**Responsibilities to be performed:** * **Threat Intelligence Lifecycle:** Lead the full threat intelligence lifecycle (CTI), from data collection across open sources (OSINT), the dark web, and technical sources, through analysis, reporting, and dissemination of intelligence to technical and executive stakeholders. * **Analysis and Classification:** Analyze, classify, and correlate malicious activities—including malware, phishing campaigns, threat actors’ Tactics, Techniques, and Procedures (TTPs), and emerging fraud patterns. * **Indicator Management:** Document and manage Indicators of Compromise (IoCs) and Indicators of Attack (IoAs) within our Threat Intelligence Platform (TIP), ensuring data is leveraged to strengthen our defenses (SIEM, EDR, firewalls). * **Fraud Pattern Analysis:** Apply data analysis techniques to identify patterns and anomalies in large volumes of transactional data, enabling proactive fraud detection and development of fraud prevention rules. * **Strategic Collaboration:** Collaborate closely with Incident Response, Offensive Security (Red Team), and Engineering teams to translate threat intelligence and fraud findings into concrete actions—such as hardening prioritization, TTP simulation, and development of new security controls. * **Communication and Reporting:** Develop and deliver reports, risk metrics, and intelligence briefings to leadership, clearly and objectively communicating complex threats and fraud trends. * **Mentorship and Innovation:** Serve as mentor to junior team members, document processes, and drive continuous improvement of intelligence and anti-fraud tools and workflows. **Required Qualifications:** * Proven professional experience in Cybersecurity, with demonstrable expertise in Cyber Threat Intelligence (CTI) and Fraud Analysis/Investigation. * In-depth knowledge of the intelligence lifecycle and analytical frameworks such as MITRE ATT&CK®, Cyber Kill Chain®, and the Diamond Model. * Hands-on experience with CTI tools—including Threat Intelligence Platforms (TIPs)—and security analytics platforms (SIEM, EDR). * Strong analytical capability to work with large-scale datasets using languages such as SQL and/or scripting (Python is a strong differentiator). * Excellent verbal and written communication skills to produce detailed reports and present findings to diverse audiences. * Advanced/fluent English for global team collaboration, reading technical reports, and engaging with the international security community. **ATTENTION!** **For this position, the work model is hybrid—requiring three days per week on-site at our office in Barueri/SP. Therefore, candidates must reside in São Paulo state or in a nearby area with easy commuting access.**