Senior Manager, Threat Intelligence Lead

Duties and Responsibilities

As the Threat Intelligence Lead, you will be responsible for establishing and managing the bank’s cyber threat intelligence (CTI) program. This role requires strong connections with law enforcement agencies such as NACSA, BNM, PDRM, MCMC, and MyCERT/CyberSecurity Malaysia to enhance collaboration on threat intelligence sharing and incident response. You will lead a team of analysts to identify, analyze, and mitigate emerging cyber threats that could impact the bank’s operations and financial assets.

Key Performance Areas

1. Threat Intelligence

• Develop and implement a Cyber Threat Intelligence (CTI) strategy aligned with the bank’s cybersecurity objectives.
• Establish and maintain strong relationships with NACSA, BNM, PDRM, MCMC, MyCERT/CyberSecurity Malaysia, FS-ISAC, and other regulatory/law enforcement bodies for intelligence sharing and incident collaboration.
• Monitor and analyze cyber threat landscapes, emerging attack techniques, and geopolitical cyber risks that could affect the bank.
• Collect, process, and analyze threat intelligence from open-source intelligence (OSINT), dark web sources, malware analysis, and private intelligence feeds.
• Provide actionable intelligence to SOC, Incident Response (IR), Red Team, and Fraud Prevention teams to enhance proactive defense strategies.
• Lead threat hunting and cyber forensics investigations to detect and neutralize advanced threats.
• Collaborate with IT security teams to proactively mitigate risks from advanced persistent threats (APTs), cybercriminal groups, and nation-state actors.
• Conduct cyber threat briefings, intelligence reports, and risk assessments for senior management and the board.
• Ensure compliance with Bank Negara Malaysia (BNM) RMiT and other cybersecurity regulatory requirements.
• Develop threat intelligence playbooks and integration strategies for SIEM, SOAR, and EDR/XDR platforms.
• Represent the bank in cybersecurity forums, intelligence-sharing platforms, and government-led cyber exercises.

2. Information & Cyber Security Program

• To support information/cyber security programs such as Compromised assessment, threat hunting and Cyber Drill exercise
• To support a bank wide information security education and awareness campaign.
• Provide information /cyber security training and education to stakeholders.
• To provide tracking to the current cyber security programs that has been conducted

Specific Skills/Knowledge and Certification Required

• Strong knowledge of cyber threat intelligence frameworks (MITRE ATT&CK, Diamond Model, Kill Chain, TLP, STIX/TAXII).
• Established connections with NACSA, PDRM, MCMC, MyCERT, and other key regulatory bodies for intelligence collaboration.
• Hands-on experience with threat intelligence platforms (TIPs), OSINT tools, malware analysis, and dark web monitoring.
• Familiarity with cybercriminal tactics, Advanced Persistent Threat (APT) groups, financial cyber fraud, and phishing attacks.
• Experience in cyber threat hunting, forensics, and incident response coordination.
• Strong analytical and investigative skills with the ability to interpret and predict cyber threats.
• Industry certifications such as CTIA, GCTI, GOSI, CISM, CISSP, GCIH, GCFA, or equivalent are preferred.
• Experience working in the financial sector, intelligence agencies, or law enforcement cyber units is highly desirable.
• Excellent communication and presentation skills, with the ability to deliver intelligence reports to technical teams and executive leadership.