Cyber Security Threat Analyst (Onsite Hybrid)

About the position The Cyber Security Threat Analyst will be responsible for identifying, analyzing, and reporting on cyber threats that may impact the organization, clients, and industry sectors such as banking, capital markets, insurance, and other financial services domains. The role requires strong analytical skills, threat intelligence expertise, and the ability to translate complex cyber threat information into actionable insights for technical and executive stakeholders.

Responsibilities

• Monitor, collect, and analyze cyber threat intelligence from internal and external sources, including vendors, industry consortiums, open-source intelligence, and law enforcement partners.
• Research cyber threat actors, threat groups, campaigns, malware, vulnerabilities, fraud trends, and geopolitical events that may impact the organization or its clients.
• Analyze tactics, techniques, and procedures used by threat actors and map findings to relevant frameworks such as MITRE ATT&CK.
• Identify emerging threats, assess potential business impact, and provide actionable recommendations to reduce risk.
• Track zero-day vulnerabilities and high-risk CVEs, including preparing reports with potential impact, mitigation steps, and remediation guidance.
• Develop and publish tactical, operational, and strategic threat intelligence reports for cybersecurity teams, business stakeholders, and executive leadership.
• Support security incident response teams by providing threat context, actor attribution, indicators of compromise, and recommended containment or response actions.
• Consolidate and evaluate cyber threat intelligence feeds to improve the quality, relevance, and timeliness of threat assessments.
• Analyze internal security risks, control gaps, and threat exposure to identify potential weaknesses.
• Respond to client or stakeholder requests for information related to cyber threats, vulnerabilities, and risk trends.
• Prepare briefings, dashboards, and executive summaries that communicate cyber risks in clear, non-technical language.
• Collaborate with cybersecurity teams, fraud teams, risk teams, business units, and industry peers to understand intelligence requirements and improve threat reporting.
• Develop and maintain documentation, procedures, and playbooks related to threat intelligence and response processes.

Requirements

• 5+ years of experience in cyber threat intelligence, security operations, incident response, vulnerability management, fraud analysis, or a related cybersecurity function.
• 4+ years strong understanding of cyber threat actors, attack vectors, malware, phishing, ransomware, credential theft, fraud activity, and emerging cyber threats.
• 4+ years knowledge of security concepts such as indicators of compromise, attack lifecycle, threat modeling, vulnerability management, and risk assessment.
• 4+ years of experience gathering and analyzing intelligence from multiple sources, including OSINT, commercial threat intelligence platforms, internal security tools, and industry reports.
• 4+ years of familiarity with MITRE ATT&CK, Cyber Kill Chain, CVSS, CVE analysis, and common security frameworks.

Nice-to-haves

• Cybersecurity experience within financial services, including banking, capital markets, insurance, or fintech.
• Experience with threat intelligence platforms, SIEM tools, EDR tools, case management systems, or vulnerability management platforms.
• Familiarity with industry information-sharing groups such as FS-ISAC or other intelligence-sharing communities.
• Experience working with vendor intelligence, law enforcement intelligence, or consortium intelligence sources.
• Understanding of geopolitical risk and its connection to cyber threat activity.
• Experience producing executive-level cyber threat briefings and strategic intelligence assessments.
• Knowledge of fraud intelligence, financial crime trends, account takeover, payment fraud, and business email compromise.
• Relevant certifications such as Security+, GCTI, GCIA, GCIH, CISSP, CySA+, CEH, or similar.
• Experience developing threat intelligence playbooks, response procedures, or reporting templates.
• Ability to work with global teams and support stakeholders across multiple regions or business units.
• Strong written and verbal communication skills, including the ability to brief stakeholders and explain cyber risk, likelihood, impact, and remediation activities.
• Ability to work independently and collaboratively in a fast-paced cybersecurity environment.
• Strong analytical, problem-solving, and research skills with attention to detail.