CrawlJobs Logo

Intelligence Lead Analyst - OSINT Threat Hunting

United States, Charlotte Employment contract 117440.00 - 176160.00 USD / Year · Job Posted June 29, 2026
Apply Position
Job Link Share

Job Description

Go beyond traditional analysis and become a proactive threat hunter at the heart of Citi's global security operations. The CSIS Advanced Analytics and Cyber OSINT program seeks a senior Intelligence Lead Analyst to design, lead, and mature our threat hunting capabilities. In this pivotal role, you will transform open-source information into actionable intelligence, safeguarding the assets, integrity, and reputation of Citi and its clients against emerging threats.

Job Responsibility

  • Analyze regional threat data and determine a correlation if any, to existing intelligence requirements
  • Monitor and research cyber threats with a direct or indirect impact to the Citi brand
  • Research and identify malicious activity by performing post-mortem analysis on logs, traffic flows, and other activities
  • Conduct intrusion analyses to ascertain the impact of an attack, and develop mitigation techniques for future attacks
  • Evaluate networks and programs to assess potential weaknesses and points of entry
  • Analyze and present to senior leadership discovered patterns to forecast future cyber-attacks and their potential impact
  • Liaise with intelligence communities, law enforcement, industry partners, peer financial institutions, and information sharing communities
  • Triage, process, analyze, and disseminate intelligence alerts, reports, and briefings
  • Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency

Requirements

  • 6-10 years of relevant experience
  • Working knowledge in one or more of the following areas: Advanced Persistent Threat, Third Party Risks/Threats, Cybercrime, Extremist Groups and Cyber Terrorists, Hacktivism, Distributed Denial of Service attacks, Fraud, Malware, Mobile Threats
  • Proven track record of operationalizing cyber threat intelligence
  • Consistently demonstrates clear and concise written and verbal communication
  • Proven influencing and relationship management skills
  • Proven analytical skills
  • Bachelor’s degree/University degree or equivalent experience
  • Proficiency in the MITRE ATT&CK framework
  • Hands-on experience with Threat Intelligence Platforms including Recorded Future, Mandiant Advantage, ThreatConnect, MISP, or OpenCTI
  • Experience with scripting and automation languages including Python, PowerShell, and Bash
  • Advanced OSINT tradecraft including dark web monitoring, social media intelligence, infrastructure pivoting, and digital footprint analysis
  • Experience with link analysis platforms such as Palantir, Maltego, and i2 Analyst's Notebook
  • Solid understanding of network forensics, log analysis, and reverse engineering
  • Working knowledge of malware analysis (static and dynamic) and adversary infrastructure analysis
  • Exceptional written and verbal communication skills
  • Proven influencing, relationship management, and analytical skills

Nice to have

  • Master’s degree preferred (Advanced degree preferred, ideally in Computer Science, Cybersecurity, Information Security, or a related STEM discipline)
  • Additional valued certifications include: CREST CCTIM, Recorded Future Certified Analyst, CISSP, CEH, or OSCP

What we offer

  • Discretionary and formulaic incentive and retention awards
  • medical, dental & vision coverage
  • 401(k)
  • life, accident, and disability insurance
  • wellness programs
  • paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Intelligence Lead Analyst - OSINT Threat Hunting

8 matching positions

Staff Security Analyst, Threat Intelligence

We are building an elite team, applying frontier technologies to the world’s big...
Location
Location
United States , Menlo Park
Salary
Salary:
191000.00 - 225000.00 USD / Year
robinhood.com Logo
Robinhood
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8–12+ years of total experience, including 3–5+ years operating at a senior or staff-level scope in threat intelligence, brand protection, or cyber investigations
  • Hands-on experience tracking criminal ecosystems tied to phishing, scams, impersonation, fraud, and infrastructure abuse, and the ability to move from isolated indicators to campaign- and actor-level analysis
  • Deep familiarity with domain registration patterns, DNS and certificate transparency analysis, cloud and hosting abuse across providers (e.g., AWS, GCP, Azure, VPS), and attacker monetization methods
  • Experience using OSINT tooling, SQL, Python, notebooks, SIEM or SOAR platforms, OpenCTI, and case management systems to analyze data and automate workflows
  • Ability to translate complex technical threats into clear business risk for technical teams and executive audiences through strong written and verbal communication
  • Experience mentoring others or leading initiatives across teams, with a high level of accountability and sound risk judgment in ambiguous situations
Job Responsibility
Job Responsibility
  • Proactively hunt and map criminal ecosystems targeting Robinhood and its customers, then translate intelligence into scalable systems and coordinated defenses that disrupt adversaries before they cause harm
  • Build and operationalize a comprehensive "Universe of Threats" by identifying, tracking, and prioritizing adversaries across phishing, scams, impersonation, fraud, and infrastructure abuse
  • Establish and mature a proactive threat intelligence lifecycle by developing industry partnerships, collaborating with trusted peers and federal authorities, and cultivating online personas to generate early warning capabilities that protect Robinhood’s business operations
  • Investigate attacker infrastructure across domains, DNS, certificate transparency logs, cloud providers, and telecom platforms, and convert findings into concrete detections, controls, and customer protections
  • Coordinate threat actor infrastructure takedowns with hosting providers, domain registrars, cloud platforms, and other infrastructure partners to disrupt adversary operations at scale
  • Design and automate intelligence workflows using OSINT tooling, enrichment pipelines, data analysis tools, and case management systems to scale analysis and reporting
  • Partner directly with Detection & Response, Automation, Customer Trust & Safety (Fraud and Financial Crimes), Security Engineering, Corporate Security, Risk, and executive leaders to prioritize threats based on measurable business risk
What we offer
What we offer
  • Challenging, high-impact work to grow your career
  • Performance-driven compensation with multipliers for outsized impact, bonus programs, equity ownership, and 401(k) matching
  • Best-in-class benefits to fuel your work, including 100% paid health insurance for employees with 90% coverage for dependents
  • Lifestyle wallet — a highly flexible benefits spending account for wellness, learning, and more
  • Employer-paid life & disability insurance, fertility benefits, and mental health benefits
  • Time off to recharge including company holidays, paid time off, sick time, parental leave, and more
  • Exceptional office experience with catered meals, events, and comfortable workspaces
  • Fulltime
Read More
Arrow Right

Threat Investigator, Security Analyst - Youth Safety, i3E

The Integrity, Investigations, Intelligence and Events (i3E) teams at Meta are d...
Location
Location
United States , Bellevue
Salary
Salary:
111000.00 - 162000.00 USD / Year
meta.com Logo
Meta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2+ years work experience performing security investigations in government, intelligence, cyber security, journalism and/or private sector organizations
  • Subject matter expertise or prior work experience in child safety based laws or policies (i.e intelligence, law enforcement, legal analysis, or NGO)
  • Experience with open source investigation techniques and familiarity with a variety of internet research tools
  • Experience leveraging SQL, OSINT, and network security concepts in an investigative context
  • Adept at developing multi-source, evidence-based findings and communicating them to varied audiences
  • Bachelors Degree in Computer Science, Information Systems, Intelligence Studies, Cybersecurity or related field or equivalent work experience in information security
Job Responsibility
Job Responsibility
  • Investigate complex child sexual exploitation operations to understand how abuse manifests on Meta’s platforms and the wider information ecosystem
  • Lead a portfolio of investigative research to include identifying abuse trends, understanding adversarial behavior, and designing forward-looking enforcement strategies to mitigate harm
  • Proactively hunt for threats and undetected abuse by leveraging internal data sets, open-source intelligence, and third-party private intelligence
  • Analyze qualitative and quantitative data to advance investigations, quantify trends and support findings with clear, concise evidence
  • Apply analytical rigor to investigations, analysis, and programs while looking for strategic improvement opportunities
  • This role involves exposure to graphic and/or objectionable content including but not limited to graphic images, videos and writings, offensive or derogatory language, and other potential objectionable material, i.e. child exploitation, graphic violence, self-injury, animal abuse, and other content which may be considered offensive or disturbing
What we offer
What we offer
  • bonus
  • equity
  • benefits
Read More
Arrow Right
New

Senior Security Analyst

Made Tech helps UK public sector organisations build and run secure, user-centre...
Location
Location
United Kingdom , Any UK Office Hub (Bristol / London / Manchester / Swansea)
Salary
Salary:
50000.00 - 60000.00 GBP / Year
madetech.com Logo
Made Tech
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Hold one of the following - Systems Security Certified Practitioner (SSCP), CompTIA Security+, or an equivalent foundational operational security credential expected of Senior SOC analysts
  • Certifications that would strengthen your application: Certified Cloud Security Professional (CCSP), CompTIA Advanced Security Practitioner (CASP+), HTB Certified Defensive Security Analyst (HTB CDSA)
  • Experience applying structured analytical techniques - ACH, key-assumptions checks, or similar, to produce rigorous, bias-resistant intelligence assessments, and comfort peer-reviewing others' analytic tradecraft
  • Working knowledge of cloud security event investigation and cloud detection tuning, particularly across AWS, Azure, or GCP environments, including understanding of infrastructure-level telemetry
  • Experience framing security findings in risk terms for non-technical stakeholders — communicating likelihood, impact, and recommended treatment clearly, and reflecting asset criticality and threat context in prioritisation decisions
  • Evidence of building or improving SOAR playbooks, automated triage workflows, or equivalent automation that reduced analyst toil in a SOC or detection-engineering context
  • Familiarity with UK government security frameworks — in particular the NCSC CAF, GovAssure, and HMG Security Policy Framework — and experience aligning detection or response work to those standards in a government or regulated environment
  • Experience working within an agile or Kanban-based team model, contributing to workflow improvement, running or participating in retrospectives, and helping the team improve its own practices — not just delivering within them
  • Experience acting as a trusted working-level contact for client security stakeholders — anchoring on their actual outcomes, raising concerns or opportunities proactively, and contributing subject-matter expertise to proposals or bids
  • Hands-on experience with at least one major SIEM platform (for example, Splunk, Microsoft Sentinel, or Elastic Security) including writing and tuning detection rules
Job Responsibility
Job Responsibility
  • Lead threat hunts and intrusion investigations
  • Author, tune, and peer-review detection content
  • Own sub-cycles of the intelligence lifecycle
  • Lead incident response and drive improvement
  • Build SOAR playbooks and auto-triage
  • Align security operations to UK public sector standards
  • Mentor junior analysts and raise team standards
  • Contribute to the practice beyond your immediate engagement
What we offer
What we offer
  • 30 days Holiday
  • Flexible Working Hours
  • Flexible Parental Leave
  • Remote Working
  • Paid counselling
  • SC Eligibility
  • Smart Tech scheme
  • Cycle to work scheme
  • Individual benefits allowance which you can invest in a Health care cash plan or Pension plan
  • Optional social and wellbeing calendar of events
  • Fulltime
Read More
Arrow Right

Security Analyst Investigator

The Integrity, Investigations, Intelligence and Events (i3E) teams at Meta are d...
Location
Location
United States , Bellevue
Salary
Salary:
137000.00 - 196000.00 USD / Year
meta.com Logo
Meta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years work experience performing security investigations in government, intelligence, cyber security, journalism and/or private sector organizations
  • Subject matter expertise or prior work experience in child safety based laws or policies (i.e intelligence, law enforcement, legal analysis, or NGO)
  • Experience with open source investigation techniques and familiarity with a variety of internet research tools
  • Experience leveraging SQL, OSINT, and network security concepts in an investigative context
  • Experience developing multi-source, evidence-based findings and communicating them to diverse audiences
  • Proficient in SQL
Job Responsibility
Job Responsibility
  • Investigate complex child sexual exploitation operations to understand how abuse manifests on Meta’s platforms and the wider information ecosystem
  • Lead a portfolio of investigative research to include identifying abuse trends, understanding adversarial behavior, and designing forward-looking enforcement strategies to mitigate harm
  • Proactively hunt for threats and undetected abuse by leveraging internal data sets, open-source intelligence, and third-party private intelligence
  • Analyze qualitative and quantitative data to advance investigations, quantify trends and support findings with clear, concise evidence
  • Apply analytical rigor to investigations, analysis, and programs while looking for strategic improvement opportunities
  • This role involves exposure to graphic and/or objectionable content including but not limited to graphic images, videos and writings, offensive or derogatory language, and other potential objectionable material, i.e. child exploitation, graphic violence, self-injury, animal abuse, and other content which may be considered offensive or disturbing
What we offer
What we offer
  • bonus
  • equity
  • benefits
  • Fulltime
Read More
Arrow Right

Security Analyst - Investigator (Financial Threats)

The Integrity, Investigations, Intelligence and Events (i3E) teams at Meta are d...
Location
Location
United States , Bellevue
Salary
Salary:
167000.00 - 233000.00 USD / Year
meta.com Logo
Meta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years work experience performing security investigations in government, intelligence, cyber security, journalism and/or private sector organizations
  • Demonstrated subject matter expertise in large-scale scam/fraud operations
  • Experience leveraging SQL, OSINT, and network security concepts in an investigative context
  • Adept at developing multi-source, evidence-based findings and communicating them to different stakeholders and leadership team
  • Experience working on high-impact threats under compressed timelines
  • Experience prioritizing and executing with minimal direction or oversight
  • Bachelors Degree in Computer Science, Data Engineering, Cyber Security or related field or equivalent technical work experience
Job Responsibility
Job Responsibility
  • Investigate sophisticated scammer behaviors to understand how abuse manifests on Meta’s platforms and the wider information ecosystem using a variety of tooling/techniques including innovative deployment of AI solutions where appropriate
  • Lead a portfolio of investigative research to include identifying abuse trends, understanding adversarial behavior, and designing/driving forward-looking enforcement strategies to mitigate harm
  • Leverage expert knowledge/experience in the field of fraud and scams in the application of this work
  • Own end-to-end complex scam investigations and partner directly with Policy, Ops, Engineering, Product, and Legal teams to translate findings into scaled mitigations
  • Proactively hunt for threats and undetected abuse by leveraging internal data sets, open-source intelligence, and third-party private intelligence
  • Analyze qualitative and quantitative data to advance investigations, quantify trends and support findings with clear, concise evidence
  • Take a lead role in developing and refining investigative techniques, analytic methodologies, intelligence processes, and tools
  • Synthesize abuse telemetry and qualitative insights into decision-ready assessments and recommendations that drive prioritization and result in concrete mitigations across investigations, engineering, policy, and product teams
  • Apply operational rigor to investigations, analysis, and programs while looking for strategic improvement opportunities
  • This role may involve exposure to graphic and/or objectionable content including but not limited to graphic images, videos and writings, offensive or derogatory language, and other potential objectionable material, i.e. child exploitation, graphic violence, self-injury, animal abuse, and other content which may be considered offensive or disturbing
What we offer
What we offer
  • bonus
  • equity
  • benefits
  • Fulltime
Read More
Arrow Right
New

Vice President

iCapital is looking to hire an investment product specialist Vice President to s...
Location
Location
China , Hong Kong
Salary
Salary:
Not provided
icapital.com Logo
iCapital Network
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of experience working within the alternative investment industry in a client facing capacity (e.g., Investor relations at GPs or distribution specialist at placement agents, fund of funds and asset management firms with alternative investment product experience)
  • A self-starter who demonstrates the ability to work in a fast-paced entrepreneurial environment and follow a rigorous sales process
  • Strong team orientation with exceptional organizational and interpersonal skills especially in a cross-boarder and small team-working environment
  • Strong with Microsoft powerpoint and has excellent verbal and written communication skills
  • Local regulatory licensing is required
  • Relevant language skills is a plus
Job Responsibility
Job Responsibility
  • Leverage a consultative sales process to acquire new relationships, expand existing client relationships, and service assets under management
  • Develop high level of sales proficiency with iDirect offerings in private equity, private credit, and hedge funds and other future iDirect products and a good understanding of the asset class as well as product comparison purposes
  • Traveling is required to markets to meet with gatekeepers, advisors, industry bodies, end clients in support of the broader sales and educational effort
  • Assist in the planning and execution of roadshows and conferences
  • Work alongside the in region Client Solutions team personnel on client pitches, product positioning, and sales campaigns
  • Leverage technology input and reporting tools to support sales management activities
  • Fulltime
Read More
Arrow Right

Customer Assistant II

Location
Location
United States , Amherst
Salary
Salary:
26.06 - 29.33 USD / Hour
mma.org Logo
Massachusetts Municipal Association
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • High school degree or equivalent PLUS one to three years of experience in accounting, bookkeeping, or cash handling
  • OR any equivalent combination of related education and experience that demonstrates the ability to successfully perform the responsibilities of the position
Job Responsibility
Job Responsibility
  • Perform a full range of complex procedural accounting and clerical duties associated with computation, reconciliation and posting to accounts for town collection areas (e.g., Water and Sewer, Parking)
  • Fulltime
Read More
Arrow Right

Care Assistant - Days

Are you ambitious? Do you want something else? Are you looking for new energy? W...
Location
Location
United Kingdom , Poynton
Salary
Salary:
12.75 GBP / Hour
jobs.360resourcing.co.uk Logo
360 Resourcing Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • No previous experience or qualifications needed
  • Enhanced DBS check in relation to Children and Adults required
Job Responsibility
Job Responsibility
  • Support with personal care needs
  • Help residents take part in a wide range of special interests and activities that support their health and wellbeing such as arts and crafts, watching the footie, drama, musical evenings, gardening, shopping trips and social occasions
What we offer
What we offer
  • Discounts on Shopping, Fashion, Days out, Travel, Entertainment and lots more
  • Flex Earn – Earned wage access
  • FREE face-to-face counselling for you and your family
  • Staff recognition award ceremonies
  • £30 voucher available every month for the nominated Employee of the month
  • Opportunities for training and career progression
  • Salary Sacrifice Pension scheme
  • Blue Light Card – up to 50% discount across 100’s of retailers
  • Access to a FREE eye test and discounted glasses
  • Cashback card – save up to £500 annually
  • Fulltime
Read More
Arrow Right