Lead, Threat Intelligence
 NY (New York)
With offices in London, New York, Manchester, Istanbul, Gurgaon, Bengaluru, Shanghai, Singapore and Hong Kong, OakNorth is the next-generation credit platform that’s redefining lending to small and medium-sized businesses globally.

OakNorth was set up in 2015 by Rishi Khosla and Joel Perlman, who previously co-founded Copal Amba and grew it to 3,000 employees over 12 years, before selling it to Moody’s (NYSE: MCO) in 2014, returning 125 times capital to seed investors.

Since its inception, OakNorth has secured over $1bn from several investors, including: Clermont Group, Coltrane, EDBI of Singapore, GIC, Indiabulls, NIBC, Toscafund, and SoftBank’s Vision Fund.

In the UK, the platform has helped us build a profitable loan book (via OakNorth Bank) of over £4bn and secure over £600m of repayments. In terms of the impact this has had on the economy, OakNorth Bank’s loans have directly helped with the creation of 10,000 new homes and 13,000 new jobs in the UK, as well as adding several billion pounds to the economy. Globally, the platform has been deployed at various banks across North America, Europe, and Asia.

Today, the global team is made up of almost 730 people.

An exciting opportunity with the OakNorth Cyber Security team has just opened, offering candidates a unique opportunity to contribute to the ambitious challenge to become a force for change in information security. We are actively seeking a Lead Threat Intelligence Analyst to create and grow a cutting-edge solution to contextualize emerging threats, augment incident response operations, and provide strategic insights into the evolving threat landscape.

The ideal candidate will exhibit strong creative problem-solving skills in a fast-paced environment, demonstrate technical expertise in threat analysis, and understand the conceptual impact of intelligence in security operations. As a senior contributor to Cyber at OakNorth, applicants should demonstrate the capability to execute major projects end-to-end in alignment with the strategic imperatives of our Cyber Strategy. A successful Lead Threat Intelligence Analyst needs to be able to challenge assumptions, aspire to exceed expectations, and gracefully adapt to the needs of a rapidly growing organization.

You will:

  • Provide strategic direction and ownership for Threat Intelligence within the multi-functional contexts of application security, incident response, digital forensics, and security analytics.
  • Demonstrate leadership in collaborative projects with a global team to implement intelligence-driven tooling, maximizing value through automation and integration.
  • Review, assess, and derive actionable threat intelligence from multiple open-source, commercial, and private sources to produce deliverables for both technical and executive audiences.
  • Drive production of tactical detection and threat hunting processes to align with industry standard frameworks and risk perspectives (e.g. NIST, MITRE ATT&CK, Cyber Kill Chain).
  • Provide support to incident analysis and response via intelligence tradecraft, advanced investigation skills (e.g. memory/network analysis, reverse engineering), and overall analytic engine capabilities.
  • Explore emerging cyber capabilities through research of next-generation analytics, machine learning techniques, and graphical relationship models.

You have:

  • One or more of the following certifications: SANS GCTI, SANS GCIA, SANS GREM, SANS GNFA, OSCP, CISSP, or similar.
  • Developed understanding of networking and security principles, including TCP/IP, attacker methodologies, exploit development, cryptography, and malicious code.
  • Expertise in tools, techniques, and procedures consistent with both routine cybercriminals and advanced adversary attacks using the cyber kill chain and diamond model.
  • Understanding of the distinction between data, information, and intelligence as it applies to real-world cases.
  • Aptitude with programming/scripting (C, Java, Python, x86 asm, Perl, Go, Ruby, PowerShell, etc). to resolve outstanding information security puzzles and challenges. At least one known programming language should be fully object oriented.
  • Understanding of fundamental computer science algorithms, concepts, and applications.
  • Knowledge of all security fundamentals, how they apply in real world situations, and how to gauge control effectiveness.
  • Excellent communication skills, particularly written communication, and a desire to bridge communication gaps between team members, the team and management, and with the larger security community.
  • Familiarity with risk profiles specific to banking and fintech organizations, including emerging threats, classes of attack, and ongoing campaigns.
  • Proficiency with security operations and intelligence tooling, such as next-generation SIEMs, threat intelligence platforms, link analysis tools, and OSINT research platforms.
  • Experience leveraging threat intelligence principles in strategic and tactical applications to deliver actionable high-level insights, support real-time intrusion events, and advise vulnerability management operations.
  • Experience with utilizing application programming interfaces to retrieve and store information, manipulate data formats, and facilitate tool communication.
Thank you very much for your interest in OakNorth. We are happy to consider you for roles within our group of companies. If we can identify a match between your skill set and our immediate recruiting needs, please expect to hear from us very soon. If we are unable to identify a fit in the near term, please note that we intend to retain the data you send to us so we may contact you in the future.

For more information regarding our Privacy Policy and practices, please visit: https://www.oaknorth.com/privacy-notice/employees/