Share this Job

Threat Analyst

Date: 08-Nov-2022

Location: Oxford, GB, OX4 4DQ Oxford/ Hybrid, GB

Company: Nominet

We’re Nominet – a world-leading domain name registry. For over 25 years, we’ve been operating at the heart of internet infrastructure. While we're best known for running .UK domains, we also help protect public services from cyber threat.

Our aim is to create a world which is more connected, inclusive and secure. We know that technology has the power to transform lives by creating opportunities and providing support where it’s needed most.

As a public benefit company, our work funds the ability to make a positive impact on society. We’ve donated millions to projects that use technology to improve peoples’ lives and have committed to delivering £60m worth of support over the next three years.

We understand the impact the Internet has on the environment and are committed to helping the UK reach Net Zero by 2050. We’re already a Carbon Neutral company through offsetting our emissions and will continue to work on reducing our footprint.


About the role 


Nominet Cyber is a leading provider of Protective DNS (PDNS) solutions to governments globally. Nominet have been the guardians of the .UK registry for 25 years and this expertise in DNS has evolved into their Nominet Cyber division.  


Nominet Cyber’s Protective DNS (PDNS) is specifically designed for governments and critical infrastructure, offering world-class threat intelligence, discovery and blocking of malicious activity to enable quick incident response, provide unrivalled visibility across a nation’s most critical networks to build national cyber situational awareness.  

We are now looking for a proactive Threat Analyst to join the PDNS team. If you are someone that takes an interest in the evolving cyber threat environment and have a background in working with large datasets to detect cyber security threats and trends — we would like to speak with you.  


The essential bits 


Your key responsibilities will be to detect, analyse, explore, and present findings on cyber security threats discovered via PDNS. Using open-source and proprietary tools to explore large quantities of DNS and associated data to find anomalous behaviour that is indicative of these threats. 


You will provide clear insight into customer DNS threats in the form of authored reports, delivering presentations, and producing data output to assist further analysis and customer outreach.  

You will work with threat feed providers to improve the quality of their feeds to positively impact PDNS customers. 


You will work collaboratively to explore and develop new DNS centric cyber security/threat hunting/OSINT tools and techniques that will enable Nominet to achieve our strategic aims and objectives. Your personal drive will enable innovation, and your adaptability to new situations will provide positive outcomes to the safety of the wider community. 


About you and your experience 


You have a background in either threat analysis, threat hunting, cyber threat intelligence, a SOC role or incident response.  

What’s certain is that you will have an interest and enthusiasm for working on real data that will make a difference to the security of internet infrastructure. Critical thinking and novel approaches to a unique problem set are imperative.  


Technically you will understand authoritative and recursive DNS, experience in working with internet protocols and routing, experience using command line tools as well as some scripting or coding experience.  


You will also understand common TTPs used by threat actors, with demonstrated knowledge of the cybersecurity landscape, including emerging threats and security solutions. You will be able and willing to document and communicate these threats effectively, this is vital for success in this role. 


What’s in it for you 


The Nominet way of working empowers our people to be flexible between home and the office, operating on a Hybrid basis. This empowers everyone to take ownership day to day, balancing the needs of our people and business. You will be required to come into the Oxford office for key activities to ensure we have a collaborative and connected working environment. 

A great opportunity to work on an interesting dataset, analyse how DNS can be abused and find solutions for any issues. The role also offers the rare opportunity to be considered for secondment to the NCSC Industry 100 (i100) initiative. 


Pension match to 7%, performance related bonus scheme, private medical insurance, 30 days annual leave, reward portal, support to buy tech equipment tax free, holiday buy scheme, discounted shopping, on-site gym and shower facilities, Medi-cash (claiming cash back on things like optical, dental, inoculations and prescriptions), Employee Assistance Program, Dental Insurance, Health Assessments, Cycle2Work scheme, free- on site car parking, broad range of tools and resources to support your personal and professional development, Nominet Give Hub. We also have an active Social Committee. 



Data protection

If you choose to explore an opportunity, and subsequently share your CV or other personal details with Nominet, these details will be held by Nominet for 12 months in accordance with our Privacy Policy and used by our recruitment team and hiring managers in the process to contact you regarding this or other relevant opportunities at Nominet.  If you would like Nominet to delete or update your details at any time, please follow the steps set out in the Privacy Policy describing your individual rights.  If you have any questions about Nominet’s data protection practices, please email:

Equal opportunities

Cybersecurity is a community effort. That’s why we’re committed to building an inclusive, diverse community that celebrates and welcomes everyone – unless they’re a cybercriminal, of course.

We’re proud to be an Equal Opportunity and Affirmative Action Employer, and we’d encourage you to join us whatever your background.

We consider everyone equally: your race, age, religion, sexual orientation, gender identity, ability, marital status, nationality, or any other protected characteristic won’t affect your application.

We want to give you every opportunity to show us your best self, so if there are any adjustments we could make to the recruitment and selection process to support you, please let us know.

Security checks

All roles working for Nominet will be subject to a Baseline Personnel Security Standard (BPSS) check. Some roles due to the nature of their work, will require additional security clearance.

Due to the volume of applications we receive, we sometimes close our vacancies early. It is therefore advisable to apply as early as possible if you would like to be considered for a role with us.

Job Segment: Open Source, Technology