Sr. Intelligence Analyst

At FS-ISAC, how we work matters as much as what we do. We believe in:

• Collaboration - across members, partners, and internal teams.
• Collective success - wins are celebrated as a community.
• Humility & curiosity - staying open, learning continuously.
• Open feedback - role-modeling growth through candid, constructive input.

POSITION SUMMARY

The Senior Intelligence Analyst (IA) is a senior position reporting to the EMEA Intelligence Officer. The Senior Intelligence Analyst will be part of FS-ISAC's Global Intelligence Office (GIO). GIO is responsible for formal threat-sharing, analysis, and analytical reporting for its members. This is a diverse, global team in a fast-paced environment.

Senior IAs deliver insight and greater understanding of cybersecurity, geopolitical, socio-economic, and cyber-enabled threats faced by the global financial system. Senior IAs must understand and communicate effectively about threat actors' capabilities, intent, and drivers, connecting these insights to the broader strategic landscape.

This position involves conducting high-level strategic analysis and producing intelligence deliverables for FS-ISAC members worldwide. It requires strong expertise in intelligence tradecraft, a comprehensive technical understanding of the Tactics, Techniques, and Procedures (TTPs) used by threat actors, strong written and verbal communication skills, and the ability to plan and deliver products and projects with minimal supervision. Fluency in English is required, proficiency in an additional language is a plus. Travel is required based on organizational needs. This position may require working on weekends and odd hours, as well as being part of and maintaining on-call capability in the region.

KEY RESPONSIBILITIES

• Conduct multiple-source intelligence analysis on current and emerging cyber threats in written and/or oral format.
• Craft timely, finished operational and strategic intelligence analysis reports with concise and structured writing skills.
• Develop and maintain operational relationships with key agencies that can provide threat intelligence and insight to the private sector and vice versa. This includes different public-private partnerships.
• Lead projects, mentor analysts, and assume responsibilities as requested. Additionally, provide feedback on existing processes and drive improvements to internal processes and products.
• Interact with FS-ISAC members in person and virtually, engaging with them on threat intelligence and analytical projects.
• Handle sensitive data as per TLP designations and ensure members' specific dissemination and reporting requirements are respected.
• Sector incident response responsibilities are a requirement of this position. As sector-level incidents occur related to EMEA or a hybrid of threats that could impact EMEA members, the Senior Intelligence Analyst may be required to support the EMEA Intelligence Officer and the Chief Intelligence Officer with sector-level response and information sharing, as appropriate. This may require working on weekends and odd hours, as well as being part of and maintaining on-call capability in the region.
• This role requires teamwork and collaboration skills. It must work with team members across all regions of the globe, including supporting Communities of Interest (COIs), Working Groups, and member-facing efforts.
• Serve as a lead on tasks including threat calls, major intelligence products, etc.
• Work in a hybrid, global team environment able to collaborate effectively across time zones (EMEA, Americas, APAC).

KEY QUALIFICATIONS

• Intelligence Analysis Skills - 7 to 10 years of intelligence analysis experience with an understanding of cybersecurity, geopolitical, and economic triggers that influence the threat landscape.
• Analytical Writing Proficiency - Skilled in producing clear, well-structured analytical and impactful reports with a strong understanding of core intelligence principles and the ability to tailor content to different audiences.
• Technical Expertise - Comprehensive understanding of threat actors' TTPs and tooling, coupled with the ability to effectively communicate technical insights to non-technical stakeholders.
• Effective Communication - Strong verbal communication skills, enabling effective collaboration across multidisciplinary teams and the confident delivery of findings to both technical and non-technical stakeholders.
• Time and Task Management - Proven ability to manage multiple concurrent reporting tasks while maintaining high standards of quality and meeting deadlines consistently. Additionally, the ability to provide high-quality reports under time pressure.
• Relationship Building - Skilled in establishing and maintaining relationships with the intelligence community, law enforcement, and international stakeholders. This position requires a good understanding of Public-Private-Partnership, including the differences between public and private sector intelligence requirements.

BASIC QUALIFICATIONS

• Formal intelligence analyst training is required, with an openness to participate in community engagement in addition to core analytical duties.
• Good understanding of threat actors' TTPs and tooling attacking the financial sector.

PREFERRED QUALIFICATIONS

• Leadership experience in mentoring analysts or managing deliverables.
• Demonstrated ability to work independently and think ahead to identify and resolve potential issues early.
• Experience working in both public and private sectors is highly preferred. Experience within the financial sector (e.g. retail banking, insurance, etc.) is an asset.
• Self-motivated and results-oriented, with strong problem-solving skills.
• Knowledge in Elastic/Kibana or other visualization tools for data visualization, analysis, and monitoring. Alternatively, experience in a threat intelligence platform (TIP) may suffice.
• Knowledge and application of MITRE ATT&CK and similar frameworks to intelligence products for member reporting.

EDUCATION AND EXPERIENCE

• Bachelor's degree or equivalent practical experience.
• 7 years of relevant analytical experience is required.
• 3-5 years of experience in cybersecurity with a focus on strategic analysis is preferred.
• Knowledge of network intrusion, malware, and vulnerabilities, as well as cybercrime, economic crime, or anti-money laundering threat trends, is an asset.
• Familiarity with EMEA cybersecurity organizations, regulations, etc. is preferred.

BACKGROUND

The Financial Services Information Sharing and Analysis Centre (FS-ISAC) is a non-profit entity that advances cybersecurity and resilience in the global financial system, protecting financial institutions and the people they serve. FS-ISAC is headquartered in the United States and has regional offices in the United Kingdom, the Netherlands, Australia, and Singapore. For more information, visit our website at .

WORK ENVIRONMENT

This is a hybrid position and will work from FS-ISAC's London Office, utilizing a hybrid office schedule with at least two days per week in the office. Regardless of work location, the position requires a professional work environment, and the candidate must be able to meet the physical demands associated with the professional environment. Reasonable accommodation may be provided to enable individuals with disabilities to perform essential functions.

FS-ISAC has reviewed this description to ensure that essential functions and basic duties have been included. It is not intended to be construed as an exhaustive list of all functions, responsibilities, skills, and abilities. Supervisors may assign additional functions and requirements as appropriate. All candidates must already be authorized to work in the United Kingdom.

FS-ISAC provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, or genetics. In addition to federal law requirements, FS-ISAC complies with applicable federal and local laws governing nondiscrimination in employment in every location in which the company has facilities.