Brand and Exposure Management Analyst

About The Position

Requirements

• Bachelor's degree in Cybersecurity, Information Security, Business Administration, Criminal Justice, Fraud Management, or related field
• 1-3 years of experience in financial services, insurance, anti-money laundering (AML), fraud prevention, compliance, or cybersecurity roles with exposure to business risk management
• Experience working in cross-functional environments involving fraud, legal, compliance, privacy, or customer service organizations
• Familiarity with payment processing operations, financial crimes typologies, or customer data protection requirements in regulated industries
• Strong business acumen with ability to translate cyber risks into business impact, financial exposure, and reputational consequences
• Basic understanding of cybersecurity principles, common attack methods, and fraud tactics used against financial institutions
• Comfortable conducting online research across social media platforms, search engines, and public information sources to identify brand abuse
• Awareness of phishing techniques, social engineering tactics, and impersonation schemes commonly used to target customers and employees
• Willingness to learn security monitoring tools and procedures with on-the-job training and mentorship from senior security personnel

Nice To Haves

• Master's degree in Cybersecurity or Information Systems preferred

Responsibilities

• Lead the development and implementation of brand monitoring capabilities within Security Operations, establishing processes for detecting and responding to brand abuse across digital channels
• Monitor online sources including social media, mobile app stores, domain registrations, and underground forums for unauthorized use of corporate trademarks, executive impersonation, and fraudulent schemes targeting customers
• Identify phishing campaigns, fake websites, counterfeit mobile applications, and social engineering attacks that exploit the organization's brand to defraud customers or damage reputation
• Track discussions and activities on underground platforms where stolen customer data, compromised credentials, or payment card information may be traded or disclosed
• Assess the business impact and reputational risk of brand abuse incidents, prioritizing response activities based on potential customer harm and operational disruption
• Coordinate takedown and remediation efforts for fraudulent domains, fake social media accounts, counterfeit applications, and phishing infrastructure impersonating the organization
• Partner with Legal counsel to facilitate cease and desist actions, intellectual property enforcement, and appropriate escalation to law enforcement when criminal activity is identified
• Collaborate with Fraud teams to understand emerging fraud patterns, share intelligence on threat actor tactics, and support investigations of customer-impacting incidents
• Work with Privacy officers to ensure appropriate handling of customer data exposure incidents, including breach notification assessments and regulatory reporting requirements
• Support customer-facing teams by providing timely intelligence on active threats, recommended customer communications, and guidance on responding to customer inquiries about suspicious activity
• Maintain documentation of brand abuse cases, response timelines, and resolution outcomes to demonstrate program value and inform process improvements
• Monitor public disclosures and intelligence sources for security incidents, data breaches, and compromises affecting third-party vendors and technology partners
• Assess potential business impact when supply chain partners experience security incidents, including risks to customer data, operational continuity, and regulatory compliance
• Coordinate with internal stakeholders to determine appropriate response actions when vendor compromises are identified, including contract reviews, audit requests, or service migration planning
• Support vendor risk management activities by providing external intelligence on supplier security posture, incident history, and threat actor targeting of the supply chain
• Track ransomware campaigns and data extortion operations affecting the financial services sector, alerting leadership to potential impacts on business operations or partner relationships
• Provide alternating shift coverage for the Security Operations Center, supporting 24/7 monitoring and basic incident response capabilities during scheduled rotations
• Review and triage security alerts escalated from Level 1 analysts, performing initial assessment and escalating confirmed incidents to senior security personnel
• Leverage brand monitoring insights to enhance security operations awareness of external threats, phishing campaigns, and credential exposure affecting the organization
• Document security events and response activities according to established procedures, ensuring appropriate record-keeping for compliance and audit purposes
• Participate in on-the-job training and skill development to build competency in security operations procedures, incident response workflows, and monitoring technologies