American Express Careers

Cyber Threat Intelligence Analyst

Brighton, United Kingdom; London, United Kingdom
Digital Commerce Technology

Apply Get Referred

Job Description

Anyone can have an innovative idea. Here they get heard.


The Threat Intelligence Analyst is responsible for providing intelligence analysis in order to identify threats and to quantify vulnerabilities leveraged by those threats, developing timely and actionable alerts, briefs, and analytical assessments. Focusing on threats originating in information technology environments, the Threat Intelligence Analyst will produce actionable information in a clear and concise manner. The individual will report top threats to American Express Financial Technologies by providing awareness, indications, warnings, and operational readiness briefings.


American Express’ Fusion Center protects its brand, global business operations, technology infrastructure, and client trust against cyber threats worldwide. This position will support the Fusion Center, as well as take a key role in third-party engagement in the UK. This third-party engagement will require the individual to work two days a week off-site (London) embedded with a third-party organization. In this position the Threat Intelligence Analyst is expected to:

  • Analyze, process, and compare data to produce intelligence products.
  • Identify credible, new intelligence, and subject matter resources relative to current and emerging threats.
  • Author assessments on cyber threats, attacks, and incidents of interest to American Express.
  • Provide subject matter expertise on cyber threats to support current analytic operations and initiatives.
  • Work with third parties developing shared intelligence.


  • Perform open source threat collection and analysis activities identifying indications of cyber threats, malicious code, malicious websites, and vulnerabilities through automated and manual analysis using existing and purpose-built tools. 
  • Identify credible, new intelligence, and subject matter resources relative to current and emerging threats.
  • Provide subject matter expertise on cyber threats to support current analytic operations and initiatives.
  • Create written and verbal intelligence products for internal American Express customers to assist in proactively addressing threats.  
  • Develop and present key findings to senior leadership.
  • Demonstrate professionalism and excellent communication skills when representing American Express in third-party relationships.

This position will be in London two days a week and in Brighton 3 days a week for the first 6-12 months and then Brighton full time.


Offer of employment with American Express is conditioned upon the successful completion of a background verification check, subject to applicable laws and regulations.


  • Knowledge of common security controls, detection capabilities, and other practices and solutions for securing digital environments. This knowledge should include an understanding of packet flows, TCP and UDP traffic, firewall and proxy technologies, anti-virus, intrusion detection and prevention systems, as well as other host-based monitoring, email monitoring, and anti-spam technologies.
  • Experience in analyzing malware, hacking tools, and threat actor tactics, techniques and procedures to characterize threat actors’ technical methods for accomplishing their missions.
  • Understanding of what information or assets are of value to threat actors and how organizations are breached.
  • Understanding of modern technical security controls (i.e. firewalls, SIEMs, IPS, HIPS, web proxies).
  • Must have strong verbal and written communication skills, interpersonal collaborative skills, and the ability to communicate security and risk-related concepts to technical and non-technical audiences.
  • Can apply a variety of structured analytic techniques to generate and test a hypothesis, assess cause and effect, challenge analysis, and support decision making.
  • Basic understanding of forensic analysis on and data captures from networks (packet capture), hosts (volatile/live memory), electronic media, log data, and network devices in support of intrusion analysis or enterprise level information security operations.
  • Should have working knowledge in one or more of the following areas:
    • Nation State Threat Actors
    • Cyber Crime
    • Extremist Groups and Cyber Terrorists
    • Hacktivism
    • Distributed Denial of Service Attacks
    • Fraud
    • Malware
    • Emerging Threats
    • Social Engineering
  • Previous experience as a Military Threat Operations team member, Security Researcher, Cyber Threat Researcher, or Cyber Crime Investigator preferred.
  • Experience in one or more of threat intelligence or security operations.
  • Possesses the ability to review information to determine its significance, validate its accuracy and assess its reliability.
  • Bachelor's degree or equivalent combination of education and experience preferred.
Why American Express?

Talk to our people and you’ll find out what we’re really all about. Open, creative, risk-taking, collaborative and innovative are just some of the expressions you’ll hear. It’s our culture that makes American Express an outstanding place to work, and a big part of why we regularly win best workplace awards all over the world including recognition amongst the World’s Best Multinational Workplaces by Great Place to Work and Glassdoor’s 2017 Best Places to Work. If you’re ready to take on a challenge and make an impact, you owe it to yourself to launch or grow your career here.

A competitive benefits offering designed to support our employees’ total health and wellbeing, including:

  • Health care scheme
  • Defined contribution pension plan
  • Dental scheme
  • Virtual GP
  • Life assurance
  • Income protection
  • Core holiday allowance with opportunity to buy or sell additional days
  • A range of flexible benefits to choose from designed to suit your lifestyle: healthcare plan options, health assessments, critical illness coverage, cycle to work, season ticket loans
  • Employee Discount Portal
  • Back up childcare/adultcare
  • Onsite facilities include; Fitness classes, Health Checks, Digital Health Kiosk, Physiotherapy, Healthy Living Nurse, Wellness Studio, Costa Coffee and subsidised staff restaurant


To complete your application please click on the links below. However, if you require any assistance with the completion of this process – or need any reasonable adjustments to be made – then please contact the Recruitment Team on or 00800 83 000038 (for Russia based candidates 810 800 83 000038).

ReqID: 18007077
Schedule (Full-Time/Part-Time): Full-time
Apply Get Referred