Cyber Threat Intelligence (CTI) Manager

About The Position

Requirements

• Master's degree in Cybersecurity, Information Security, Computer Science, Information Technology, or related technical field
• Relevant professional certifications such as GCTI, GIAC, CISSP, CISM, or equivalent strongly preferred
• 3-5 years of progressive cybersecurity experience with at least 2 years in threat intelligence, security operations, or incident response roles
• Demonstrated experience working in financial services, fintech, payment processing, or insurance sectors with understanding of sector-specific threats
• Hands-on experience with threat intelligence platforms, SIEM technologies, and security data analysis tools
• Exposure to vulnerability management practices, including risk-based prioritization, remediation workflows, and metrics development
• Strong understanding of the cyber threat landscape, including threat actor motivations, capabilities, and TTPs relevant to financial services
• Familiarity with threat intelligence frameworks including MITRE ATT&CK, Cyber Kill Chain, Diamond Model, and intelligence lifecycle methodologies
• Knowledge of corporate supply chain risk management principles and third-party risk assessment practices
• Proficiency in intelligence analysis techniques and structured analytic methods
• Understanding of how threat intelligence informs and enhances enterprise risk management programs
• Analytical Thinking: Ability to synthesize complex, disparate data sources into coherent intelligence assessments and actionable recommendations
• Communication Excellence: Superior written and verbal communication skills with ability to tailor messaging for technical and non-technical audiences
• Strategic Vision: Capacity to balance immediate operational needs with long-term program development objectives
• Collaboration: Proven ability to build effective relationships across organizational boundaries and influence without direct authority
• Adaptability: Comfortable operating in fast-paced, high-stakes environments with evolving priorities and emerging threats
• Initiative: Self-directed work ethic with ability to identify gaps and proactively develop solutions
• Leadership Potential: Demonstrates readiness for future people management responsibilities through mentorship, knowledge sharing, and team contribution

Nice To Haves

• Experience implementing or managing threat intelligence platforms or similar technologies
• Familiarity with payment card industry (PCI) standards, regulatory requirements, and compliance frameworks applicable to payment processing
• Previous experience in fusion center or multi-disciplinary coordination roles

Responsibilities

• Threat Intelligence Program Leadership
• Lead the design, implementation, and ongoing maturation of the enterprise threat intelligence program in partnership with the Senior Director of Security Operations and Senior Manager of Threat and Vulnerability Management
• Deploy and operationalize the organization's threat intelligence platform, ensuring integration with existing security infrastructure and maximizing operational efficiency
• Establish and maintain intelligence collection requirements, prioritization frameworks, and dissemination protocols tailored to stakeholder needs
• Develop and maintain relationships with external intelligence sharing communities, industry groups, ISACs, and government agencies relevant to financial services
• Intelligence Production and Analysis
• Produce high-quality strategic, operational, and tactical intelligence products addressing threat actor TTPs, emerging attack vectors, and sector-specific risks affecting payment processing operations
• Analyze threat data from multiple sources to identify trends, patterns, and indicators of compromise relevant to the organization's attack surface
• Translate technical threat intelligence into actionable recommendations for security operations, incident response, and risk management teams
• Deliver regular intelligence briefings to the Senior Director of Security Operations, CISO, and other executive stakeholders on the evolving threat landscape
• Cross-Functional Operations and Incident Support
• Serve as the fusion operations lead, coordinating intelligence-driven response across fraud, security, and privacy teams during complex, cross-functional incidents
• Provide intelligence support to vulnerability management operations, including threat context for prioritization decisions and exploitation likelihood assessments
• Support US hours coverage for vulnerability management activities when the Senior Manager requires operational assistance
• Collaborate with the SOC, incident response, and detection engineering teams to ensure intelligence is operationalized into defensive capabilities
• Stakeholder Engagement and Requirements Management
• Establish and manage intelligence requirements from diverse stakeholders across risk management, compliance, fraud prevention, application security, and business units
• Develop tailored intelligence products and briefings appropriate to audience technical sophistication and organizational role
• Serve as the subject matter expert on cyber threat intelligence for internal and external engagements, including audits, regulatory inquiries, and board presentations