Staff Security Analyst (Fintech)

TL;DR

Staff Security Analyst (Fintech): Actively hunting for emerging threats targeting hirify.global and its customers, then translating intelligence into scalable systems and coordinated defenses with an accent on rapidly detecting, understanding, and disrupting adversary activity. Focus on building comprehensive threat intelligence, investigating attacker infrastructure, and automating intelligence workflows to shape proactive controls and strengthen threat defense strategy.

Location: This role is based in our Bellevue, WA, Menlo Park, CA or New York City, NY office(s), with in-person attendance expected at least 3 days per week.

Salary: $191,000 - $225,000 USD

Company

hirify.global is building the future of finance, democratizing finance for all.

What you will do

• Proactively hunt and map criminal ecosystems targeting hirify.global and its customers, translating intelligence into scalable systems and coordinated defenses.
• Build and operationalize a comprehensive “Universe of Threats” by identifying, tracking, and prioritizing adversaries across various attack vectors.
• Establish and mature a proactive threat intelligence lifecycle by developing industry partnerships, collaborating with peers and authorities, and cultivating online personas.
• Investigate attacker infrastructure across domains, DNS, certificate transparency logs, cloud providers, and telecom platforms.
• Coordinate threat actor infrastructure takedowns with hosting providers, domain registrars, and cloud platforms.
• Design and automate intelligence workflows using OSINT tooling, enrichment pipelines, data analysis tools, and case management systems.
• Partner with Detection & Response, Automation, Customer Trust & Safety, Security Engineering, Corporate Security, Risk, and executive leaders to prioritize threats.

Requirements

• 8–12+ years of total experience, including 3–5+ years operating at a senior or staff-level scope in threat intelligence, brand protection, or cyber investigations.
• Hands-on experience tracking criminal ecosystems tied to phishing, scams, impersonation, fraud, and infrastructure abuse.
• Deep familiarity with domain registration patterns, DNS and certificate transparency analysis, cloud and hosting abuse across providers (e.g., AWS, GCP, Azure, VPS), and attacker monetization methods.
• Experience using OSINT tooling, SQL, Python, notebooks, SIEM or SOAR platforms, OpenCTI, and case management systems.
• Ability to translate complex technical threats into clear business risk for technical teams and executive audiences through strong written and verbal communication.
• Experience mentoring others or leading initiatives across teams, with a high level of accountability and sound risk judgment in ambiguous situations.

Nice to have

• Experience with crypto investigations or on-chain analysis.
• Background in highly regulated industries such as fintech, financial services, payments, crypto, healthcare, or government.

Culture & Benefits

• Performance-driven compensation with multipliers for outsized impact, bonus programs, equity ownership, and 401(k) matching.
• 100% paid health insurance for employees with 90% coverage for dependents.
• Lifestyle wallet for wellness, learning, and more.
• Employer-paid life & disability insurance, fertility benefits, and mental health benefits.
• Time off to recharge including company holidays, paid time off, sick time, and parental leave.
• Exceptional office experience with catered meals, events, and comfortable workspaces.