Cyber Threat Intelligence (CTI) Manager

Location: This role is Remote based; Candidates can be located in the US or EU markets.

The Role 

The Cyber Threat Intelligence Manager is a critical leadership role responsible for establishing, managing, and advancing the organization's threat intelligence capabilities within the fintech and payment processing ecosystem. This position requires a strategic mindset combined with hands-on technical expertise to deliver actionable intelligence that drives risk-informed decision-making across the enterprise. The successful candidate will serve as the primary intelligence authority, translating complex threat landscapes into clear, actionable insights for both technical and executive audiences while building a mature, scalable threat intelligence program aligned with business objectives. 

How you’ll contribute

Threat Intelligence Program Leadership 

• Lead the design, implementation, and ongoing maturation of the enterprise threat intelligence program in partnership with the Senior Director of Security Operations and Senior Manager of Threat and Vulnerability Management 

• Deploy and operationalize the organization's threat intelligence platform, ensuring integration with existing security infrastructure and maximizing operational efficiency 

• Establish and maintain intelligence collection requirements, prioritization frameworks, and dissemination protocols tailored to stakeholder needs 

• Develop and maintain relationships with external intelligence sharing communities, industry groups, ISACs, and government agencies relevant to financial services 

Intelligence Production and Analysis 

• Produce high-quality strategic, operational, and tactical intelligence products addressing threat actor TTPs, emerging attack vectors, and sector-specific risks affecting payment processing operations 

• Analyze threat data from multiple sources to identify trends, patterns, and indicators of compromise relevant to the organization's attack surface 

• Translate technical threat intelligence into actionable recommendations for security operations, incident response, and risk management teams 

• Deliver regular intelligence briefings to the Senior Director of Security Operations, CISO, and other executive stakeholders on the evolving threat landscape 

Cross-Functional Operations and Incident Support 

• Serve as the fusion operations lead, coordinating intelligence-driven response across fraud, security, and privacy teams during complex, cross-functional incidents 

• Provide intelligence support to vulnerability management operations, including threat context for prioritization decisions and exploitation likelihood assessments 

• Support US hours coverage for vulnerability management activities when the Senior Manager requires operational assistance 

• Collaborate with the SOC, incident response, and detection engineering teams to ensure intelligence is operationalized into defensive capabilities 

Stakeholder Engagement and Requirements Management 

• Establish and manage intelligence requirements from diverse stakeholders across risk management, compliance, fraud prevention, application security, and business units 

• Develop tailored intelligence products and briefings appropriate to audience technical sophistication and organizational role 
• Serve as the subject matter expert on cyber threat intelligence for internal and external engagements, including audits, regulatory inquiries, and board presentations 

If you have the attributes, skills, and experience listed below, we want to hear from you.

Education 

• Master's degree in Cybersecurity, Information Security, Computer Science, Information Technology, or related technical field 

• Relevant professional certifications such as GCTI, GIAC, CISSP, CISM, or equivalent strongly preferred 

Professional Experience 

• 3-5 years of progressive cybersecurity experience with at least 2 years in threat intelligence, security operations, or incident response roles 

• Demonstrated experience working in financial services, fintech, payment processing, or insurance sectors with understanding of sector-specific threats 

• Hands-on experience with threat intelligence platforms, SIEM technologies, and security data analysis tools 

• Exposure to vulnerability management practices, including risk-based prioritization, remediation workflows, and metrics development 

Technical Competencies 

• Strong understanding of the cyber threat landscape, including threat actor motivations, capabilities, and TTPs relevant to financial services 

• Familiarity with threat intelligence frameworks including MITRE ATT&CK, Cyber Kill Chain, Diamond Model, and intelligence lifecycle methodologies 

• Knowledge of corporate supply chain risk management principles and third-party risk assessment practices 

• Proficiency in intelligence analysis techniques and structured analytic methods 

• Understanding of how threat intelligence informs and enhances enterprise risk management programs 

PREFERRED QUALIFICATIONS 

• Experience implementing or managing threat intelligence platforms or similar technologies 

• Familiarity with payment card industry (PCI) standards, regulatory requirements, and compliance frameworks applicable to payment processing 

• Previous experience in fusion center or multi-disciplinary coordination roles 

CORE COMPETENCIES 

• Analytical Thinking: Ability to synthesize complex, disparate data sources into coherent intelligence assessments and actionable recommendations 

• Communication Excellence: Superior written and verbal communication skills with ability to tailor messaging for technical and non-technical audiences 

• Strategic Vision: Capacity to balance immediate operational needs with long-term program development objectives 

• Collaboration: Proven ability to build effective relationships across organizational boundaries and influence without direct authority 

• Adaptability: Comfortable operating in fast-paced, high-stakes environments with evolving priorities and emerging threats 

• Initiative: Self-directed work ethic with ability to identify gaps and proactively develop solutions 

• Leadership Potential: Demonstrates readiness for future people management responsibilities through mentorship, knowledge sharing, and team contribution 

REPORTING STRUCTURE 

Strategic and Day-to-Day Reporting: Senior Director of Security Operations 

This position may have limited people management responsibilities as the threat intelligence function scales. 

WORKING CONDITIONS 

This position operates in a professional office environment with standard business hours, though occasional evening or weekend work may be required to support incident response activities or accommodate stakeholder schedules across multiple time zones. The role requires extended periods of computer use for data analysis and report generation. Some travel may be required for conferences, training, or meetings with industry partners. 

This job description is intended to convey information essential to understanding the scope of the position and is not an exhaustive list of skills, efforts, duties, responsibilities, or working conditions associated with it. Management reserves the right to modify, add, or remove duties as necessary. 

#LI-AD1