The Cyber Intelligence Specialist will play a key role in safeguarding EMR's digital infrastructure as part of our Critical National Infrastructure (CNI) environment.
This role is responsible for identifying, assessing, and mitigating cybersecurity risks, as well as developing and implementing security frameworks and solutions.
The successful candidate will proactively monitor threats, manage incident response, enhance threat intelligence capabilities, and ensure cyber resilience across the organisation and its customer environment.
Key Responsibilities:
Threat Detection & Monitoring
Continuously monitor networks, systems, and applications for suspicious activity and cyber threats.
Analyse and investigate security alerts, escalating as required.
Incident Response & Recovery
Lead and support incident response activities to minimise disruption and recovery times.
Conduct forensic investigations, root cause analysis, and incident reporting.
Vulnerability & Risk Management
Perform vulnerability assessments, penetration testing, and regular security audits.
Identify potential risks and recommend mitigation strategies and security enhancements.
Security Engineering
Design, configure, and maintain security tools and infrastructure (e.g., firewalls, IDS/IPS, endpoint protection, VPNs).
Enhance secure network and cloud architectures across hybrid environments.
Compliance & Governance
Develop and enforce cybersecurity policies, standards, and procedures.
Ensure compliance with regulatory and industry frameworks (GDPR, ISO *****, NIS2).
Maintain audit readiness and contribute to cyber risk reporting.
Cyber Threat Intelligence
Collect, analyse, and interpret threat intelligence to inform proactive defence strategies.
Collaborate with internal teams, suppliers, and customers to exchange intelligence and support remediation.
Security Awareness & Training
Support cyber awareness programmes to reduce human risk.
Create training materials and deliver workshops on security best practices.
Essential Technical Skills & Experience:
Degree in Cybersecurity, Computer Science, Information Security, or related field (or equivalent experience).
Demonstrated experience in a cybersecurity role, such as SOC Analyst, Threat Intelligence Analyst, or Incident Responder.
Hands-on experience with security platforms such as SIEM (e.g. Splunk, QRadar), IDS/IPS, firewalls, EDR/XDR.
Strong understanding of network security, encryption, authentication, and security protocols.
Knowledge of threat intelligence frameworks (e.g. MITRE ATT&CK).
Experience with vulnerability management tools and methodologies.
Familiarity with compliance frameworks (GDPR, ISO *****, NIS2).
Desirable Skills & Certifications:
Cybersecurity certifications such as:
CISSP (Certified Information Systems Security Professional)
CEH (Certified Ethical Hacker)
CompTIA Security+ or CySA+
CISM (Certified Information Security Manager)
Experience in cloud security (AWS, Azure, GCP) and secure DevOps practices.
Knowledge of scripting (Python, PowerShell, Bash) for automation and analysis.
Interpersonal & Professional Skills:
Strong written and verbal communication skills; able to engage across all organisational levels.
Ability to build effective relationships with stakeholders and third parties.
Analytical mindset with excellent problem-solving capability.
High attention to detail and professional integrity when handling sensitive data.
Able to prioritise effectively and perform under pressure.
Proactive, team-oriented, and driven by continual improvement.