The Senior Cyber Threat Intelligence Fusion Analyst is a valued member of the Information Protection and Risk Management (IPRM) organization. This role is responsible for enabling intelligence-driven security operations through the production of intelligence products that are timely, relevant, and actionable to Ally. You will collaborate with key stakeholders across the organization to enhance and influence their security programs through advanced intelligence solutions. You will have the opportunity to study emerging threats and build forecasts that ultimately translate into improved security controls. Our goal in Cyber Threat Intelligence is to equip the organization with knowledge that enables proactive cyber defense – and we welcome you to join us in that mission. The Work Itself Use Security Information and Event Management (SIEM) tooling to analyze authentication and security telemetry across diverse sources to assess the relevance of threats to the environment and generate viable threat mitigation recommendations. Fuse cyber threat intelligence with enterprise data to generate insights for business, fraud, AML, and security teams that enhance detection and response to cyber-enabled crimes. Deliver influential threat intelligence presentations to diverse audiences that inform tactical, operational, and strategic decision-making. Collect, analyze, and disseminate actionable cyber threat intelligence to influence incident response, vulnerability management, threat hunting, detection engineering, third party risk management, and more. Leverage intelligence tooling to investigate potential threats on the open, deep, and dark web. Research adversary tactics, techniques, and procedures (TT - Ps) to cyclically perform threat profiling. Translate relevant and emerging adversary TT - Ps into actionable and durable defense strategies for threat detection and threat prevention. Partner closely with Ally’s red team to enable intelligence-driven threat emulations and simulations. Support Ally’s Security Operations Center (SOC) and Cybersecurity Incident Response Team (CSIRT) during cybersecurity investigations. Collaborate with Ally’s SOC and security engineering teams to develop and mature automated enrichment of Indicators of Compromise (IO - Cs). Produce processes, playbooks, and procedures to maintain operational resiliency and excellence. Develop automation and orchestration across the cyber threat intelligence lifecycle with Power. Automate. The Skills You Bring Minimum Qualifications:3 years of experience?High School Diploma or GED equivalent. Preferred Qualifications:3 years in security operations, with at least 1 of those years focused on threat intelligence. Strong understanding of threat intelligence models and frameworks, including Cyber Kill Chain, MITRE ATT&CK, Diamond Model, Pyramid of Pain. Proficient in the use of threat intelligence tooling to perform investigations on the deep, dark, and open web. Expertise in performing Open-Source Intelligence (OSINT) research while maintaining operational security. Advanced working proficiency with SIEM tools in the context of threat intelligence analysis. Foundational understanding of cyber-enabled financial crimes. Broad understanding of security best practices and how to harden controls against adversarial techniques. Confidence in presenting threat intelligence to large and varied audiences. Ability to manage projects and mature programs involving multiple teams with confidence.