail
Initiative
OSINT
Threat Intelligence Platforms
Business Assessment
Technical Indicators
Incident Response

Location

London, England, United Kingdom

Sign up to applySee more jobs like this