Threat Intelligence Manager

About The Position

Requirements

• 5+ years of cybersecurity experience, with at least 2–3 years focused on cyber threat intelligence, security operations, or incident response, including direct leadership or program‑ownership responsibilities
• Demonstrated ability to brief and influence senior and executive leadership, translating complex technical threats into clear business impacts and strategic recommendations
• Demonstrated experience overseeing the development and/or building of agentic, low‑code, or no‑code solutions that automate security or intelligence workflows and scale operational outcomes
• Proven experience leading or managing high‑performing teams, driving alignment to strategic priorities, and fostering cross‑functional collaboration across IT, Risk, Compliance, and other business units
• Expertise overseeing threat intelligence analysis, including threat actor profiling, geopolitical assessments, threat modeling, and application of frameworks such as MITRE ATT&CK and NIST
• Strong background integrating threat intelligence across SOC, Incident Response, Red Team, and vulnerability management workflows to support proactive defense and enterprise risk reduction
• Familiarity with regulatory frameworks and standards relevant to financial services (e.g., NIST CSF,PCI, NYDFS), with experience aligning intelligence activities to compliance and enterprise risk management programs
• Proven capability developing and reporting metrics and KPIs that demonstrate program value, maturity, and impact to senior leadership
• Bachelor’s degree in computer science, Engineering, related discipline, or equivalent experience through military service, or self-study.

Nice To Haves

• An advanced degree in Information Security, Intelligence Studies, or related discipline.
• Relevant industry certifications such as GIAC Cyber Threat Intelligence (GCTI), Certified Threat Intelligence Analyst (CTIA), CISSP, or CISM
• Experience in the financial or tax services industry, with insight into the threat landscape targeting financial institutions or fintech organizations
• Familiarity with structured intelligence sharing formats and technologies (STIX/TAXII), and experience integrating threat intel into SIEM/SOAR workflows
• Exposure to cloud security threats and cloud-focused threat intelligence (Azure, AWS, GCP) in large-scale environments
• Participation in threat intelligence communities or public-private partnerships, and a network of industry contacts in the threat intel field

Responsibilities

• Lead the end‑to‑end threat intelligence program, setting strategic direction and ensuring alignment with enterprise risk priorities and long‑term business objectives
• Develop and maintain a forward‑looking threat intelligence strategy that anticipates adversaries and informs proactive security planning
• Define and track program KPIs, demonstrating value, maturity, and business impact to senior and executive leadership
• Serve as a key advisor to senior and executive leadership, delivering clear, concise briefings that translate complex threats into business‑focused insights and strategic recommendations
• Integrate intelligence into enterprise risk management, communicating material threat trends and impacts to executive stakeholders
• Ensure the threat intelligence program complies with financial regulations, internal audit standards, and industry frameworks such as NIST and MITRE ATT&CK
• Continuously refine processes, tools, and methodologies to increase the program’s effectiveness, efficiency, and alignment with organizational needs
• Partner with SOC, Red Team, Incident Response, Vulnerability Management, and broader IT, Risk, Compliance, and Operations teams to operationalize intelligence across detection, response, and risk workflows
• Represent the organization within external intelligence communities and ISACs, leveraging insights to inform executive‑level decision‑making
• Lead, mentor, and develop a high performing team of intelligence analysts, fostering analytical rigor, collaboration, and continuous growth
• Oversee production of high‑quality threat actor profiles, geopolitical assessments, and tailored intelligence deliverables for business units and executives
• Oversee the Executive Privacy Program and monitor open sources for threats to executives, brand, and clients
• Provide intelligence support for sensitive investigations, ensuring confidentiality and discretion in high‑risk scenarios
• Oversee the use, integration, and optimization of threat intelligence platforms, data sources, and security automation to ensure high‑quality, actionable intelligence

Benefits

• You’ll reap the rewards of helping others along with competitive compensation and benefits to support your health and well-being.
• Specific benefits may vary based on your role. For detailed eligibility requirements and benefits information, visit blockbenefits.com.
• Qualifying associates can enroll themselves and/or their eligible dependents in medical and prescription drug coverage; can participate in the H&R Block Retirement Savings Plan (401(k) Plan), the Employee Assistance Program, (virtual) fitness center programs, and the associate discount program; are automatically enrolled in Business Travel Accident Insurance; and receive Associate Tax Prep benefit.