CrawlJobs Logo

Security Analyst - Investigator (Financial Threats)

United States, Bellevue 167000.00 - 233000.00 USD / Year · Job Posted January 29, 2026
Apply Position
Job Link Share

Job Description

The Integrity, Investigations, Intelligence and Events (i3E) teams at Meta are dedicated to protecting the users of our family of applications (e.g. Facebook, Instagram, WhatsApp) from a multitude of threats including: criminal organizations, human trafficking/exploitation, and scams/fraud. We are seeking a security analyst to drive detection and mitigation strategy and execute large-scale, highly complex technical investigations in order to protect our users against the threat posed by threat actors who seek to run sophisticated scam operations against our users. You will have the opportunity to work on some of the most challenging, complicated, and high-visibility risks the company is facing. We are seeking an experienced analyst with expertise in project/program management who can work across a large set of stakeholders to implement change, anticipate how threats will evolve, and recommend, own, and drive scaled mitigations. They should be results driven, motivated and must be able to extract, assimilate, and correlate a wide variety of data in order to surface, analyze, and disrupt threat actors across multiple spaces.

Job Responsibility

  • Investigate sophisticated scammer behaviors to understand how abuse manifests on Meta’s platforms and the wider information ecosystem using a variety of tooling/techniques including innovative deployment of AI solutions where appropriate
  • Lead a portfolio of investigative research to include identifying abuse trends, understanding adversarial behavior, and designing/driving forward-looking enforcement strategies to mitigate harm
  • Leverage expert knowledge/experience in the field of fraud and scams in the application of this work
  • Own end-to-end complex scam investigations and partner directly with Policy, Ops, Engineering, Product, and Legal teams to translate findings into scaled mitigations
  • Proactively hunt for threats and undetected abuse by leveraging internal data sets, open-source intelligence, and third-party private intelligence
  • Analyze qualitative and quantitative data to advance investigations, quantify trends and support findings with clear, concise evidence
  • Take a lead role in developing and refining investigative techniques, analytic methodologies, intelligence processes, and tools
  • Synthesize abuse telemetry and qualitative insights into decision-ready assessments and recommendations that drive prioritization and result in concrete mitigations across investigations, engineering, policy, and product teams
  • Apply operational rigor to investigations, analysis, and programs while looking for strategic improvement opportunities
  • This role may involve exposure to graphic and/or objectionable content including but not limited to graphic images, videos and writings, offensive or derogatory language, and other potential objectionable material, i.e. child exploitation, graphic violence, self-injury, animal abuse, and other content which may be considered offensive or disturbing

Requirements

  • 8+ years work experience performing security investigations in government, intelligence, cyber security, journalism and/or private sector organizations
  • Demonstrated subject matter expertise in large-scale scam/fraud operations
  • Experience leveraging SQL, OSINT, and network security concepts in an investigative context
  • Adept at developing multi-source, evidence-based findings and communicating them to different stakeholders and leadership team
  • Experience working on high-impact threats under compressed timelines
  • Experience prioritizing and executing with minimal direction or oversight
  • Bachelors Degree in Computer Science, Data Engineering, Cyber Security or related field or equivalent technical work experience

Nice to have

  • Experience working with Python, PHP, or similar scripting languages
  • Proven experience conducting large scale data analysis and utilizing big data tools such as Jupyter Notebook, Maltego, etc
  • Experience with link analysis/graph-style investigations (entity resolution, clustering, relationship mapping)
  • Experience in assessing/deploying AI driven solutions for detection/enforcement
  • Experience designing and managing projects that have enterprise-wide impact and/or multi-organization cross functional stakeholders
  • Experience working with a team spanning multiple locations/time zones
  • Experience with open source investigation techniques and familiarity with a variety of internet research tools
  • Experience working with payments/financial abuse concepts

What we offer

  • bonus
  • equity
  • benefits

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Security Analyst - Investigator (Financial Threats)

8 matching positions

Staff Security Analyst, Threat Intelligence

We are building an elite team, applying frontier technologies to the world’s big...
Location
Location
United States , Menlo Park
Salary
Salary:
191000.00 - 225000.00 USD / Year
robinhood.com Logo
Robinhood
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8–12+ years of total experience, including 3–5+ years operating at a senior or staff-level scope in threat intelligence, brand protection, or cyber investigations
  • Hands-on experience tracking criminal ecosystems tied to phishing, scams, impersonation, fraud, and infrastructure abuse, and the ability to move from isolated indicators to campaign- and actor-level analysis
  • Deep familiarity with domain registration patterns, DNS and certificate transparency analysis, cloud and hosting abuse across providers (e.g., AWS, GCP, Azure, VPS), and attacker monetization methods
  • Experience using OSINT tooling, SQL, Python, notebooks, SIEM or SOAR platforms, OpenCTI, and case management systems to analyze data and automate workflows
  • Ability to translate complex technical threats into clear business risk for technical teams and executive audiences through strong written and verbal communication
  • Experience mentoring others or leading initiatives across teams, with a high level of accountability and sound risk judgment in ambiguous situations
Job Responsibility
Job Responsibility
  • Proactively hunt and map criminal ecosystems targeting Robinhood and its customers, then translate intelligence into scalable systems and coordinated defenses that disrupt adversaries before they cause harm
  • Build and operationalize a comprehensive "Universe of Threats" by identifying, tracking, and prioritizing adversaries across phishing, scams, impersonation, fraud, and infrastructure abuse
  • Establish and mature a proactive threat intelligence lifecycle by developing industry partnerships, collaborating with trusted peers and federal authorities, and cultivating online personas to generate early warning capabilities that protect Robinhood’s business operations
  • Investigate attacker infrastructure across domains, DNS, certificate transparency logs, cloud providers, and telecom platforms, and convert findings into concrete detections, controls, and customer protections
  • Coordinate threat actor infrastructure takedowns with hosting providers, domain registrars, cloud platforms, and other infrastructure partners to disrupt adversary operations at scale
  • Design and automate intelligence workflows using OSINT tooling, enrichment pipelines, data analysis tools, and case management systems to scale analysis and reporting
  • Partner directly with Detection & Response, Automation, Customer Trust & Safety (Fraud and Financial Crimes), Security Engineering, Corporate Security, Risk, and executive leaders to prioritize threats based on measurable business risk
What we offer
What we offer
  • Challenging, high-impact work to grow your career
  • Performance-driven compensation with multipliers for outsized impact, bonus programs, equity ownership, and 401(k) matching
  • Best-in-class benefits to fuel your work, including 100% paid health insurance for employees with 90% coverage for dependents
  • Lifestyle wallet — a highly flexible benefits spending account for wellness, learning, and more
  • Employer-paid life & disability insurance, fertility benefits, and mental health benefits
  • Time off to recharge including company holidays, paid time off, sick time, parental leave, and more
  • Exceptional office experience with catered meals, events, and comfortable workspaces
  • Fulltime
Read More
Arrow Right

Cyber Security Analyst

We are seeking a detail-oriented and proactive Cyber Security Analyst with 2–3 y...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
coinshares.com Logo
CoinShares
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2-3 years of experience in a cyber security analyst or similar role
  • Bachelor’s degree in Cyber Security, Information Technology, Computer Science, or related field
  • Relevant certifications (e.g., CompTIA Security+, CEH, GSEC, SSCP)
  • Experience in the financial services sector or other regulated environments would be advantageous
  • Solid understanding of information security principles and threat landscapes
  • Demonstrated experience with security monitoring and analysis tools (e.g., CrowdStrike, Rapid7, Qualys, Wiz)
  • Familiarity with network protocols, firewall configurations, and common attack vectors
  • Experience in incident detection, analysis, and response
  • Working knowledge of security frameworks and regulations (NIST, CIS, GDPR)
  • Basic scripting skills (e.g., Python, PowerShell, Bash) are a plus
Job Responsibility
Job Responsibility
  • Monitor and respond to security alerts from various tools (e.g., SIEM, IDS/IPS, EDR)
  • Investigate security incidents, conduct root cause analysis, and support incident response
  • Assist in the implementation and maintenance of security controls and policies
  • Support vulnerability scanning, patch management, and remediation efforts
  • Work with IT and DevOps teams to ensure secure system configurations and deployments
  • Analyse threat intelligence feeds and assess risks relevant to the financial sector
  • Assist with compliance efforts (e.g.ISO 27001, SOC 2) and internal audits
  • Contribute to security awareness training and phishing simulation programs
  • Maintain documentation related to security operations and incident handling
Read More
Arrow Right

Security Operation Center Cyber Fraud and Web Application Defense Analyst

This is an intermediate level position responsible for leading efforts to preven...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-8 years of relevant experience in SOC
  • Relevant experience in cyber fraud is a plus
  • Following Certifications will be considered a plus: [CISSP, GWAPT and CFE]
  • Bachelor’s degree/University degree or equivalent experience
  • Strong knowledge of current Digital Fraud trends including common Account Takeover techniques
  • Deep understanding of Application Layer Protocols (HTTP) and OWASP Top 10, including detection of common web application vulnerabilities
  • Knowledge of cutting-edge threats and technologies affecting Web Applications
  • Consistently demonstrates clear and concise written and verbal communication
  • Proven influencing and relationship management skills
  • Proven strong analytical skills
Job Responsibility
Job Responsibility
  • Actively monitoring, researching, and assessing security events to identify and analyze web application attacks and digital fraud
  • Specialized in detecting and responding to threats such as Account Takeovers (ATO), Distributed Denial of Service (DDoS) attacks, common web application vulnerabilities (e.g., Cross-Site Scripting, SQL injection, command injection), and anomalies in financial transactions
  • Follow pre-defined actions to handle BAU and high severity issues including escalating to other support groups
  • Execute daily ad hoc tasks or lead small projects as needed
  • Perform assessment as well as troubleshooting to help isolate technical issues with the integration of fraud monitoring technologies
  • Identify areas for tuning use cases to enhance monitoring value
  • Engage with Fraud Policy, Operations, Strategy and other teams for early detection, prevention, and mitigation of detected fraudulent activities
  • Fulltime
Read More
Arrow Right

Security Operation Center (SOC) Cyber Fraud and Web Application Defense Analyst

This is an intermediate level position responsible for leading efforts to preven...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-8 years of relevant experience in SOC
  • Relevant experience in cyber fraud is a plus
  • Following Certifications will be considered a plus: [CISSP, GWAPT and CFE]
  • Bachelor's degree/University degree or equivalent experience
  • Strong knowledge of current Digital Fraud trends including common Account Takeover techniques
  • Deep understanding of Application Layer Protocols (HTTP) and OWASP Top 10, including detection of common web application vulnerabilities
  • Knowledge of cutting-edge threats and technologies affecting Web Applications
  • Experience with vulnerability assessment as well as penetration testing
  • Experience with any scripting language and Splunk
  • Understanding of various operating systems (Windows/UNIX), and web technologies (focusing on Internet security)
Job Responsibility
Job Responsibility
  • Actively monitoring, researching, and assessing security events to identify and analyze web application attacks and digital fraud
  • Specialized in detecting and responding to threats such as Account Takeovers (ATO), Distributed Denial of Service (DDoS) attacks, common web application vulnerabilities (e.g., Cross-Site Scripting, SQL injection, command injection), and anomalies in financial transactions
  • Follow pre-defined actions to handle BAU and high severity issues including escalating to other support groups
  • Execute daily ad hoc tasks or lead small projects as needed
  • Perform assessment as well as troubleshooting to help isolate technical issues with the integration of fraud monitoring technologies
  • Identify areas for tuning use cases to enhance monitoring value
  • Engage with Fraud Policy, Operations, Strategy and other teams for early detection, prevention, and mitigation of detected fraudulent activities
  • Fulltime
Read More
Arrow Right
New

Intelligence Senior Analyst - Assistant Vice President

Citi Security and Investigative Services (CSIS) is a full-service security and i...
Location
Location
Hungary , Budapest
Salary
Salary:
12211560.00 - 20474640.00 Ft / Year
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience relating to open source intelligence analysis for investigations, threat monitoring, or intelligence targeting
  • previous analytical experience within corporate investigations, the intelligence community, or law enforcement preferred
  • Bachelor's degree (or equivalent experience) required
  • advanced degrees are welcomed
  • certifications from EC-Council, ACFE, SANS Institute, IntelTechniques, or graduate certification(s) in relevant technical or specialty areas a plus
  • demonstrable ability to collect, evaluate, interpret, and analyze data, with a strong knowledge of analytical techniques
  • strong analytical skills to filter, prioritize and validate potentially complex and dynamic material from multiple sources
  • proven record of accomplishment in information gathering, monitoring, and analysis pertaining to matters in various geographical locations, including strong use of commercial databases, surface, deep and dark web, and social media
  • excellent communication (oral and written) skills with attention to detail
  • established project management skills
Job Responsibility
Job Responsibility
  • Lead open source analysis for CSIS investigations involving fraud, cyber, insider, and other security threats facing the firm
  • Use advanced techniques to monitor threats and collect data from multiple open sources, including social media, the deep and the dark web, to support intelligence questions
  • Apply advanced qualitative and quantitative analytical methodologies to turn information and data into actionable intelligence, including but not limited to link analysis and digital footprint analysis
  • Anticipate, identify and develop innovative solutions to intelligence gaps
  • Partner with internal and external stakeholders on open source methodologies and tools where appropriate to close identified gaps
  • Deliver analysis and findings in the form of high quality, succinct, and straightforward written products and oral briefings
  • Manage multiple projects simultaneously with a proactive, self-motivated approach, ensuring timely delivery of high-quality results while collaborating effectively with global teams
What we offer
What we offer
  • Cafeteria Program
  • Home Office Allowance (for colleagues working in hybrid work models)
  • Paid Parental Leave Program (maternity and paternity leave)
  • Private Medical Care Program and onsite medical rooms at our offices
  • Pension Plan Contribution to voluntary pension fund
  • Group Life Insurance
  • Employee Assistance Program
  • Access to a wide variety of learning and development programs, online course libraries and upskilling platforms, such as Udemy and Degreed
  • Flexible work arrangements to support you in managing work - life balance
  • Career progression opportunities across geographies and business lines
  • Fulltime
Read More
Arrow Right

Senior Intelligence Analyst

Are you looking for a career move that will place you in a global financial orga...
Location
Location
Hungary , Budapest
Salary
Salary:
12211560.00 - 20474640.00 HUF / Year
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in a combination of cyber threat intelligence, financial crime investigation, fraud analysis, or law enforcement roles with a focus on BEC, wire fraud, or cyber-enabled financial crime. Prior experience in a financial institution, government agency, law enforcement, or financial intelligence unit (FIU) environment is strongly preferred.
  • Bachelor's degree (or equivalent experience) required
  • advanced degrees are welcomed, preferably in a STEM major, computer science, cyber security, or cyber technology.
  • Certifications from EC-Council, GIAC, (ISC)² [CISSP, C/EH, GCIA, CCNA] or relevant technical or specialty areas are a plus, or willingness to earn within 12 months of joining.
  • Subject matter expertise in business email compromise — including vendor email compromise (VEC), CEO fraud, payroll diversion, real estate wire fraud, and invoice manipulation schemes — with a thorough understanding of actor tactics, techniques, and procedures at each stage of the attack lifecycle.
  • Strong understanding of the industry's most frequently targeted by BEC actors, including real estate and title companies, legal firms, healthcare, manufacturing, construction, government contractors, and financial services, with the ability to tailor intelligence products to sector-specific risk profiles.
  • Proficiency in open-source intelligence (OSINT) techniques including domain and email header analysis, WHOIS and passive DNS investigation, social media intelligence, dark web monitoring, and fraudulent infrastructure identification.
  • Experience with link analysis platforms such as Palantir, Maltego, or i2 Analyst's Notebook to map actor networks, financial flows, and entity relationships across complex multi-jurisdictional cases.
  • Working knowledge of financial crime typologies including trade-based money laundering, layering techniques, and the use of cryptocurrency exchanges and peer-to-peer platforms to convert and obscure BEC proceeds.
  • Experience with scripting languages such as Python or similar tools for automating intelligence collection, data enrichment, and pattern analysis across large datasets.
Job Responsibility
Job Responsibility
  • Serve as the primary subject matter expert on business email compromise, wire fraud, and cyber-enabled financial crime, maintaining current and comprehensive knowledge of actor methodologies, fraud typologies, and evolving attack vector.
  • Apply in-depth disciplinary knowledge to triage, process, analyze, intelligence alerts, reports, and briefings
  • Monitor and research cyber threats (with a strong focus on Business Email Compromise (BEC) and wire fraud) with a direct or indirect impact to the Citi brand
  • Monitor open-source, dark web, and proprietary intelligence sources for emerging BEC campaigns, compromised credential markets, fraudulent domain registrations, and threat actor communications targeting financial institutions and their clients
  • Assess cyber threat data and correlate with existing understanding of cyber threats impacting the Citi franchise
  • Ascertain the impact of an attack and develop threat trends to assess their overall impact and inform senior decision makers
  • Produce timely, accurate, and actionable intelligence reports, bulletins, and briefings for consumption by fraud operations, client advisory teams, compliance, legal, and senior leadership stakeholders.
  • Engage in liaison activities with intelligence communities, law enforcement, industry partners, peer financial institutions, and information sharing communities
  • Complete the daily operational components of the intelligence mission
  • Assume informal/formal mentor role within teams and assist with the coaching and training of new team members
What we offer
What we offer
  • Cafeteria Program
  • Home Office Allowance (for colleagues working in hybrid work models)
  • Paid Parental Leave Program (maternity and paternity leave)
  • Private Medical Care Program and onsite medical rooms at our offices
  • Pension Plan Contribution to voluntary pension fund
  • Group Life Insurance
  • Employee Assistance Program
  • Access to a wide variety of learning and development programs, online course libraries and upskilling platforms, such as Udemy and Degreed
  • Flexible work arrangements to support you in managing work - life balance
  • Career progression opportunities across geographies and business lines
  • Fulltime
Read More
Arrow Right

Counter Threat Finance Analyst

Amentum is a global leader in advanced engineering and innovative technology sol...
Location
Location
United States , Fort Bliss
Salary
Salary:
118000.00 - 125000.00 USD / Year
amentum.com Logo
Amentum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • High School diploma with 10+ years of relevant experience OR Bachelor’s/Master’s with 5+ years of experience
  • Must have a valid/ active Top Secret/ SCI Government Security Clearance
  • Background in Counter Threat Finance, Counter Narcotics, Counterterrorism—and familiarity with intelligence disciplines such as HUMINT, SIGINT, or law enforcement/regulatory investigations
  • Experience with Bank Secrecy Act reporting mechanisms (e.g., Suspicious Activity Reports)
  • Proficiency using intelligence tools such as Palantir, Google Earth, Analyst Notebook, TAC, DataXplorer, or Voltron Suite
  • Strong understanding of interagency processes, intelligence oversight, and analytical methodologies
  • Solid skills in Microsoft Office and data exploitation tools
  • US Citizenship is required to maintain a Top Secret / SCI Clearance
Job Responsibility
Job Responsibility
  • Conduct in-depth Counter Threat Finance (CTF) and Threat Finance Intelligence (TFI) analysis to disrupt and dismantle illicit financial activities
  • Support law enforcement and Department of Defense missions targeting financial networks tied to criminal and national security threats
  • Create high-quality intelligence products including Action Plans, Target Packages, Analytical Reports, and Executive Briefings
  • Collaborate across agencies to strengthen information-sharing and provide actionable operational recommendations
  • Contribute to policy development and program initiatives that shape future strategies
  • Monitor, assess, and present insights on emerging threats and TFI data to leadership and stakeholders
What we offer
What we offer
  • Health, dental, and vision insurance
  • Paid time off and holidays
  • Retirement benefits (including 401(k) matching)
  • Educational reimbursement
  • Parental leave
  • Employee stock purchase plan
  • Tax-saving options
  • Disability and life insurance
  • Pet insurance
  • Fulltime
Read More
Arrow Right

Counter Threat Finance Analyst (B27)

Amentum is a global leader in advanced engineering and innovative technology sol...
Location
Location
United States , Chantilly
Salary
Salary:
130000.00 - 140000.00 USD / Year
amentum.com Logo
Amentum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • High School Graduate or G.E.D. with ten (10) years of specialized experience OR Bachelor's/Master's degree and 5 years of specialized experience
  • Must have a valid/ active Top Secret/ SCI Government Security Clearance. Note: US Citizenship is required to maintain a Top Secret / SCI Clearance
  • Finance-specific analytical experience dealing with identifying / detecting, targeting, and interdicting threat, terrorist, and/or criminal finance activities, and networks
  • Experience shall include CTF, and may include human intelligence and signals reporting, criminal and regulatory investigations, cases for designation, and experience with Bank Secrecy Act reporting mechanisms such as Suspicious Activity Reports (SAR)
  • Be competent in utilizing Specialized Intelligence Analysis tools (i.e., Proton, KaChing, DataXplorer, and Voltron Suite)
  • Be competent in utilizing Intelligence Report Aggregators/Automated Message Handling System search tools (i.e., TAC, RMT, and NGT, Horizon)
  • Be competent in utilizing Intelligence Data Visualization Tools (i.e.Google Earth, Palantir, and, Analyst Notebook, Target Cop)
  • Be proficient in utilizing the Microsoft Office suite applications
  • Be proficient in utilizing existing and new analytical tools to effectively exploit raw financial data, business registry, and corporate company data
  • Be knowledgeable of interagency threat finance cells
Job Responsibility
Job Responsibility
  • Support Threat Finance Intelligence (TFI) analysis and facilitate Intel Agencies other DoD CTF activities throughout the Customer AOR
  • Work with multiple USG law enforcement agencies and U.S. military organizations
  • Provide intelligence analysis services pursuant to 10 U.S.C. 284 and to Section 1022 of the NDAA for FY 2004, as amended
  • Provide CTF/TFI analysis that contributes to DoD strategic, operational, and tactical support to law enforcement agencies
  • Provide CTF/TFI analysis to enable identifying, detecting, and providing targeting and interdiction recommendations for CD/CTOC/CT activities
  • Provide support to the planning, organizing, and coordinating of CTF activities in respective CCMD AORs/AOIs, and in support of other DoD Components’ efforts to support law enforcement agencies
  • Monitor and provide CTF/TFI-related advice on finance-oriented assessments that contribute to DoD’s support to law enforcement agencies’ development of case files, evidentiary material, and designation packages, to include actionable intelligence
  • Provide briefings to DoD Component leadership and provide analytical products to support DoD briefings to law enforcement agency personnel
  • Assist in the development of TFI analysis-derived action plans, papers, reports, and target packages
  • Provide program and policy support including, but not limited to: provide support for CTF-focused conferences
What we offer
What we offer
  • Health, dental, and vision insurance
  • Paid time off and holidays
  • Retirement benefits (including 401(k) matching)
  • Educational reimbursement
  • Parental leave
  • Employee stock purchase plan
  • Tax-saving options
  • Disability and life insurance
  • Pet insurance
  • Fulltime
Read More
Arrow Right