Cyber Crime Sr. Specialist (Cyber Threat exp. required)

• Leads strategy and execution for enterprise brand protection across email and domain ecosystems, serving as a subject matter expert on threats such as phishing, BEC, spoofing, and domain abuse while driving scalable, preventative defenses that reduce risk and disrupt threat actors.

• Designs and maintains Cyber Brand Defense control frameworks and operations, including playbooks, workflows, asset inventories, and performance metrics, while advancing automation, threat intelligence integration, and cross-functional partnerships to improve detection, prioritization, and remediation outcomes.

• Drives Cyber Brand Defense leadership and stakeholder alignment, delivering executive-level insights on emerging risks, influencing strategic priorities, managing vendor performance, and representing the function across enterprise and industry engagements to enhance overall program effectiveness and resiliency.

• Serve as SME and strategic advisor on email and domain-based threats, including phishing, BEC, spoofing, domain squatting, and brand abuse.

• Develop and execute scalable Cyber Brand Defense strategies to reduce risk and strengthen proactive threat disruption.

• Partner with Global Technology to enhance email authentication, domain security, and preventative control adoption.

• Design, document, and govern brand abuse control frameworks, including playbooks, workflows, procedures, and performance metrics.

• Collaborate with Legal and external partners to execute domain protection strategies, abuse escalations, and malicious asset takedowns.

• Maintain and enhance inventories of critical assets (domains, subdomains, brands, keywords, logos, safelists, etc.) to support protection efforts.

• Drive operational excellence by partnering with Operations teams to improve threat detection, prioritization, and sustainable remediation processes.

• Lead advanced threat and trend analysis, translating insights into actionable strategies and continuous control improvements.

• Champion automation and orchestration initiatives to reduce time to action, improve scalability, and increase operational efficiency.

• Provide strategic leadership across Cyber Brand Defense, including executive communications, vendor oversight, risk prioritization, and enterprise stakeholder engagement.

• Cyber Threat experience.

• Strategic approach to defensive protection and complex threat landscapes

• Experience with email and domain-based threat landscapes, including phishing, spoofing, domain/typo-squatting, and brand impersonation

• Strong working knowledge of email authentication protocols (SPF, DKIM, DMARC) and their implementation, monitoring, enforcement

• Proven ability to analyze threat trends and translate intelligence into actionable remediation and prevention strategies

• Demonstrated experience developing, documenting, and maintaining controls, procedures, and operational metrics

• Executive-ready communications judgment and discretion; ability to engage senior leaders with credibility and professionalism.

• Exceptional written and verbal communication skills; ability to translate complex risk into clear, executive-level insights and recommendations.

• Ability to lead and influence without formal authority across Lines of Business, Technology, Legal, and Risk stakeholders

• Experience managing vendors and external partners, including tracking, escalation, and SLA governance

• Experience working with external partners and vendors (e.g., registrars, hosting providers, security vendors) to disrupt and mitigate threats

• Strong understanding of cybersecurity risk management principles and control frameworks

• Demonstrated capability to drive process improvement, automation, and operational scalability

• Strong analytical, problem-solving, and decision-making skills in fast-paced, threat-driven environments

• Proficiency with operational tracking and reporting tools (e.g., Jira, Excel, PowerPoint or equivalent.

• Experience with DMARC enforcement at scale

• Familiarity with domain monitoring and threat intelligence tools (e.g., brand monitoring platforms, passive DNS, certificate transparency logs)

• Knowledge of legal and regulatory processes related to domain takedowns, UDRP, and brand protection enforcement

• Experience supporting or leading incident response for phishing campaigns, BEC, or large-scale domain abuse

• Background in automation/orchestration tools or scripting to improve cyber operations (e.g., SOAR platforms)

• Understanding of content delivery networks (CDNs), hosting infrastructure, and website builder ecosystems from an abuse perspective

• Exposure to financial services cybersecurity or fraud risk environments

• Familiarity with emerging threat actor tactics, techniques, and procedures (TTPs) related to brand abuse and social engineering.

This job will be open and accepting applications for a minimum of seven days from the date it was posted