Cyber Threat Intelligence Analyst

Calling all innovators - find your future at Fiserv.

We're Fiserv, a global leader in Fintech and payments, and we move money and information in a way that moves the world. We connect financial institutions, corporations, merchants and consumers to one another millions of times a day - quickly, reliably, and securely. Any time you swipe your credit card, pay through a mobile app, or withdraw money from the bank, we're involved. If you want to make an impact on a global scale, come make a difference at Fiserv.

Job Title

Cyber Threat Intelligence Analyst

What does a successful Cyber Threat Intelligence Analyst do?

You will be a core member of our Cybersecurity Operations team, responsible for identifying, tracking, and translating emerging cyber threats into actionable intelligence that protects our platforms, customers, and financial infrastructure. This role operates across tactical, operational, and strategic intelligence disciplines, with a specialized focus on threats targeting the financial services and fintech ecosystem. You will bring tradecraft experience in financial sector threat intelligence, and the ability to deliver actionable, intelligence-driven insights that directly inform the broader security organization, cybersecurity functions, and other stakeholders to ensure intelligence is ready to inform security outcomes.

What will you do:

• Operationalize the Intel Lifecycle: Execute the full intelligence lifecycle to perform fusion analysis, develop adversary profiles focused on financial sector threats, produce finished intelligence products across tactical, operational, and strategic levels.

• Tactical Detection Support: Contextualize threat behavior and anticipate adversary actions, translate analyzed TTPs into technical signatures to directly support the SOC and Detection Engineering teams.

• Intelligence-Driven Threat Hunting: Collaborate with the Threat Hunting team to develop hypotheses based on observed adversary behaviors and regional trends, moving beyond simple Indicator of Compromise (IoC) matching.

• Threat and Vulnerability Context: Support attack surface management team, provide intelligence-driven vulnerability prioritization, identify emerging threats and exploitation trends.

• Adversary Emulation: Provide intelligence support for Red Team or Purple Team exercises by profiling relevant threat actors to ensure testing remains realistic and impactful.

• Strategic & Geopolitical Analysis: Analyze global conflicts and economic stability to translate complex threat activities into structured business solutions and "so-what" summaries for leadership.

• Program Development and Engagement: Contribute to the maturation of the CTI program by developing and refining collection requirements, intelligence workflows, reporting templates, and analytic tradecraft standards.

• Production and Reporting: Produce high-quality tactical, operational, and strategic intelligence products including daily threat briefings, threat actor profiles, vulnerability assessments, and executive threat summaries. Deliver timely and actionable intelligence to internal stakeholders.

What you will need to have:

• 5+ years of experience as a threat intelligence analyst, threat hunting, counter adversary operations or incident response.

• Understanding of the intelligence cycle, cyber kill chain, MITRE ATTACK, and adversary TTP’s

• Demonstrated experience producing finished intelligence products (threat briefs, actor profiles, strategic assessments) for both technical and executive audiences

• A strong foundation in network security, vulnerability exploitation concepts, and technical threat analysis.

• Experience with CTI platforms (e.g., Google Threat Intelligence, Anomali) and a working knowledge of SIEM/SOAR technologies for intelligence integration.

• Ability to translate threats into business risks

• Exceptional written communication skills with the ability to produce clear, concise, and relevant intelligence products for diverse audiences.

• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field and/or equivalent military experience.

What would be great to have:

• Relevant certifications such as GCTI, CISSP, CISM, or GSEC.

• Experience in financial services or regulated environments

• Malware analysis or infrastructure tracking knowledge

• Experience with information sharing groups

• Automation/scripting skills

Important information about this role:

• We’re better together! This role is fully on-site.

• This is a full-time, direct-hire position, and no contract options or unsolicited agency submissions will be considered.

• You must currently possess valid and unrestricted U.S. work authorization to be considered for this role. Individuals with temporary visas including, but not limited to, F‑1 (OPT, CPT, STEM), H‑1B, H‑2, or TN, or any candidate requiring sponsorship, now or in the future, will not be considered for this role.

#LI-RM1

Salary Range

$110,000.00 - $186,000.00

These pay ranges apply to employees in New Jersey and New York. Pay ranges for employees in other states may differ.

It is unlawful to discriminate against a prospective employee due to the individual's status as a veteran.

For incentive eligible associates, the successful candidate is eligible for an annual incentive opportunity which may be delivered as a mix of cash bonus and equity awards in the Company’s sole discretion.

Thank you for considering employment with Fiserv. Please:

• Apply using your legal name

• Complete the step-by-step profile and attach your resume (either is acceptable, both are preferable).

Our commitment to Equal Opportunity:

Fiserv is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, gender, gender identity, sexual orientation, age, disability, protected veteran status, or any other category protected by law.

If you have a disability and require a reasonable accommodation in completing a job application or otherwise participating in the overall hiring process, please contact View email address on click.appcast.io . Please note our AskHR representatives do not have visibility to your application status. Current associates who require a workplace accommodation should refer to Fiserv’s Disability Accommodation Policy for additional information.

Note to agencies:

Fiserv does not accept resume submissions from agencies outside of existing agreements. Please do not send resumes to Fiserv associates. Fiserv is not responsible for any fees associated with unsolicited resume submissions.

Warning about fake job posts:

Please be aware of fraudulent job postings that are not affiliated with Fiserv. Fraudulent job postings may be used by cyber criminals to target your personally identifiable information and/or to steal money or financial information. Any communications from a Fiserv representative will come from a legitimate Fiserv email address.