Cyber Threat Intelligence (CTI) Manager

Why Choose Bottomline

Are you ready to transform the way businesses pay and get paid Bottomline is a global leader in business payments and cash management with over 35 years of experience and moving more than $16 trillion in payments annually. Were looking for passionate individuals to join our team and help drive impactful results for our customers. If youre dedicated to delighting customers and promoting growth and innovation - we want you on our team!

Location: This role is Remote based; Candidates can be located in the US or EU markets.

The Role

The Cyber Threat Intelligence Manager is a critical leadership role responsible forestablishing managing and advancing the organizations threat intelligence capabilities within the fintech and payment processing ecosystem. This position requires a strategic mindset combined with hands-on technicalexpertiseto deliver actionable intelligence that drives risk-informed decision-making across the enterprise. The successful candidate will serve as the primary intelligence authority translating complex threat landscapes into clear actionable insights for both technical and executive audiences while building a mature scalable threat intelligence program aligned with businessobjectives.

How youll contribute

Threat Intelligence Program Leadership

• Lead the design implementation and ongoing maturation of the enterprise threat intelligence program in partnership with the Senior Director of Security Operations and Senior Manager of Threat and Vulnerability Management

• Deploy and operationalize the organizations threat intelligence platform ensuring integration with existing security infrastructure and maximizing operational efficiency

• Establish andmaintainintelligence collection requirements prioritization frameworks and dissemination protocols tailored to stakeholder needs

• Develop andmaintainrelationships with external intelligence sharing communities industry groups ISACs and government agencies relevant to financial services

Intelligence Production and Analysis

• Produce high-quality strategic operational and tactical intelligence products addressing threat actor TTPs emerging attack vectors and sector-specific risks affecting payment processing operations

• Analyze threat data from multiple sources toidentifytrends patterns and indicators of compromise relevant to the organizations attack surface

• Translate technical threat intelligence into actionable recommendations for security operations incident response and risk management teams

• Deliver regular intelligence briefings to the Senior Director of Security Operations CISO and other executive stakeholders on the evolving threat landscape

Cross-Functional Operations and Incident Support

• Serve as the fusion operations lead coordinating intelligence-driven response across fraud security and privacy teams during complex cross-functional incidents

• Provide intelligence support to vulnerability management operations including threat context for prioritization decisions and exploitation likelihood assessments

• Support US hours coverage for vulnerability management activities when the Senior Managerrequiresoperationalassistance

• Collaborate with the SOC incident response and detection engineering teams to ensure intelligence is operationalized into defensive capabilities

Stakeholder Engagement and Requirements Management

• Establish and manage intelligence requirements from diverse stakeholders across risk management compliance fraud prevention application security and business units

• Develop tailored intelligence products and briefings appropriate to audience technical sophistication and organizational role
• Serve as the subject matter expert on cyber threat intelligence for internal and external engagements including audits regulatory inquiries and board presentations

If you have the attributes skills and experience listed below we want to hear from you.

Education

• Masters degree in Cybersecurity Information Security Computer Science Information Technology or related technical field

• Relevant professional certifications such as GCTI GIAC CISSP CISM or equivalent strongly preferred

Professional Experience

• 3-5years of progressive cybersecurity experience with at least 2 years in threat intelligence security operations or incident response roles

• Demonstrated experience working in financial services fintech payment processing or insurance sectors with understanding of sector-specific threats

• Hands-on experience with threat intelligence platforms SIEM technologies and security data analysis tools

• Exposure to vulnerability management practices including risk-based prioritization remediation workflows and metrics development

Technical Competencies

• Strong understanding of the cyber threat landscape including threat actor motivations capabilities and TTPs relevant to financial services

• Familiarity with threat intelligence frameworks including MITRE ATT&CK Cyber Kill Chain Diamond Model and intelligence lifecycle methodologies

• Knowledge of corporate supply chain risk management principles and third-party risk assessment practices

• Proficiencyin intelligence analysis techniques and structured analytic methods

• Understanding of how threat intelligence informs and enhances enterprise risk management programs

PREFERRED QUALIFICATIONS

• Experience implementing or managing threat intelligence platformsor similar technologies

• Familiarity with payment card industry (PCI) standards regulatory requirements and compliance frameworks applicable to payment processing

• Previousexperience in fusion center or multi-disciplinary coordination roles

CORE COMPETENCIES

• Analytical Thinking: Ability to synthesize complex disparate data sources into coherent intelligence assessments and actionable recommendations

• Communication Excellence: Superior written and verbal communication skills with ability to tailor messaging for technical and non-technical audiences

• Strategic Vision: Capacity to balance immediate operational needs with long-term program development objectives

• Collaboration: Proven ability to build effective relationships across organizational boundaries and influence without direct authority

• Adaptability: Comfortable operating in fast-paced high-stakes environments with evolving priorities and emerging threats

• Initiative: Self-directed work ethic with ability toidentifygaps and proactively develop solutions

• Leadership Potential:Demonstratesreadiness for future people management responsibilities through mentorship knowledge sharing and team contribution

REPORTING STRUCTURE

Strategicand Day-to-DayReporting:Senior Director of Security Operations

This position may have limited people management responsibilities as the threat intelligence function scales.

WORKING CONDITIONS

This positionoperatesin a professional office environment with standard business hours though occasional evening or weekend work may berequiredto support incident response activities or accommodate stakeholder schedules across multiple time zones. The role requires extended periods of computer use for data analysis and report generation. Some travel may berequiredfor conferences training or meetings with industry partners.

This job description is intended to convey information essential to understanding the scope of the position and is not an exhaustive list of skills efforts duties responsibilities or working conditions associated with it. Management reserves the right tomodify add or removedutiesas necessary.

#LI-AD1

We welcome talent at all career stages and are dedicated to understanding and supporting additional needs. Were proud to be an equal opportunity employer committed to creating an inclusive and open environment for everyone.