Demo

Director, Cyber Threat Intelligence (CTI)

BNY External Career Site
Washington, DC Full Time
POSTED ON 5/30/2026
AVAILABLE BEFORE 7/30/2026

Director, Cyber Threat Intelligence (CTI) 

Role summary 
The Director, Cyber Threat Intelligence (CTI) leads an adversary-focused intelligence capability that enables proactive defense of BNY’s global platforms, clients, and critical financial operations. This leader builds an all-source intelligence program that produces timely, decision-grade assessments; sets and manages intelligence requirements; and integrates CTI into detection engineering, incident response, vulnerability management, fraud, and executive risk decisions. The role operates with a high degree of discretion, rigor, and ethical judgment, and partners across internal teams and external intelligence communities. 

Mission & outcomes 

  • Shift security from reactive to anticipatory defense by maintaining an accurate, current picture of the actors targeting BNY, their intent, capabilities, and evolving tactics. 
  • Improve resilience and risk prioritization by translating technical intelligence into business-relevant insights that influence controls, investment decisions, and operational readiness. 
  • Integrate intelligence into operational workflows so CTI measurably improves detection coverage, incident outcomes, patch/vulnerability prioritization, and fraud/abuse disruption. 
  • Provide credible executive and regulatory engagement through clear, defensible assessments and briefings aligned to enterprise risk appetite. 

Key responsibilities 

  • Build and lead the CTI program: define the operating model (strategic, operational, tactical intelligence), establish analytic standards and tradecraft, and develop a high-performing team. 
  • Intelligence requirements & collection management: set Priority Intelligence Requirements (PIRs) aligned to BNY’s highest-risk assets and business services; manage collection plans across internal telemetry and trusted external sources; ensure legal/ethical sourcing and handling. 
  • All-source analysis and production: produce actor profiles, campaign assessments, early-warning reporting, estimative intelligence, and post-incident intelligence that informs prevention and recovery. 
  • Operational integration: embed CTI into the SOC, detection engineering, threat hunting, incident response, vulnerability management, identity/access, and fraud teams; drive clear handoffs from intelligence to action. 
  • Executive communications: brief senior leaders with concise, decision-grade intelligence; communicate uncertainty, confidence levels, and recommended actions; maintain a clear linkage to business impact and operational risk. 
  • Cross-functional and global coordination: operate effectively across regions, time zones, and lines of business; coordinate in joint, interagency, and multinational-style environments with appropriate discretion. 
  • External intelligence partnerships: build and maintain trusted relationships with peer institutions, government and law-enforcement partners, and intelligence-sharing communities; represent BNY professionally and responsibly. 
  • Governance, metrics, and continuous improvement: establish KPIs that demonstrate CTI impact (detection improvements, time-to-triage, disruption outcomes, prioritization effectiveness); run after-action reviews and update requirements based on changing threats. 
  • Talent development: mentor analysts and leaders; build training paths, rotations, and tradecraft review; foster a culture of integrity, curiosity, and mission focus. 

Operating model & key interfaces 
This role partners closely with the CISO organization, SOC/IR leadership, detection engineering, vulnerability management, fraud/financial crime, technology risk, and business continuity teams. Outputs are designed to be actionable—mapped to controls, detections, mitigations, and executive decisions. The leader is expected to operate with high discretion and strong information-handling discipline. 

Qualifications (required) 

  • 12 years of progressive experience in cyber threat intelligence, all-source intelligence, counterintelligence, national security, or closely related threat analysis roles, including leadership of analysts and/or intelligence programs. 
  • Demonstrated ability to define intelligence requirements, manage collection, and produce high-quality assessments that drive operational action (not just reporting). 
  • Strong analytic tradecraft: structured thinking, bias awareness, evidentiary rigor, and clear communication of confidence/uncertainty. 
  • Proven track record integrating CTI with security operations (SOC, threat hunting, incident response), detection engineering, and vulnerability management. 
  • Experience briefing senior executives and influencing risk decisions with concise, business-relevant intelligence. 
  • High integrity, sound judgment, and consistent discretion in handling sensitive information. 

Qualifications (preferred) 

  • Experience in financial services, critical infrastructure, or other highly regulated environments with high availability and systemic risk considerations. 
  • Prior work in joint/interagency settings or with intelligence-sharing communities; experience building trusted external partnerships. 
  • Background spanning cyber and traditional intelligence disciplines (e.g., CI, SIGINT/HUMINT-driven analysis, strategic warning, collection management). 
  • Familiarity with common CTI frameworks and operationalization practices (e.g., ATT&CK mapping, intelligence requirements/PIRs, estimative language, analytic standards). 
  • Relevant certifications (examples): GIAC (GCTI, GCIA), CISSP, or equivalent; advanced degree in intelligence studies, cybersecurity, international relations, or related field. 
  • Ability to obtain and maintain a security clearance, if required for external partnership engagements. 

Success profile 

  • Adversary-centric: thinks in terms of actors, intent, capability, access, and pathways to business impact. 
  • Action-oriented: turns intelligence into prioritized decisions, measurable control improvements, and operational outcomes. 
  • Calm under pressure: leads through incidents and ambiguous, fast-moving situations with disciplined judgment. 
  • Enterprise connector: builds alignment across security, technology, fraud/financial crime, and business stakeholders globally. 
  • Ethical and trusted: models discretion, integrity, and responsible intelligence handling in every interaction. 

 

 

Salary.com Estimation for Director, Cyber Threat Intelligence (CTI) in Washington, DC
$235,413 to $291,359
If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution. Compensation Planning
Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right. Surveys & Data Sets

What is the career path for a Director, Cyber Threat Intelligence (CTI)?

Sign up to receive alerts about other jobs on the Director, Cyber Threat Intelligence (CTI) career path by checking the boxes next to the positions that interest you.
Income Estimation: 
$228,678 - $310,400
Income Estimation: 
$282,790 - $435,557
Income Estimation: 
$228,678 - $310,400
Income Estimation: 
$282,790 - $435,557
Employees: Get a Salary Increase
View Core, Job Family, and Industry Job Skills and Competency Data for more than 15,000 Job Titles Skills Library

Job openings at BNY External Career Site

Senior Vice President, Agile Coach
Apply
  • BNY External Career Site Chennai, TN
  • A Principal Agile Coach helps teams across lines of business;adopt and improve Agile methods and practices to solve complex business improvement problems. ... more
  • 1 Day Ago
Specialist, Cash Processing/Funds Transfer II
Apply
  • BNY External Career Site Chennai, TN
  • Specialist, Cash Processing/ Funds Transfer II At BNY, our culture allows us to run our company better and enables employees’ growth and success. As a lead... more
  • 1 Day Ago
Specialist, Fund Reporting Representative I
Apply
  • BNY External Career Site Boston, MA
  • Associate, Regulatory Reporting At BNY, our culture allows us to run our company better and enables employees’ growth and success. As a leading global fina... more
  • 1 Day Ago
Vice President, Fund Reporting Manager I
Apply
  • BNY External Career Site Boston, MA
  • Vice President, Regulatory Reporting At BNY, our culture allows us to run our company better and enables employees’ growth and success. As a leading global... more
  • 1 Day Ago
View More Jobs at BNY External Career Site

Not the job you're looking for? Here are some other Director, Cyber Threat Intelligence (CTI) jobs in the Washington, DC area that may be a better fit.

Senior Cyber Threat Intelligence Analyst
Apply
  • PUNCH Cyber Analytics Group Reston, VA
  • About PUNCH: We’re problem solvers first & foremost . PUNCH’s origin story involves frustration with available INFOSEC tools and techniques—we came up thru... more
  • 1 Month Ago
Director, Cyber Threat Intelligence (CTI)
Apply
  • BNY Washington, DC
  • Job Description Director, Cyber Threat Intelligence (CTI) Role Summary The Director, Cyber Threat Intelligence (CTI) leads an adversary-focused intelligenc... more
  • 1 Day Ago
View More Jobs

AI Assistant is available now!

Feel free to start your new journey!