Back to Jobs
B

Director, Cyber Threat Intelligence (CTI)

BNY MellonPosted 1 day ago
Full TimeExecutive
LocationWashington, District of Columbia, United States
Work ArrangementOn-Site
Salary Range$147,000 – $310,000 / year
Experience10+ years

Job Description

Director, Cyber Threat Intelligence (CTI) 

Role summary 
The Director, Cyber Threat Intelligence (CTI) leads an adversary-focused intelligence capability that enables proactive defense of BNY’s global platforms, clients, and critical financial operations. This leader builds an all-source intelligence program that produces timely, decision-grade assessments; sets and manages intelligence requirements; and integrates CTI into detection engineering, incident response, vulnerability management, fraud, and executive risk decisions. The role operates with a high degree of discretion, rigor, and ethical judgment, and partners across internal teams and external intelligence communities. 

Mission & outcomes 

  • Shift security from reactive to anticipatory defense by maintaining an accurate, current picture of the actors targeting BNY, their intent, capabilities, and evolving tactics. 
  • Improve resilience and risk prioritization by translating technical intelligence into business-relevant insights that influence controls, investment decisions, and operational readiness. 
  • Integrate intelligence into operational workflows so CTI measurably improves detection coverage, incident outcomes, patch/vulnerability prioritization, and fraud/abuse disruption. 
  • Provide credible executive and regulatory engagement through clear, defensible assessments and briefings aligned to enterprise risk appetite. 

Key responsibilities 

  • Build and lead the CTI program: define the operating model (strategic, operational, tactical intelligence), establish analytic standards and tradecraft, and develop a high-performing team. 
  • Intelligence requirements & collection management: set Priority Intelligence Requirements (PIRs) aligned to BNY’s highest-risk assets and business services; manage collection plans across internal telemetry and trusted external sources; ensure legal/ethical sourcing and handling. 
  • All-source analysis and production: produce actor profiles, campaign assessments, early-warning reporting, estimative intelligence, and post-incident intelligence that informs prevention and recovery. 
  • Operational integration: embed CTI into the SOC, detection engineering, threat hunting, incident response, vulnerability management, identity/access, and fraud teams; drive clear handoffs from intelligence to action. 
  • Executive communications: brief senior leaders with concise, decision-grade intelligence; communicate uncertainty, confidence levels, and recommended actions; maintain a clear linkage to business impact and operational risk. 
  • Cross-functional and global coordination: operate effectively across regions, time zones, and lines of business; coordinate in joint, interagency, and multinational-style environments with appropriate discretion. 
  • External intelligence partnerships: build and maintain trusted relationships with peer institutions, government and law-enforcement partners, and intelligence-sharing communities; represent BNY professionally and responsibly. 
  • Governance, metrics, and continuous improvement: establish KPIs that demonstrate CTI impact (detection improvements, time-to-triage, disruption outcomes, prioritization effectiveness); run after-action reviews and update requirements based on changing threats. 
  • Talent development: mentor analysts and leaders; build training paths, rotations, and tradecraft review; foster a culture of integrity, curiosity, and mission focus. 

Operating model & key interfaces 
This role partners closely with the CISO organization, SOC/IR leadership, detection engineering, vulnerability management, fraud/financial crime, technology risk, and business continuity teams. Outputs are designed to be actionable—mapped to controls, detections, mitigations, and executive decisions. The leader is expected to operate with high discretion and strong information-handling discipline. 

Qualifications (required) 

  • 12+ years of progressive experience in cyber threat intelligence, all-source intelligence, counterintelligence, national security, or closely related threat analysis roles, including leadership of analysts and/or intelligence programs. 
  • Demonstrated ability to define intelligence requirements, manage collection, and produce high-quality assessments that drive operational action (not just reporting). 
  • Strong analytic tradecraft: structured thinking, bias awareness, evidentiary rigor, and clear communication of confidence/uncertainty. 
  • Proven track record integrating CTI with security operations (SOC, threat hunting, incident response), detection engineering, and vulnerability management. 
  • Experience briefing senior executives and influencing risk decisions with concise, business-relevant intelligence. 
  • High integrity, sound judgment, and consistent discretion in handling sensitive information. 

Qualifications (preferred) 

  • Experience in financial services, critical infrastructure, or other highly regulated environments with high availability and systemic risk considerations. 
  • Prior work in joint/interagency settings or with intelligence-sharing communities; experience building trusted external partnerships. 
  • Background spanning cyber and traditional intelligence disciplines (e.g., CI, SIGINT/HUMINT-driven analysis, strategic warning, collection management). 
  • Familiarity with common CTI frameworks and operationalization practices (e.g., ATT&CK mapping, intelligence requirements/PIRs, estimative language, analytic standards). 
  • Relevant certifications (examples): GIAC (GCTI, GCIA), CISSP, or equivalent; advanced degree in intelligence studies, cybersecurity, international relations, or related field. 
  • Ability to obtain and maintain a security clearance, if required for external partnership engagements. 

Success profile 

  • Adversary-centric: thinks in terms of actors, intent, capability, access, and pathways to business impact. 
  • Action-oriented: turns intelligence into prioritized decisions, measurable control improvements, and operational outcomes. 
  • Calm under pressure: leads through incidents and ambiguous, fast-moving situations with disciplined judgment. 
  • Enterprise connector: builds alignment across security, technology, fraud/financial crime, and business stakeholders globally. 
  • Ethical and trusted: models discretion, integrity, and responsible intelligence handling in every interaction. 

 

 


At BNY, our culture allows us to run our company better and enables employees’ growth and success. As a leading global financial services company at the heart of the global financial system, we influence nearly 20% of the world’s investible assets. Every day, our teams harness cutting-edge AI and breakthrough technologies to collaborate with clients, driving transformative solutions that redefine industries and uplift communities worldwide.

Recognized as a top destination for innovators, BNY is where bold ideas meet advanced technology and exceptional talent. Together, we power the future of finance – and this is what #LifeAtBNY is all about. Join us and be part of something extraordinary.

At BNY, our culture speaks for itself, check out the latest BNY news at BNY Newsroom & BNY LinkedIn

 Here’s a few of our recent awards:

  • America’s Most Innovative Companies, Fortune, 2025
  • World’s Most Admired Companies, Fortune 2025
  • “Most Just Companies”, Just Capital and CNBC, 2025

    Our Benefits and Rewards:

    BNY offers highly competitive compensation, benefits, and wellbeing programs rooted in a strong culture of excellence and our pay-for-performance philosophy. We provide access to flexible global resources and tools for your life’s journey. Focus on your health, foster your personal resilience, and reach your financial goals as a valued member of our team, along with generous paid leaves, including paid volunteer time, that can support you and your family through moments that matter.

    BNY is an Equal Employment Opportunity/Affirmative Action Employer - Underrepresented racial and ethnic groups/Females/Individuals with Disabilities/Protected Veterans.

    BNY assesses market data to ensure a competitive compensation package for our employees. The expected base salary for this position when employment commences can be found in the Job Info section at the bottom of the posting. 

    Base salary offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, and experience. Base salary is only part of the total rewards package, which may include eligibility for an annual discretionary incentive award. Subject to the terms and conditions of the applicable plans then in effect, eligible employees may enroll in a 401(k) plan as well as participate in Company-sponsored medical, dental, vision, and basic life insurance plans for the employee and the employee’s eligible dependents. Eligible employees also may receive other benefits (including various paid time off benefits, such as vacation and sick time), dependent on the position offered. Details of participation in these benefit plans will be provided if an employee receives an offer of employment.

    If hired, the employee will be in an “at will” position and the Company reserves the right to modify base salary (as well as any other discretionary payments or compensation programs) at any time, including for reasons related to individual performance, Company or individual department/team performance, and market factors.

    About the Company
    B
    BNY Mellon
    6 open positions
    View all jobs →
    Similar Jobs