Senior Threat Intelligence Analyst

Who We AreAt Newrez, we bring big thinkers and caring doers together to make home happen. We're a team built on heart and hustle, united by a commitment to show up for our customers, our communities, and each other. We believe that when our people thrive, homeowners thrive - and that's why we invest in your growth, wellbeing, and ability to make an impact.Every day, we work to exceed the expectations of our residential mortgage borrowers and business partners through superior service, simple processes, and clear communication. We do this by empowering our employees, encouraging innovative solutions and recognizing great performance.POSITION SUMMARY:The Senior Threat Intelligence Analyst is a key individual contributor within the Cybersecurity organization, responsible for producing high-quality, actionable intelligence that enables the company to anticipate, detect, and respond to emerging threats. This role serves as a senior member of the Threat Intelligence function with mentorship responsibilities, supporting the development of junior analysts and strengthening intelligence maturity across the broader security organization.The ideal candidate brings strong analytical rigor, deep understanding of the threat landscape, technical proficiency across modern cloud and hybrid environments, and the ability to translate complex intelligence findings into meaningful insights for both technical and non-technical audiences.DESCRIPTION:Essential Functions, Duties, and ResponsibilitiesThreat Intelligence Collection, Analysis & ProductionLead intelligence collection and analysis across multiple domains including:External attack surface monitoringBrand impersonation, domain spoofing, and digital riskThreat intelligence support for fraud preventionVulnerability intelligence and exploit monitoringMalware trends, threat actor tactics, and campaign activityDark web and deep web monitoringApply the full intelligence lifecycle (requirements, collection, analysis, dissemination, feedback) to produce timely and relevant insights.Conduct structured analytic assessments using frameworks such as MITRE ATT&CK, the Diamond Model, and the Cyber Kill Chain.Assess emerging threats to cloud environments, SaaS platforms, corporate endpoints, identity systems, and on-premises infrastructure.Operational & Strategic Intelligence Output:Produce clear, actionable intelligence products including:Tactical alerts for SOC and Incident ResponseThreat actor profiles and campaign analysisVulnerability prioritization guidance supporting VM and AppSec teamsThreat hunt leads mapped to ATT&CKWeekly/bi-weekly intelligence summaries for operational teamsQuarterly executive threat landscape briefingsSupport fraud, cyber defense, and engineering teams with tailored intelligence to inform detection engineering, risk mitigation, and control improvements.Cross-Functional Collaboration:Partner with SOC, Incident Response, Vulnerability Management, Application Security, Engineering, Cyber Fraud, Risk, and other business teams to operationalize intelligence.Communicate complex technical findings to non-technical stakeholders in a clear, concise manner.Serve as a mentor to junior analysts, guiding analytical rigor, reporting quality, and investigative methodology.Help mature threat intelligence processes, workflows, and automation opportunities.Technology & Tooling:Leverage enterprise threat intelligence platforms, security information and event management tools, cloud-native security capabilities, log aggregation pipelines, and attack surface monitoring platforms.Maintain a vendor-agnostic mindset to ensure intelligence is grounded in outcome-driven analysis rather than tooling.Ability to effectively and accurately convey information to others.Performs related duties as assigned by management.Qualifications and Education Requirements:5–8 years of experience in Cyber Threat Intelligence, Security Operations, Incident Response, or a related cybersecurity discipline.Experience within the financial sector or other highly regulated industries.Certifications such as:GCTI (GIAC Cyber Threat Intelligence)CTIA (EC-Council Certified Threat Intelligence Analyst)GCIA, GNFA, GREM, or similar advanced certifications aligned with senior threat intelligence expectations.Skills, Abilities, and Knowledge:Deep familiarity with:Threat intelligence lifecycleMITRE ATT&CK frameworkDiamond Model of Intrusion AnalysisCyber Kill ChainSTIX/TAXII standardsExposure to multi-cloud environments (Azure, AWS, SaaS ecosystems) and hybrid enterprise architectures.Demonstrated experience analyzing threat actor behavior, malware activity, vulnerability exploitation trends, digital risk, and fraud-related intelligence within hybrid cloud environments.Strong understanding of adversary TTPs, cybercrime ecosystems, and financially motivated threat activity.Effective at managing multiple priorities under tight deadlines in a fast-paced, dynamic environment.Strong project management capability.Self-directed and comfortable working with ambiguity and uncertainty.High degree of professional maturity, integrity, ability to maintain confidential data and information.High degree of business acumen; strong technical aptitude.Work Environment and Physical Requirements:Working on-site at assigned office location.Regular and punctual attendance adhering to schedule established by leadership.Flexibility to work occasional adjusted work schedules, overtime, and evening and/or weekend hours to meet deadlines or as business needs demand.Working in a cubicle hub, maintaining focus on phone calls in a noisy environment within earshot of multiple other conversations.Sedentary work in a stationary position at a cubicle for prolonged periods of time.Constant repetitive motions required for operating a computer, such as typing and managing phone calls.Constantly communicating effectively verbally in English, including accurately exchanging information with others following identification of correct procedures.Additional Information:While this description is intended to be an accurate reflection of the position's requirements, it in no way implies/states that these are the only job responsibilities. Management reserves the right to modify, add or remove duties and request other duties, as necessary.All employees are required to have smart phones that meet Company security standards with the ability to install apps such as Microsoft Authenticator. Employment will be contingent on this requirement.Why NewrezWe're a great place to work because we invest in what matters: your career, your community, your wellbeing, and your future. Our total rewards package is designed to support your whole self.Company Benefits:We offer benefits, programs, and perks that support you in every aspect of your life.Medical, dental, and vision insuranceHealth Savings Account with employer contribution401(k) Retirement plan with employer matchPaid Maternity Leave/Parental Bonding Leave/Caregiver LeaveAdoption AssistanceTuition & Certification reimbursementEmployee Mortgage Loan ProgramThe Newrez Employee Emergency and Disaster Fund is a program to support our team members experiencing hardshipsNewrez NOW:Through Newrez NOW, our Corporate Social Responsibility program, you'll have opportunities to give back, lead, and make a difference.1 company-paid Volunteer Time Off day (with over 40,000 volunteer hours contributed since our inception)Matching Gifts Program - dollar-for-dollar up to $1,000Access to grants, nonprofit resources, and volunteer opportunitiesMore than $6,000,000 donated since 20201 in 5 employees participates in at least one Employee Resource Group (ERG)Equal Employment OpportunityWe're proud to be an equal opportunity employer- and celebrate our employees' differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. Different makes us better.#J-18808-Ljbffr

Who We AreAt Newrez, we bring big thinkers and caring doers together to make home happen. We're a team built on heart and hustle, united by a commitment to show up for our customers, our communities, and each other. We believe that when our people thrive, homeowners thrive - and that's why we invest in your growth, wellbeing, and ability to make an impact.Every day, we work to exceed the expectations of our residential mortgage borrowers and business partners through superior service, simple processes, and clear communication. We do this by empowering our employees, encouraging innovative solutions and recognizing great performance.POSITION SUMMARY:The Senior Threat Intelligence Analyst is a key individual contributor within the Cybersecurity organization, responsible for producing high-quality, actionable intelligence that enables the company to anticipate, detect, and respond to emerging threats. This role serves as a senior member of the Threat Intelligence function with mentorship responsibilities, supporting the development of junior analysts and strengthening intelligence maturity across the broader security organization.The ideal candidate brings strong analytical rigor, deep understanding of the threat landscape, technical proficiency across modern cloud and hybrid environments, and the ability to translate complex intelligence findings into meaningful insights for both technical and non-technical audiences.DESCRIPTION:Essential Functions, Duties, and ResponsibilitiesThreat Intelligence Collection, Analysis & ProductionLead intelligence collection and analysis across multiple domains including:External attack surface monitoringBrand impersonation, domain spoofing, and digital riskThreat intelligence support for fraud preventionVulnerability intelligence and exploit monitoringMalware trends, threat actor tactics, and campaign activityDark web and deep web monitoringApply the full intelligence lifecycle (requirements, collection, analysis, dissemination, feedback) to produce timely and relevant insights.Conduct structured analytic assessments using frameworks such as MITRE ATT&CK, the Diamond Model, and the Cyber Kill Chain.Assess emerging threats to cloud environments, SaaS platforms, corporate endpoints, identity systems, and on-premises infrastructure.Operational & Strategic Intelligence Output:Produce clear, actionable intelligence products including:Tactical alerts for SOC and Incident ResponseThreat actor profiles and campaign analysisVulnerability prioritization guidance supporting VM and AppSec teamsThreat hunt leads mapped to ATT&CKWeekly/bi-weekly intelligence summaries for operational teamsQuarterly executive threat landscape briefingsSupport fraud, cyber defense, and engineering teams with tailored intelligence to inform detection engineering, risk mitigation, and control improvements.Cross-Functional Collaboration:Partner with SOC, Incident Response, Vulnerability Management, Application Security, Engineering, Cyber Fraud, Risk, and other business teams to operationalize intelligence.Communicate complex technical findings to non-technical stakeholders in a clear, concise manner.Serve as a mentor to junior analysts, guiding analytical rigor, reporting quality, and investigative methodology.Help mature threat intelligence processes, workflows, and automation opportunities.Technology & Tooling:Leverage enterprise threat intelligence platforms, security information and event management tools, cloud-native security capabilities, log aggregation pipelines, and attack surface monitoring platforms.Maintain a vendor-agnostic mindset to ensure intelligence is grounded in outcome-driven analysis rather than tooling.Ability to effectively and accurately convey information to others.Performs related duties as assigned by management.Qualifications and Education Requirements:5–8 years of experience in Cyber Threat Intelligence, Security Operations, Incident Response, or a related cybersecurity discipline.Experience within the financial sector or other highly regulated industries.Certifications such as:GCTI (GIAC Cyber Threat Intelligence)CTIA (EC-Council Certified Threat Intelligence Analyst)GCIA, GNFA, GREM, or similar advanced certifications aligned with senior threat intelligence expectations.Skills, Abilities, and Knowledge:Deep familiarity with:Threat intelligence lifecycleMITRE ATT&CK frameworkDiamond Model of Intrusion AnalysisCyber Kill ChainSTIX/TAXII standardsExposure to multi-cloud environments (Azure, AWS, SaaS ecosystems) and hybrid enterprise architectures.Demonstrated experience analyzing threat actor behavior, malware activity, vulnerability exploitation trends, digital risk, and fraud-related intelligence within hybrid cloud environments.Strong understanding of adversary TTPs, cybercrime ecosystems, and financially motivated threat activity.Effective at managing multiple priorities under tight deadlines in a fast-paced, dynamic environment.Strong project management capability.Self-directed and comfortable working with ambiguity and uncertainty.High degree of professional maturity, integrity, ability to maintain confidential data and information.High degree of business acumen; strong technical aptitude.Work Environment and Physical Requirements:Working on-site at assigned office location.Regular and punctual attendance adhering to schedule established by leadership.Flexibility to work occasional adjusted work schedules, overtime, and evening and/or weekend hours to meet deadlines or as business needs demand.Working in a cubicle hub, maintaining focus on phone calls in a noisy environment within earshot of multiple other conversations.Sedentary work in a stationary position at a cubicle for prolonged periods of time.Constant repetitive motions required for operating a computer, such as typing and managing phone calls.Constantly communicating effectively verbally in English, including accurately exchanging information with others following identification of correct procedures.Additional Information:While this description is intended to be an accurate reflection of the position's requirements, it in no way implies/states that these are the only job responsibilities. Management reserves the right to modify, add or remove duties and request other duties, as necessary.All employees are required to have smart phones that meet Company security standards with the ability to install apps such as Microsoft Authenticator. Employment will be contingent on this requirement.Why NewrezWe're a great place to work because we invest in what matters: your career, your community, your wellbeing, and your future. Our total rewards package is designed to support your whole self.Company Benefits:We offer benefits, programs, and perks that support you in every aspect of your life.Medical, dental, and vision insuranceHealth Savings Account with employer contribution401(k) Retirement plan with employer matchPaid Maternity Leave/Parental Bonding Leave/Caregiver LeaveAdoption AssistanceTuition & Certification reimbursementEmployee Mortgage Loan ProgramThe Newrez Employee Emergency and Disaster Fund is a program to support our team members experiencing hardshipsNewrez NOW:Through Newrez NOW, our Corporate Social Responsibility program, you'll have opportunities to give back, lead, and make a difference.1 company-paid Volunteer Time Off day (with over 40,000 volunteer hours contributed since our inception)Matching Gifts Program - dollar-for-dollar up to $1,000Access to grants, nonprofit resources, and volunteer opportunitiesMore than $6,000,000 donated since 20201 in 5 employees participates in at least one Employee Resource Group (ERG)Equal Employment OpportunityWe're proud to be an equal opportunity employer- and celebrate our employees' differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. Different makes us better.#J-18808-Ljbffr

• 

• Government Careers