Cyber Threat Intelligence [CTI] - Manager

Company

KPMG UK

Location

United Kingdom

Posted At

8/18/2025

Disclaimer: Hunt UK Visa Sponsors aggregates job listings from publicly available sources, such as search engines, to assist with your job hunting. We do not claim affiliation with KPMG UK. For the most up-to-date job details, please visit the official website by clicking "Apply Now."

Description

Job details

Location: Aberdeen, Birmingham, Bristol, Cambridge, Cardiff, Edinburgh, Gatwick, Glasgow, Leeds, Liverpool, London, Manchester, Milton Keynes, Newcastle upon Tyne, Norwich, Nottingham, Plymouth, Reading, South Coast - Southampton, Watford

Capability: Advisory

Experience Level: Manager

Type: Full Time

Service Line: Technology & Data

Contract type: Permanent

Job Description

Cyber Threat Intelligence Manager - 107545

Base Location: Network of 20 offices nationally:

The KPMG Cyber function is a cornerstone of our business. Operating from locations across the UK we do work that matters, serving the country with diligence and expertise.

KPMG is one of the world's largest and most respected consultancies. We've supported the UK through times of war and peace, prosperity and recession, political and regulatory upheaval. We've proudly stood beside the institutions and businesses which make the UK what it is.

By encompassing a wide range of disciplines across a breadth of areas such as Customer Experience and Digital, Strategy, Forensic, Risk and Regulatory, People and Talent, and Operational and Financial Transformation, we become immersed in our clients' organisations, applying sector knowledge and technology solutions to deliver the best possible outcomes and get it right first time.

Why Join KPMG as a Cyber Threat Intelligence Manager?

The KPMG Cyber Response and Recovery Services (CRS) and Cyber Defence Services (CDS) teams are growing, and a requirement has been identified for a Cyber Threat Intelligence (CTI) Manager to lead our growing CTI team. The CTI manager role will report directly to the capability lead for Cyber Response and Recovery and work closely with the capability leads for both CRS and CDS. Cyber security is one of the areas which KPMG has identified for tremendous investment and growth. Our clients face a challenging cyber threat and look to us to help them understand and respond to that threat.

What will you be doing?

As KPMG’s CTI Lead and SME, you will lead and grow a multi-disciplinary threat intelligence team to develop and deliver CTI services to KPMG clients initially as a CDS and CRS service and enabler. With a long-term focus on integrating CTI processes within KPMG Cyber offerings including Cyber Risk and Cyber Strategy services.
Lead the design and oversee threat actor tracking programs and campaign monitoring aligned with client sectors and risk profiles.
Build and mature CTI capabilities in line with industry frameworks (e.g., MITRE ATT&CK, Diamond Model).
Use existing relationships with IC to establish and maintain relationships with threat-sharing communities (e.g., FS-ISAC, NCSC, JPCERT, ENISA).
Conduct business development activities to promote CTI services and promote revenue growth.
Identify and pursue opportunities to integrate CTI into other KPMG services such as CRI, Cyber Risk and Maturity Assessments, vulnerability management, TPRM.
Lead accreditation of the team to pursue opportunities in CBEST threat-led Red Team engagements.

What will you need to do it?

Current or eligible for SC or DV clearance for UK government client work.
CREST CTI Manager qualification or equivalent.
Demonstrable leadership experience building and managing CTI teams in high-risk organizations such as FS, CNI or healthcare, experience working in a large consultancy would be preferable.
In depth experience in intelligence roles within government and private sector, with a large part of that time spent in a CTI-focused role.
Deep understanding of threat actors, cybercrime ecosystems, and nation-state campaigns with deep expertise of at least one of the above.
STIX/TAXII, MITRE ATT&CK, and TIP/SIEM integration.

Skills we’d love to see/Amazing Extras:

Experience in intelligence-led threat modelling and risk prioritisation.
Familiarity with malware analysis, adversary infrastructure tracking, and TTP mapping.
Understanding of geopolitical threat contexts and regional cyber capabilities.
Knowledge of threat hunting methodologies and red/purple teaming concepts.
Experience supporting incident response or crisis communications.
Language skills (e.g., Russian, German, Mandarin, Arabic, Farsi) considered a strong asset.

To discuss this or wider Consulting roles with our recruitment team, all you need to do is apply, create a profile, upload your CV and begin to make your mark with KPMG.

Our Locations:

We are open to talk to Risk Consulting talent across the country but our core hubs for this role are:

London Canary Wharf
Manchester
Bristol Queen Square
Birmingham
Leeds
Reading
Edinburgh
Glasgow

With 20 sites across the UK, we can potentially facilitate office work, working from home, flexible hours, and part-time options. If you have a need for flexibility, please register and discuss this with our team.

Find out more:

Within Consulting we have a range of divisions and specialisms. Click the links to find out more below:

Consulting at KPMG :
ITs Her Future Women in Tech programme:
KPMG Workability and Disability confidence:

For any additional support in applying, please click the links to find out more:

Applying to KPMG:
Tips for interview:
KPMG values:
KPMG Competencies:

KPMG Locations and FAQ: