Portfolio Jobs
Want to work with a fintech focused on creating a fair finance system? Check out these job openings across the globe.
Senior CTI Analyst
gsma
IT
London, UK
Posted on Dec 19, 2025
Department: Technology
Team: Security
Location: London with hybrid ways of working
Position type: Day Rate Contract, until end of 2026 (via Umbrella only)
What the hiring manager says
This is a role for someone who wants to make a real, global impact in telecom security from day one. Within GSMA’s T-ISAC, you’ll sit at the centre of international collaboration, helping our members stay ahead of constantly evolving cyber threats. We’re looking for a Senior Cyber Threat Intelligence Analyst who combines deep technical expertise with the ability to think strategically, share knowledge and elevate those around them. You’ll lead meaningful threat assessments, turn intelligence into clear, actionable recommendations and play a vital role in shaping and validating our T-ISAC improvement programme.
If you thrive on working with cutting-edge intelligence platforms, enjoy mentoring others and want to help mature a global security community, this is an opportunity to truly influence the future of telecom security.
Agwu Nwoke, Industry Security Programme Director
About the Team
The GSMA Industry Security Team is the mobile industry’s focal point for the mobile network security. The team is responsible for coordinating GSMA member security working groups, leading industry wide security initiatives and engaging with global regulators to ensure security is an enabler and not a barrier to next generation mobile services.
The team is responsible for a number of industry wide Cybersecurity schemes including:
Telecommunications Information Sharing and Analysis Center (T-ISAC).
Mobile Co-ordinated Vulnerability Disclosure (CVD).
Network Equipment Assurance Scheme (NESAS).
Working specifically in T-ISAC, as a Senior Cyber Threat Intelligence Analyst, you will drive innovation, foster collaboration and play a pivotal role in safeguarding the telecommunication mobile ecosystem. If you are a seasoned professional with a passion for cybersecurity and intelligence, T-ISAC invites you to join our global team in securing the future of mobile security. The team also undertakes industry research, analysis and event activities both independently and in partnership with other GSMA teams and GSMA member working groups.
For more information about GSMA T-ISAC, visit www.gsma.com/T-ISAC.
About the Role
You will be responsible as the technical expert in building, designing and delivering T-ISAC infrastructure and tooling. This will enable streamlined integration with other platforms to enhance the ease and encourage an increase of information sharing between our T-ISAC members. You will have knowledge of application development, security best practices, security operations, cyber threat intelligence and experience supporting key security technologies such as TIP, SIEM, EDR, XDR and SOAR; familiarity with MISP and OpenCTI. The successful candidate will also input their technical expertise into new projects/Proof of Concepts which could provide value with T-ISAC and the wider ecosystem.
Key Responsibilities
Identify and develop tools to facilitate effective collection, sharing and analysis of cyber threat related data.
Develop secure technical solutions that improve efficiency and the security services.
Produce high-quality analytical cyber reports to a range of stakeholders; members, internal GSMA staff and leadership team. Analyse complex, multi-source intelligence related to telecommunication industry threats and develop strategic recommendations.
Serve as the primary author and reviewer for in-depth intelligence reports, briefings and advisories for T-ISAC members and leadership.
Guide junior analysts, fostering skill development and ensuring adherence to intelligence best practices.
Facilitate member engagement through threat calls, workshops and industry events, presenting intelligence insights at a deep technical level.
Collaborate with cyber threat analysts worldwide from other information sharing entities, including T-ISAC member cyber threat teams and threat sharing platform developers
Collaborate with external intelligence organisations, government entities and private sector partners to enrich T-ISAC’s intelligence capabilities.
Evaluate emerging security trends and their implications for telecommunication stakeholders, MNOs, MVNOs and industry members providing forward-looking guidance.
Represent T-ISAC at international conferences, partner engagements and events, advocating for collaborative cybersecurity practices.
Conduct thorough assessments of the current platform including its services, functionality, technology stack and architectural design.
Identify existing gap and limitations to define the ideal target operating model that aligns with industry best practices, meets the evolving needs of the MNO members and supports effective threat intel sharing and collaboration.
Develop the technical roadmap to transition from the current state to the target operating model in alignment with the overall T-ISAC strategy.
Lead, drive and implement the strategic steps, technical developments and enhancements, organisational changes and integrations required to transition from the current state to the envisioned future-state platform that is fully opearable and seamlessly integrated within the existing architecture and environment.
About You
You will bring enthusiasm and ownership to this specialised senior role in cyber threat intelligence analysis, joining a dynamic and ambitious team. Your drive will be key to transforming bold ideas into impactful programmes and seeing them through to successful delivery.
You will have proven knowledge and expertise in Intelligence, Cybersecurity, Data Analytics, or a related field (equivalent experience will be considered), as well as experience working with ISACs or other information-sharing organisations.
About your skills
You will have:
Essential
Experience in cybersecurity intelligence, including collection, analysis and dissemination.
Experience of using collaborative open source tools as part of your analysis and research processes.
Deep understanding of Nation-State Actors, Cyber Crime, Hacktivism and advanced threat actor tactics, techniques and procedures (TTPs).
Experience of building and implementing intelligence platforms e.g. OpenCTI.
Strong analytical, critical thinking and problem-solving skills.
Desirable
Expertise in working with mobile data, protocols and technology such as, but not limited to SS7, MOTIF, HRN, IRSF, GTs.
Knowledge of mobile network architectures and services.
Understanding of mobile network and services, threat landscape and the common attacks to which they are exposed.
Comprehensive understanding of telecommunication industry operations and challenges.
Proven leadership and mentoring skills within an intelligence team.
Preferable
Expertise in using and applying the Mitre ATT&CK® framework, MISP, OpenCTI, Meta, EclecticIQ, Governments, Law Enforcement and other COIs (national and international) for threat analysis and strategy development.
Exceptional verbal and written communication skills, with a track record of presenting to executive audiences.
Ability to work collaboratively in a virtual, distributed team environment.
Contract type
Short term ContractorWorker type
Contingent WorkerWhat We Offer
Working at the GSMA offers you unparalleled access to the mobile industry. We offer a chance to truly shape the direction of mobile, whatever your role. By joining the GSMA, you will be exposed to a fast-paced rapidly evolving environment, working on global solutions, genuinely fascinating and industry-changing projects and a stimulating and dynamic environment designed to enable you to flourish.
In addition to architect-designed offices and competitive compensation, our benefits include fantastic learning & development opportunities, generous holiday allowances, four additional days off for professional development and many others.
To learn more about the GSMA, visit our career site, our LinkedIn page and our Twitter page.
Being You at the GSMA
We care deeply about diversity, equity and inclusivity and aspire to be the best at it. Your well-being and work/life balance is important, so flexi-time and remote working is available to all staff. We're keen to ensure everyone is equal, represented and connected so we particularly encourage applications from all demographics. The sucess of the GSMA year on year will continue to be contributed by people from all walks of life.
GSMA Values
Our values not only drive our culture – they shape how we work and interact inside and outside our global organisation.
Passionately driven
We approach everything we do with unparalleled capability, tenacity and commitment, knowing that the challenging scale, pace and complexity of our work is what leads to its world-changing impact.
Insightful leaders
We continually develop and engage our expertise, insight and creativity so that we’re always ready to respond to the changing landscape with authority, agility and nuance.
Stronger together
We lean on each other so the industry can lean on us, embracing our diversity by actively seeking out perspectives and skill sets beyond our own, fuelling each other’s successes and constantly asking how we can help.
Underpinning our values is our collective mindset to show up purposefully as good human beings every day, in every situation. When we’re at our best – we are collaborative, considerate and compassionate to others, and we create a safe space for one another to thrive, assuming positive intent in our colleagues. And if we aren’t at our best and the pressure is on – we feel free to be ourselves but still remain curious, lean into the tough stuff and we are always respectful to others and accountable for the part we play.