Intelligence Lead Analyst - OSINT Threat Hunting
$117.44k - $176.16kCiti
Go beyond traditional analysis and become a proactive threat hunter at the heart of Citi's global security operations. The CSIS Advanced Analytics and Cyber OSINT program seeks a senior Intelligence Lead Analyst to design, lead, and mature our threat hunting capabilities. In this pivotal role, you will transform open-source information into actionable intelligence, safeguarding the assets, integrity, and reputation of Citi and its clients against emerging threats. CSIS Intelligence Advanced Analytics and Cyber OSINT — Program Description Citi Security and Investigative Services (CSIS) is a full-service security and investigative team that protects the assets, integrity, and reputation of Citi and its clients as the industry-leading provider of security, investigations, and intelligence. The CSIS Advanced Analytics and Cyber OSINT program delivers timely, actionable intelligence to Citi stakeholders through collection and analysis using both open-source and internal data sources, supporting complex financial crime investigations, cyber-enabled fraud matters, and high-risk security events. The program drives efficiencies through the creation, integration, and deployment of custom analytical tools and intelligence capabilities into the hands of analysts and investigators across the enterprise. Job Description: The Intelligence Lead Analyst (Open Source Intelligence - Threat Hunting) is a senior-level intelligence analyst position responsible for designing, leading, and maturing Citi's proactive threat hunting and cyber Open Source Intelligence (OSINT) capabilities. The role goes beyond reactive analysis: the incumbent will drive hypothesis-driven hunt operations across Citi's global enterprise environment, operationalize cyber threat intelligence into detection engineering, and serve as a subject matter expert on adversary tradecraft, tactics, techniques, and procedures (TTPs), and emerging threat actor campaigns targeting the financial sector. The role requires deep expertise in the cyber threat intelligence lifecycle, adversary emulation, and the ability to translate complex intelligence into actionable outcomes for Investigations, Security, and other stakeholders. Responsibilities: Analyze regional threat data and determine a correlation if any, to existing intelligence requirements Monitor and research cyber threats with a direct or indirect impact to the Citi brand Research and identify malicious activity by performing post-mortem analysis on logs, traffic flows, and other activities Conduct intrusion analyses to ascertain the impact of an attack, and develop mitigation techniques for future attacks Evaluate networks and programs to assess potential weaknesses and points of entry Analyze and present to senior leadership discovered patterns to forecast future cyber-attacks and their potential impact Liaise with intelligence communities, law enforcement, industry partners, peer financial institutions, and information sharing communities Triage, process, analyze, and disseminate intelligence alerts, reports, and briefings Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency. Qualifications: 6-10 years of relevant experience Should have a working knowledge in one or more of the following areas: Advanced Persistent Threat, Third Party Risks/Threats, Cybercrime, Extremist Groups and Cyber Terrorists, Hacktivism, Distributed Denial of Service attacks, Fraud, Malware, Mobile Threats Proven track record of operationalizing cyber threat intelligence — translating raw intelligence into detections, hunt packages, and risk-relevant reporting. Consistently demonstrates clear and concise written and verbal communication Proven influencing and relationship management skills Proven analytical skills Education: Bachelor’s degree/University degree or equivalent experience Master’s degree preferred (Advanced degree preferred, ideally in Computer Science, Cybersecurity, Information Security, or a related STEM discipline) Additional valued certifications include: CREST CCTIM, Recorded Future Certified Analyst, CISSP, CEH, or OSCP. Required Skills: Proficiency in the MITRE ATT&CK framework — mapping adversary TTPs, building hunt hypotheses, and driving detection coverage analysis. Hands-on experience with Threat Intelligence Platforms including Recorded Future, Mandiant Advantage, ThreatConnect, MISP, or OpenCTI. Experience with scripting and automation languages including Python, PowerShell, and Bash for intelligence collection, enrichment pipelines, and hunt tooling development. Advanced OSINT tradecraft including dark web monitoring, social media intelligence, infrastructure pivoting, and digital footprint analysis. Experience with link analysis platforms such as Palantir, Maltego, and i2 Analyst's Notebook, including building custom extractors, web scrapers, and automation workflows to support investigative and analytical tasks. Solid understanding of network forensics, log analysis, and reverse engineering in support of hunt operations. Working knowledge of malware analysis (static and dynamic) and adversary infrastructure analysis. Exceptional written and verbal communication skills with the ability to produce intelligence products for both technical and executive audiences, consistently demonstrating clarity, conciseness, and attention to detail. Proven influencing, relationship management, and analytical skills with a track record of driving outcomes across cross-functional teams. This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required. ------------------------------------------------------ Job Family Group: Technology ------------------------------------------------------ Job Family: Information Security ------------------------------------------------------ Time Type: Full time ------------------------------------------------------ Primary Location: NC-CHARLOTTE (BALLANTYNE) ------------------------------------------------------ Primary Location Full Time Salary Range: $117,440.00 - $176,160.00 In addition to salary, Citi’s offerings may also include, for eligible employees, discretionary and formulaic incentive and retention awards. Citi offers competitive employee benefits, including: medical, dental & vision coverage; 401(k); life, accident, and disability insurance; and wellness programs. Citi also offers paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays. For additional information regarding Citi employee benefits, please visit citibenefits.com. Available offerings may vary by jurisdiction, job level, and date of hire. ------------------------------------------------------ Most Relevant Skills Please see the requirements listed above. ------------------------------------------------------ Other Relevant Skills For complementary skills, please see above and/or contact the recruiter. ------------------------------------------------------ Anticipated Posting Close Date: Jul 03, 2026 ------------------------------------------------------ Citi is an equal opportunity employer, and qualified candidates will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other characteristic protected by law. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi. View Citi’s EEO Policy Statement and the Know Your Rights poster.
- ...A government contracting firm is seeking a Junior Intelligence Analyst to provide analytic support to the Department of Homeland Security. The role involves conducting in-depth analysis of WMD threats and contributing to relevant reports and briefings. Candidates must...Suggested
- ...All Source Intelligence Analyst Expert ***This position requires an active TS/Sensitive Compartmental... ...VEO, ESA/RMA, TCO, SIA, WMD, and other threat priorities and emerging crisis. The All... ...disciplines – GEOINT, HUMINT, SIGINT, OSINT/PAI, Cyber and SOF intelligence...SuggestedFull timeWork at officeLocal area
$105k - $111k
Amentum is seeking a professional for Threat Finance Intelligence analysis to support U.S. government efforts in identifying and disrupting financial networks associated with terrorism and crime. Responsibilities include providing intelligence analysis, facilitating cooperation...Suggested- ...apply their talents supporting customers with difficult and important mission sets. About the Role Redhorse is seeking a Lead Intelligence Analyst to serve as the operational architect and “North Star” within a cross-functional team building technology-enabled, mission...Suggested
$90.8k - $199.7k
...Senior Intelligence Analyst CACI is seeking a Senior Level (15+ years of... ...activities. Responsibilities: Lead a team of all-source... ...requirements for worldwide UxS threat technologies. Research,... ...PALANTIR, TAC, CIAWIRE, NSA PULSE, OSINT Analytical Framework. ~...SuggestedContract workWork experience placementWorldwideFlexible hours$65k - $136.5k
## Open-Source Intelligence AnalystTampa, FL, USApply NowFind out how well you... ...Open-Source Intelligence Analysts to join our growing Global Open-Source Threat Network Disruption Cell ("GOST Cell... ...media content to construct new OSINT and publicly available information...Contract workWork experience placementImmediate startFlexible hours- ...Cherokee Insights is seeking an All Source Intelligence Analyst to provide analytic support in areas of... ...VEO, ESA/RMA, TCO, SIA, WMD, and other threat priorities and emerging crisis. The... ...disciplines - GEOINT, HUMINT, SIGINT, OSINT/PAI, Cyber, and SOF - to identify gaps,...Full timeLocal area
- A leading Wealth Management firm offers a Lead Enterprise Application Security Architect role in Tampa, FL. This hybrid position focuses... ...The candidate must have expertise in web application security, threat modeling, and secure architecture design across cloud and on-...
- ...Collection and Exploitation System eXtended (US BICES-X) is a cutting-edge program supporting DoW intelligence information sharing on current and emerging global threats to mission and coalition partners and emerging nations. With an internationally dispersed team supporting...
$65k - $136.5k
## All-Source Intelligence AnalystTampa, FL, USApply NowFind out how well you match with this... ...International is hiring All-Source Intelligence Analysts to support U.S. Southern Command on an... ...Analysis to detect, deter, and defeat threat networks. As an All-Source Intelligence...Contract workWork experience placementImmediate startFlexible hours$123.41k - $160k
...comprises multi-domain operations, platforms and logistics, and intelligence operations. HII designs, develops, integrates and manages the... ...disciplines including All-Source, Targeting, Counter Threat, and SIGINT to support strategic planning, intelligence production...Full timeLocal area- ...government contractor providing leading-edge support to federal... ...growing capabilities across Intelligence, Analytics, Engineering, Mission... ...seeks a Junior Intelligence Analyst to provide analytic support to... ...prevent terrorists and other threat actors from using weapons of...For contractorsWork at officeLocal area
- CACI International Inc. is seeking an experienced Open-Source Intelligence Analyst for its Global Open-Source Threat Network Disruption Cell in Tampa, Florida. This role involves utilizing publicly available information and intelligence gathering methods to provide insights...
- MUFG is seeking a skilled Threat Modeling Specialist in Tampa, Florida, to integrate security practices into its Enterprise Information Security framework. In this role, you will manage threat modeling processes and provide security consulting to developers and engineers...Remote work
- A leading financial group is looking for a Cyber Security Threat Modeler to oversee threat modeling and enhance application security across its U.S. operations. The ideal candidate will have over 6 years of experience in secure coding and application security, alongside...Remote work
- A global financial services firm is seeking a Cyber Security Threat Modeler to integrate and execute effective threat modeling programs. Responsibilities include monitoring security, generating vulnerability reports, and providing security consulting. The ideal candidate...
- ...Draft, edit, review, and publish formal intelligence reports and assessments, including United... .... Coordinate with intelligence analysts, collection managers, and operational elements... ...of all-source intelligence assessments, threat reports, and operational summaries in...Contract work
- ...capabilities Develop summary reports and/or intelligence products The successful candidate... ...relationships Ability to lead projects or workstreams Ability to manage... ...technology to combat emerging and evolving threats. The Project Talent Model is designed...Local area
- ...more through innovation, automation, and intelligent insights. The Role Presidio has an exciting opportunity for a Security Practice Lead to join our Cybersecurity National Practice... ...and understanding of security trends, threat landscape and frameworks like the cyber kill...For contractorsLocal area
$112.84k - $140.3k
...Certified Cybersecurity Defense Analyst | Splunk - Splunk... ...Operations Cell (CSOC) Night Shift Lead and build an impactful career... ...analysts. Conduct real-time threat analysis for USCENTCOM Headquarters... ...is informed of the latest intelligence on relevant threats and...Temporary workImmediate startWorldwideFlexible hoursNight shiftDay shift$104k - $166k
...across theaters. Key Responsibilities Serve as principal lead for SMEP engagement across CCMDs; manage personnel allocation... ...at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company...Contract workFor contractorsFlexible hoursShift work$65k - $136.5k
CACI International Inc. is seeking All-Source Intelligence Analysts for its Tampa, FL location. This role involves conducting in-depth analysis to support U.S. Southern Command and working with national-level Intelligence Community partners. Applicants must have an active...- ...clearance and possess strong analytical skills with at least eight years of experience. Your responsibilities will include researching intelligence, coordinating with national agencies, and ensuring compliance with collection guidelines. Full-time benefits include medical,...Full time
- VetJobs is looking for a Mid Target Intel Analyst in Tampa, Florida. This position supports the Central Command J2 Directorate through comprehensive Target intelligence analysis, which will inform senior leaders. The ideal candidate will have 4-8 years of related experience...
- ...Competitive Intelligence Analyst We are seeking a Competitive Intelligence Analyst to join our team. The Competitive Intelligence Analyst is responsible for supporting the firm's business development, competitive intelligence, and marketing efforts by delivering research...Temporary work
$78k - $163.8k
...Certifications/Security Clearances/Other (Enter Below) Job_Category Analyst Certificates/Security Clearances/Other Must have Current and... ...to obtain TS/SCI City* Macdill State* Florida Job Code Intelligence Intelligence Affiliate Sponsor CACI International Inc Salary...Contract workWork experience placementLocal area- ...collection gaps and coordinating with collection managers to satisfy analytical and operational requirements. Produce finished intelligence products, imagery exploitation reports, and briefings for dissemination to U.S. and coalition consumers, the Intelligence Community...Contract work
- ...Intelligence Collections Analyst This position is contingent upon the award of a contract. We will provide updates on the status of the contract and next steps during the hiring process. Minimum Qualifications Summary Certification & Education - Must possess...Full timeContract workTemporary workFor contractorsLocal areaOverseas
- Prescient Edge is seeking a Jr. Identity Intelligence Exploitation Cell (I2EC) Analyst to support a federal government client in Tampa, FL. The role involves conducting all-source intelligence analysis and producing reports for operational needs. Ideal candidates have one...
- ...Security Clearance. Higher Education degree in Information Science, Intelligence, or Data Science preferred. Army 351M, USMC 0204 or 0210.... ...-year contract, the Counterintelligence/Human Intelligence Analyst will support the United States Marine Corps Forces, Central Command...Contract workFor contractorsLocal areaOverseas
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Intelligence Lead Analyst - OSINT Threat Hunting. Be the first to apply!
- military intelligence officer Tampa, FL
- intelligence analyst Tampa, FL
- competitive intelligence analyst Tampa, FL
- all-source intelligence analyst Tampa, FL
- criminal intelligence analyst Tampa, FL
- military intelligence analyst Tampa, FL
- manager competitive intelligence Tampa, FL
- artificial intelligence - machine learning intern Tampa, FL
- counter intelligence Tampa, FL
- intelligence Tampa, FL


