Threat Intelligence Analyst, Financial Networks
Skills
OsintTransaction TracingFinancial IntelligenceReportingAnalysisOwnership StructureBlockchainCommunicationInvestigationBeneficial OwnershipThreat IntelligenceThreat HuntingEllipticTtpTrade FinanceCommodity FlowsCorporate OwnershipCross-Border Fund FlowsSanctions EvasionChainalysis ReactorCryptocurrency
About the Role
You will collect, analyze, and report on actors and networks that use traditional financial systems alongside crypto to move value and evade detection. You will conduct proactive threat hunting across on-chain and off-chain data, develop novel collection strategies and analytic methodologies, map financial networks and corporate ownership structures, identify adversary TTPs to support detection and attribution, leverage OSINT to surface hidden threats, and produce clear, actionable intelligence reports. You will collaborate with data, engineering, and product stakeholders to improve intelligence capabilities and communicate findings to law enforcement and government partners.
Requirements
- Proven experience in threat intelligence cyber intelligence or national security intelligence roles
- Fluency in Russian Chinese (Mandarin or Cantonese) or Farsi with ability to conduct research and analysis in that language
- Track record of generating net-new intelligence by developing original hypotheses and pursuing non-obvious investigative threads
- Background in sanctions enforcement financial intelligence or corporate investigations
- Working knowledge of blockchain and cryptocurrency including transactions on-chain tracing concepts and role of crypto in financial crime
- Ability to analyze corporate ownership structures beneficial ownership and cross-border fund flows
- Experience tracking threat actors nation-state activity or sanctioned entities including analysis of TTPs infrastructure and financial behavior
- Strong analytical and communication skills with ability to produce clear actionable intelligence reports
- Ability to collaborate cross-functionally with technical and non-technical stakeholders
- Comfort operating in ambiguous low-signal environments and ownership mindset to drive investigations independently
- Hands-on experience with blockchain analysis tools (e.g., Chainalysis Reactor TRM Elliptic) or formal cryptocurrency investigation experience
- Relevant certifications (e.g., GIAC CEH Chainalysis Reactor Certification) or background in cybersecurity intelligence or investigations
Responsibilities
- Develop novel collection strategies and analytic methodologies
- Conduct proactive threat hunting across on-chain and off-chain data sources
- Map financial networks for sanctions evasion including commodity flows and corporate ownership structures
- Track, analyze, and report on threat actors, campaigns, and illicit networks
- Identify and assess adversary tactics techniques and procedures to support detection and attribution
- Leverage OSINT and other intelligence methods to generate actionable insights
- Produce high-quality intelligence reports for law enforcement and government partners
- Collaborate with data engineering and product teams to enhance intelligence capabilities
- Advocate how adversaries exploit traditional finance and crypto to move illicit value
Benefits
- Remote work
- Flexible schedules
- Asynchronous communication