Cyber Security Threat Analyst (Onsite Hybrid)

About The Position

Requirements

• 5+ years of experience in cyber threat intelligence, security operations, incident response, vulnerability management, fraud analysis, or a related cybersecurity function.
• 4+ years strong understanding of cyber threat actors, attack vectors, malware, phishing, ransomware, credential theft, fraud activity, and emerging cyber threats.
• 4+ years knowledge of security concepts such as indicators of compromise, attack lifecycle, threat modeling, vulnerability management, and risk assessment.
• 4+ years of experience gathering and analyzing intelligence from multiple sources, including OSINT, commercial threat intelligence platforms, internal security tools, and industry reports.
• 4+ years of familiarity with MITRE ATT&CK, Cyber Kill Chain, CVSS, CVE analysis, and common security frameworks.

Nice To Haves

• Cybersecurity experience within financial services, including banking, capital markets, insurance, or fintech.
• Experience with threat intelligence platforms, SIEM tools, EDR tools, case management systems, or vulnerability management platforms.
• Familiarity with industry information-sharing groups such as FS-ISAC or other intelligence-sharing communities.
• Experience working with vendor intelligence, law enforcement intelligence, or consortium intelligence sources.
• Understanding of geopolitical risk and its connection to cyber threat activity.
• Experience producing executive-level cyber threat briefings and strategic intelligence assessments.
• Knowledge of fraud intelligence, financial crime trends, account takeover, payment fraud, and business email compromise.
• Relevant certifications such as Security+, GCTI, GCIA, GCIH, CISSP, CySA+, CEH, or similar.
• Experience developing threat intelligence playbooks, response procedures, or reporting templates.
• Ability to work with global teams and support stakeholders across multiple regions or business units.
• Strong written and verbal communication skills, including the ability to brief stakeholders and explain cyber risk, likelihood, impact, and remediation activities.
• Ability to work independently and collaboratively in a fast-paced cybersecurity environment.
• Strong analytical, problem-solving, and research skills with attention to detail.

Responsibilities

• Monitor, collect, and analyze cyber threat intelligence from internal and external sources, including vendors, industry consortiums, open-source intelligence, and law enforcement partners.
• Research cyber threat actors, threat groups, campaigns, malware, vulnerabilities, fraud trends, and geopolitical events that may impact the organization or its clients.
• Analyze tactics, techniques, and procedures used by threat actors and map findings to relevant frameworks such as MITRE ATT&CK.
• Identify emerging threats, assess potential business impact, and provide actionable recommendations to reduce risk.
• Track zero-day vulnerabilities and high-risk CVEs, including preparing reports with potential impact, mitigation steps, and remediation guidance.
• Develop and publish tactical, operational, and strategic threat intelligence reports for cybersecurity teams, business stakeholders, and executive leadership.
• Support security incident response teams by providing threat context, actor attribution, indicators of compromise, and recommended containment or response actions.
• Consolidate and evaluate cyber threat intelligence feeds to improve the quality, relevance, and timeliness of threat assessments.
• Analyze internal security risks, control gaps, and threat exposure to identify potential weaknesses.
• Respond to client or stakeholder requests for information related to cyber threats, vulnerabilities, and risk trends.
• Prepare briefings, dashboards, and executive summaries that communicate cyber risks in clear, non-technical language.
• Collaborate with cybersecurity teams, fraud teams, risk teams, business units, and industry peers to understand intelligence requirements and improve threat reporting.
• Develop and maintain documentation, procedures, and playbooks related to threat intelligence and response processes.