Description:
What does a successful Cyber Threat Intelligence Analyst do?
You will be a core member of our Cybersecurity Operations team, responsible for identifying, tracking, and translating emerging cyber threats into actionable intelligence that protects our platforms, customers, and financial infrastructure. This role operates across tactical, operational, and strategic intelligence disciplines, with a specialized focus on threats targeting the financial services and fintech ecosystem. You will bring tradecraft experience in financial sector threat intelligence, and the ability to deliver actionable, intelligence-driven insights that directly inform the broader security organization, cybersecurity functions, and other stakeholders to ensure intelligence is ready to inform security outcomes.
What Will You Do
- Operationalize the Intel Lifecycle: Execute the full intelligence lifecycle to perform fusion analysis, develop adversary profiles focused on financial sector threats, produce finished intelligence products across tactical, operational, and strategic levels.
- Tactical Detection Support: Contextualize threat behavior and anticipate adversary actions, translate analyzed TTPs into technical signatures to directly support the SOC and Detection Engineering teams.
- Intelligence-Driven Threat Hunting: Collaborate with the Threat Hunting team to develop hypotheses based on observed adversary behaviors and regional trends, moving beyond simple Indicator of Compromise (IoC) matching.
- Threat and Vulnerability Context: Support attack surface management team, provide intelligence-driven vulnerability prioritization, identify emerging threats and exploitation trends.
- Adversary Emulation: Provide intelligence support for Red Team or Purple Team exercises by profiling relevant threat actors to ensure testing remains realistic and impactful.
- Strategic & Geopolitical Analysis: Analyze global conflicts and economic stability to translate complex threat activities into structured business solutions and "so-what" summaries for leadership.
- Program Development and Engagement: Contribute to the maturation of the CTI program by developing and refining collection requirements, intelligence workflows, reporting templates, and analytic tradecraft standards.
- Production and Reporting: Produce high-quality tactical, operational, and strategic intelligence products including daily threat briefings, threat actor profiles, vulnerability assessments, and executive threat summaries. Deliver timely and actionable intelligence to internal stakeholders.
What You Will Need To Have
- 5+ years of experience as a threat intelligence analyst, threat hunting, counter adversary operations or incident response.
- Understanding of the intelligence cycle, cyber kill chain, MITRE ATTACK, and adversary TTP’s
- Demonstrated experience producing finished intelligence products (threat briefs, actor profiles, strategic assessments) for both technical and executive audiences
- A strong foundation in network security, vulnerability exploitation concepts, and technical threat analysis.
- Experience with CTI platforms (e.g., Google Threat Intelligence, Anomali) and a working knowledge of SIEM/SOAR technologies for intelligence integration.
- Ability to translate threats into business risks
- Exceptional written communication skills with the ability to produce clear, concise, and relevant intelligence products for diverse audiences.
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field and/or equivalent military experience.