Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Intelligence Lead Analyst - OSINT Threat Hunting

$117.44k - $176.16k
Full-time

Citi

Go beyond traditional analysis and become a proactive threat hunter at the heart of Citi's global security operations. The CSIS Advanced Analytics and Cyber OSINT program seeks a senior Intelligence Lead Analyst to design, lead, and mature our threat hunting capabilities. In this pivotal role, you will transform open-source information into actionable intelligence, safeguarding the assets, integrity, and reputation of Citi and its clients against emerging threats. CSIS Intelligence Advanced Analytics and Cyber OSINT — Program Description Citi Security and Investigative Services (CSIS) is a full-service security and investigative team that protects the assets, integrity, and reputation of Citi and its clients as the industry-leading provider of security, investigations, and intelligence. The CSIS Advanced Analytics and Cyber OSINT program delivers timely, actionable intelligence to Citi stakeholders through collection and analysis using both open-source and internal data sources, supporting complex financial crime investigations, cyber-enabled fraud matters, and high-risk security events. The program drives efficiencies through the creation, integration, and deployment of custom analytical tools and intelligence capabilities into the hands of analysts and investigators across the enterprise. Job Description: The Intelligence Lead Analyst (Open Source Intelligence - Threat Hunting) is a senior-level intelligence analyst position responsible for designing, leading, and maturing Citi's proactive threat hunting and cyber Open Source Intelligence (OSINT) capabilities. The role goes beyond reactive analysis: the incumbent will drive hypothesis-driven hunt operations across Citi's global enterprise environment, operationalize cyber threat intelligence into detection engineering, and serve as a subject matter expert on adversary tradecraft, tactics, techniques, and procedures (TTPs), and emerging threat actor campaigns targeting the financial sector. The role requires deep expertise in the cyber threat intelligence lifecycle, adversary emulation, and the ability to translate complex intelligence into actionable outcomes for Investigations, Security, and other stakeholders. Responsibilities: Analyze regional threat data and determine a correlation if any, to existing intelligence requirements Monitor and research cyber threats with a direct or indirect impact to the Citi brand Research and identify malicious activity by performing post-mortem analysis on logs, traffic flows, and other activities Conduct intrusion analyses to ascertain the impact of an attack, and develop mitigation techniques for future attacks Evaluate networks and programs to assess potential weaknesses and points of entry Analyze and present to senior leadership discovered patterns to forecast future cyber-attacks and their potential impact Liaise with intelligence communities, law enforcement, industry partners, peer financial institutions, and information sharing communities Triage, process, analyze, and disseminate intelligence alerts, reports, and briefings Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency. Qualifications: 6-10 years of relevant experience Should have a working knowledge in one or more of the following areas: Advanced Persistent Threat, Third Party Risks/Threats, Cybercrime, Extremist Groups and Cyber Terrorists, Hacktivism, Distributed Denial of Service attacks, Fraud, Malware, Mobile Threats Proven track record of operationalizing cyber threat intelligence — translating raw intelligence into detections, hunt packages, and risk-relevant reporting. Consistently demonstrates clear and concise written and verbal communication Proven influencing and relationship management skills Proven analytical skills Education: Bachelor’s degree/University degree or equivalent experience Master’s degree preferred (Advanced degree preferred, ideally in Computer Science, Cybersecurity, Information Security, or a related STEM discipline) Additional valued certifications include: CREST CCTIM, Recorded Future Certified Analyst, CISSP, CEH, or OSCP. Required Skills: Proficiency in the MITRE ATT&CK framework — mapping adversary TTPs, building hunt hypotheses, and driving detection coverage analysis. Hands-on experience with Threat Intelligence Platforms including Recorded Future, Mandiant Advantage, ThreatConnect, MISP, or OpenCTI. Experience with scripting and automation languages including Python, PowerShell, and Bash for intelligence collection, enrichment pipelines, and hunt tooling development. Advanced OSINT tradecraft including dark web monitoring, social media intelligence, infrastructure pivoting, and digital footprint analysis. Experience with link analysis platforms such as Palantir, Maltego, and i2 Analyst's Notebook, including building custom extractors, web scrapers, and automation workflows to support investigative and analytical tasks. Solid understanding of network forensics, log analysis, and reverse engineering in support of hunt operations. Working knowledge of malware analysis (static and dynamic) and adversary infrastructure analysis. Exceptional written and verbal communication skills with the ability to produce intelligence products for both technical and executive audiences, consistently demonstrating clarity, conciseness, and attention to detail. Proven influencing, relationship management, and analytical skills with a track record of driving outcomes across cross-functional teams. This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required. ------------------------------------------------------ Job Family Group: Technology ------------------------------------------------------ Job Family: Information Security ------------------------------------------------------ Time Type: Full time ------------------------------------------------------ Primary Location: NC-CHARLOTTE (BALLANTYNE) ------------------------------------------------------ Primary Location Full Time Salary Range: $117,440.00 - $176,160.00 In addition to salary, Citi’s offerings may also include, for eligible employees, discretionary and formulaic incentive and retention awards. Citi offers competitive employee benefits, including: medical, dental & vision coverage; 401(k); life, accident, and disability insurance; and wellness programs. Citi also offers paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays. For additional information regarding Citi employee benefits, please visit citibenefits.com. Available offerings may vary by jurisdiction, job level, and date of hire. ------------------------------------------------------ Most Relevant Skills Please see the requirements listed above. ------------------------------------------------------ Other Relevant Skills For complementary skills, please see above and/or contact the recruiter. ------------------------------------------------------ Anticipated Posting Close Date: Jul 03, 2026 ------------------------------------------------------ Citi is an equal opportunity employer, and qualified candidates will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other characteristic protected by law. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi. View Citi’s EEO Policy Statement and the Know Your Rights poster.

Vacancy posted 4 days ago
Similar jobs that could be interesting for youBased on the Intelligence Lead Analyst - OSINT Threat Hunting in Tampa, FL vacancy
  •  ...A government contracting firm is seeking a Junior Intelligence Analyst to provide analytic support to the Department of Homeland Security. The role involves conducting in-depth analysis of WMD threats and contributing to relevant reports and briefings. Candidates must... 
    Suggested

    Barbaricum

    Tampa, FL
    3 days ago
  •  ...All Source Intelligence Analyst Expert ***This position requires an active TS/Sensitive Compartmental...  ...VEO, ESA/RMA, TCO, SIA, WMD, and other threat priorities and emerging crisis. The All...  ...disciplines – GEOINT, HUMINT, SIGINT, OSINT/PAI, Cyber and SOF intelligence... 
    Suggested
    Full time
    Work at office
    Local area

    Cherokee Federal

    Tampa, FL
    9 hours ago
  • $105k - $111k

    Amentum is seeking a professional for Threat Finance Intelligence analysis to support U.S. government efforts in identifying and disrupting financial networks associated with terrorism and crime. Responsibilities include providing intelligence analysis, facilitating cooperation... 
    Suggested

    Amentum

    Tampa, FL
    6 days ago
  •  ...apply their talents supporting customers with difficult and important mission sets. About the Role Redhorse is seeking a Lead Intelligence Analyst to serve as the operational architect and “North Star” within a cross-functional team building technology-enabled, mission... 
    Suggested

    Medium

    Tampa, FL
    5 days ago
  • $90.8k - $199.7k

     ...Senior Intelligence Analyst CACI is seeking a Senior Level (15+ years of...  ...activities. Responsibilities: Lead a team of all-source...  ...requirements for worldwide UxS threat technologies. Research,...  ...PALANTIR, TAC, CIAWIRE, NSA PULSE, OSINT Analytical Framework. ~... 
    Suggested
    Contract work
    Work experience placement
    Worldwide
    Flexible hours

    CACI International

    Tampa, FL
    5 days ago
  • $65k - $136.5k

    ## Open-Source Intelligence AnalystTampa, FL, USApply NowFind out how well you...  ...Open-Source Intelligence Analysts to join our growing Global Open-Source Threat Network Disruption Cell ("GOST Cell...  ...media content to construct new OSINT and publicly available information... 
    Contract work
    Work experience placement
    Immediate start
    Flexible hours

    CACI International Inc.

    Tampa, FL
    5 days ago
  •  ...Cherokee Insights is seeking an All Source Intelligence Analyst to provide analytic support in areas of...  ...VEO, ESA/RMA, TCO, SIA, WMD, and other threat priorities and emerging crisis. The...  ...disciplines - GEOINT, HUMINT, SIGINT, OSINT/PAI, Cyber, and SOF - to identify gaps,... 
    Full time
    Local area

    Cherokee Federal

    Tampa, FL
    5 days ago
  • A leading Wealth Management firm offers a Lead Enterprise Application Security Architect role in Tampa, FL. This hybrid position focuses...  ...The candidate must have expertise in web application security, threat modeling, and secure architecture design across cloud and on-... 

    Estreetsecurity

    Tampa, FL
    6 days ago
  •  ...Collection and Exploitation System eXtended (US BICES-X) is a cutting-edge program supporting DoW intelligence information sharing on current and emerging global threats to mission and coalition partners and emerging nations. With an internationally dispersed team supporting... 

    General Dynamics Information Technology

    Tampa, FL
    3 days ago
  • $65k - $136.5k

    ## All-Source Intelligence AnalystTampa, FL, USApply NowFind out how well you match with this...  ...International is hiring All-Source Intelligence Analysts to support U.S. Southern Command on an...  ...Analysis to detect, deter, and defeat threat networks. As an All-Source Intelligence... 
    Contract work
    Work experience placement
    Immediate start
    Flexible hours

    CACI International Inc.

    Tampa, FL
    5 days ago
  • $123.41k - $160k

     ...comprises multi-domain operations, platforms and logistics, and intelligence operations. HII designs, develops, integrates and manages the...  ...disciplines including All-Source, Targeting, Counter Threat, and SIGINT to support strategic planning, intelligence production... 
    Full time
    Local area

    Huntington Ingalls Industries

    Tampa, FL
    5 days ago
  •  ...government contractor providing leading-edge support to federal...  ...growing capabilities across Intelligence, Analytics, Engineering, Mission...  ...seeks a Junior Intelligence Analyst to provide analytic support to...  ...prevent terrorists and other threat actors from using weapons of... 
    For contractors
    Work at office
    Local area

    Barbaricum

    Tampa, FL
    2 days ago
  • CACI International Inc. is seeking an experienced Open-Source Intelligence Analyst for its Global Open-Source Threat Network Disruption Cell in Tampa, Florida. This role involves utilizing publicly available information and intelligence gathering methods to provide insights... 

    CACI International Inc.

    Tampa, FL
    5 days ago
  • MUFG is seeking a skilled Threat Modeling Specialist in Tampa, Florida, to integrate security practices into its Enterprise Information Security framework. In this role, you will manage threat modeling processes and provide security consulting to developers and engineers... 
    Remote work

    Mufg

    Tampa, FL
    6 days ago
  • A leading financial group is looking for a Cyber Security Threat Modeler to oversee threat modeling and enhance application security across its U.S. operations. The ideal candidate will have over 6 years of experience in secure coding and application security, alongside... 
    Remote work

    Mufgamericas

    Tampa, FL
    1 day ago
  • A global financial services firm is seeking a Cyber Security Threat Modeler to integrate and execute effective threat modeling programs. Responsibilities include monitoring security, generating vulnerability reports, and providing security consulting. The ideal candidate... 

    MUFG Bank, Ltd

    Tampa, FL
    2 days ago
  •  ...Draft, edit, review, and publish formal intelligence reports and assessments, including United...  .... Coordinate with intelligence analysts, collection managers, and operational elements...  ...of all-source intelligence assessments, threat reports, and operational summaries in... 
    Contract work

    Core One

    Tampa, FL
    7 days ago
  •  ...capabilities Develop summary reports and/or intelligence products The successful candidate...  ...relationships Ability to lead projects or workstreams Ability to manage...  ...technology to combat emerging and evolving threats. The Project Talent Model is designed... 
    Local area

    Deloitte

    Tampa, FL
    5 days ago
  •  ...more through innovation, automation, and intelligent insights. The Role Presidio has an exciting opportunity for a Security Practice Lead to join our Cybersecurity National Practice...  ...and understanding of security trends, threat landscape and frameworks like the cyber kill... 
    For contractors
    Local area

    Presidio

    Tampa, FL
    3 days ago
  • $112.84k - $140.3k

     ...Certified Cybersecurity Defense Analyst | Splunk - Splunk...  ...Operations Cell (CSOC) Night Shift Lead and build an impactful career...  ...analysts. Conduct real-time threat analysis for USCENTCOM Headquarters...  ...is informed of the latest intelligence on relevant threats and... 
    Temporary work
    Immediate start
    Worldwide
    Flexible hours
    Night shift
    Day shift

    General Dynamics Information Technology

    Tampa, FL
    1 day ago
  • $104k - $166k

     ...across theaters. Key Responsibilities Serve as principal lead for SMEP engagement across CCMDs; manage personnel allocation...  ...at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company... 
    Contract work
    For contractors
    Flexible hours
    Shift work

    Peraton

    Tampa, FL
    1 day ago
  • $65k - $136.5k

    CACI International Inc. is seeking All-Source Intelligence Analysts for its Tampa, FL location. This role involves conducting in-depth analysis to support U.S. Southern Command and working with national-level Intelligence Community partners. Applicants must have an active... 

    CACI International Inc.

    Tampa, FL
    5 days ago
  •  ...clearance and possess strong analytical skills with at least eight years of experience. Your responsibilities will include researching intelligence, coordinating with national agencies, and ensuring compliance with collection guidelines. Full-time benefits include medical,... 
    Full time

    Cherokee Federal

    Tampa, FL
    3 days ago
  • VetJobs is looking for a Mid Target Intel Analyst in Tampa, Florida. This position supports the Central Command J2 Directorate through comprehensive Target intelligence analysis, which will inform senior leaders. The ideal candidate will have 4-8 years of related experience... 

    VetJobs

    Tampa, FL
    2 days ago
  •  ...Competitive Intelligence Analyst We are seeking a Competitive Intelligence Analyst to join our team. The Competitive Intelligence Analyst is responsible for supporting the firm's business development, competitive intelligence, and marketing efforts by delivering research... 
    Temporary work

    Holland & Knight

    Tampa, FL
    3 days ago
  • $78k - $163.8k

     ...Certifications/Security Clearances/Other (Enter Below) Job_Category Analyst Certificates/Security Clearances/Other Must have Current and...  ...to obtain TS/SCI City* Macdill State* Florida Job Code Intelligence Intelligence Affiliate Sponsor CACI International Inc Salary... 
    Contract work
    Work experience placement
    Local area

    VetJobs

    Tampa, FL
    6 days ago
  •  ...collection gaps and coordinating with collection managers to satisfy analytical and operational requirements. Produce finished intelligence products, imagery exploitation reports, and briefings for dissemination to U.S. and coalition consumers, the Intelligence Community... 
    Contract work

    Core One

    Tampa, FL
    2 days ago
  •  ...Intelligence Collections Analyst This position is contingent upon the award of a contract. We will provide updates on the status of the contract and next steps during the hiring process. Minimum Qualifications Summary Certification & Education - Must possess... 
    Full time
    Contract work
    Temporary work
    For contractors
    Local area
    Overseas

    Lukos

    Tampa, FL
    2 days ago
  • Prescient Edge is seeking a Jr. Identity Intelligence Exploitation Cell (I2EC) Analyst to support a federal government client in Tampa, FL. The role involves conducting all-source intelligence analysis and producing reports for operational needs. Ideal candidates have one... 

    Prescient Edge

    Tampa, FL
    2 days ago
  •  ...Security Clearance. Higher Education degree in Information Science, Intelligence, or Data Science preferred. Army 351M, USMC 0204 or 0210....  ...-year contract, the Counterintelligence/Human Intelligence Analyst will support the United States Marine Corps Forces, Central Command... 
    Contract work
    For contractors
    Local area
    Overseas

    Lukos

    Tampa, FL
    2 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Intelligence Lead Analyst - OSINT Threat Hunting. Be the first to apply!