Security Threat Intelligence Lead

Introduction

Welcome to Gallagher - a global community of people who bring bold ideas, deep expertise, and a shared commitment to doing what’s right. We help clients navigate complexity with confidence by empowering businesses, communities, and individuals to thrive. At Gallagher, you’ll find more than a job; you’ll find a culture built on trust, driven by collaboration, and sustained by the belief that we’re better together. Whether you join us in a client-facing role or as part of our brokerage division, our benefits and HR consulting division, or our corporate team, you’ll have the opportunity to grow your career, make an impact, and be part of something bigger. Experience a workplace where you’re encouraged to be yourself, supported to succeed, and inspired to keep learning. That’s what it means to live The Gallagher Way.

Overview

The Security Threat Intelligence Lead will serve as a key technical resource in our Global Cyber and Information Security (GCIS) organization. You will be responsible for developing and maturing Cyber Threat Intelligence approach, recommended standards, reference architecture designs and narratives. You will need to keep current on Threat Intelligence best practices and provide direction for technical specifications. You will work closely with other Information Security colleagues, the broader IT & Infrastructure organization, and Business teams globally to provide security architecture guidance and recommendations. This is a position where you will take a leadership role and influence Cyber Threat Intelligence by example and clearly articulating objectives.

You can be fully remote/virtual/work from home and can sit anywhere in the US.

How You'll Make An Impact

• Build and own the Cyber Threat Intelligence (CTI) program from the ground up, defining its vision, priorities, and lightweight processes suitable for a fast-paced environment.
• Develop threat models and track adversary tactics, techniques, and procedures (TTPs) relevant to the startup’s technology stack and business model.
• Collaborate closely with the Security Operations Center (SOC), engineering, DevOps, and exposure management teams to embed threat intelligence into detection, incident response, and vulnerability management workflows.
• Actively engage with external vendors, industry groups, and threat-sharing communities to enrich intelligence without heavy overhead.
• Lead or support proactive threat hunting activities informed by current intelligence and correlate internal telemetry with external threat data to identify emerging risks.
• Deploy and manage cost-effective threat intelligence platforms and tools; evaluate new technologies and integrations that scale with startup growth.
• Maintain clear and concise documentation of processes, intelligence requirements, and workflows for transparency and agility.
• Produce timely, actionable reports and briefings for technical teams and leadership, highlighting trends, risks, and recommended actions in a business-friendly format.
• Establish intelligence requirements aligned with business objectives and ensure integration of intelligence feeds into Security Information and Event Management (SIEM) systems, Endpoint Detection and Response (EDR) platforms, and other detection tools.
• Develop simple dashboards and metrics to measure CTI program effectiveness and demonstrate value to stakeholders.

About You

Required Qualifications:

• Bachelor's degree or equivalent in Computer Science or related field
• Minimum 3+ years of cybersecurity experience
• Minimum 3+ years working with Microsoft Azure
• 2+ years of experience working with other cloud platforms (AWS, GCP, Oracle)
• Strong knowledge of Open-Source Intelligence (OSINT) tools, malware analysis, and frameworks such as MITRE ATT&CK.
• Ability to balance technical depth with business priorities and communicate effectively with both engineers and executives.
• Knowledge and experience implementing security standards frameworks (NIST - CSF, ISO 27001, CSA CCM, PCI-DSS, GDPR)

Preferred Qualifications:

• Certifications such as GIAC Cyber Threat Intelligence (GCTI), Certified Threat Intelligence Analyst (CTIA), or Certified Information Systems Security Professional (CISSP) preferred but not mandatory
• Hands-on experience with Security Information and Event Management (SIEM) systems, Endpoint Detection and Response (EDR) platforms, and threat intelligence platforms.
• 2+ years’ experience in a global organization
• Insurance and risk management domain knowledge desirable.

Key Characteristics:

• Strong communications skills - oral and written.
• Self-starter with strong work ethic.
• Flexible and resilient, handle various demands planned and unplanned.
• Proven ability to handle multiple tasks and projects simultaneously.
• Problem solver and desire to close issues, pragmatic and realistic with solutions.
• Resilient and collaborative, motivated to pro-actively drive issues to successful mutually agreed upon resolutions.

Compensation And Benefits

We offer a competitive and comprehensive compensation package. The base salary range represents the anticipated low end and high end of the range for this position. The actual compensation will be influenced by a wide range of factors including, but not limited to previous experience, education, pay market/geography, complexity or scope, specialized skill set, lines of business/practice area, supply/demand, and scheduled hours. On top of a competitive salary, great teams and exciting career opportunities, we also offer a wide range of benefits.

Below are the minimum core benefits you’ll get, depending on your job level these benefits may improve:

• Medical/dental/vision plans, which start from day one!
• Life and accident insurance
• 401(K) and Roth options
• Tax-advantaged accounts (HSA, FSA)
• Educational expense reimbursement
• Paid parental leave

Other benefits include:

• Digital mental health services (Talkspace)
• Flexible work hours (availability varies by office and job function)
• Training programs
• Gallagher Thrive program – elevating your health through challenges, workshops and digital fitness programs for your overall wellbeing
• Charitable matching gift program
• And more... The benefits summary above applies to fulltime positions. If you are not applying for a fulltime position, details about benefits will be provided during the selection process.

We value inclusion and diversity

Click Here to review our U.S. Eligibility Requirements

Inclusion and diversity (I&D) is a core part of our business, and it’s embedded into the fabric of our organization. For more than 95 years, Gallagher has led with a commitment to sustainability and to support the communities where we live and work.

Gallagher embraces our employees’ diverse identities, experiences and talents, allowing us to better serve our clients and communities. We see inclusion as a conscious commitment and diversity as a vital strength. By embracing diversity in all its forms, we live out The Gallagher Way to its fullest.

Gallagher believes that all persons are entitled to equal employment opportunity and prohibits any form of discrimination by its managers, employees, vendors or customers based on race, color, religion, creed, gender (including pregnancy status), sexual orientation, gender identity (which includes transgender and other gender non-conforming individuals), gender expression, hair expression, marital status, parental status, age, national origin, ancestry, disability, medical condition, genetic information, veteran or military status, citizenship status, or any other characteristic protected (herein referred to as “protected characteristics”) by applicable federal, state, or local laws.

Equal employment opportunity will be extended in all aspects of the employer-employee relationship, including, but not limited to, recruitment, hiring, training, promotion, transfer, demotion, compensation, benefits, layoff, and termination. In addition, Gallagher will make reasonable accommodations to known physical or mental limitations of an otherwise qualified person with a disability, unless the accommodation would impose an undue hardship on the operation of our business.

Key skills/competency

• Cyber Threat Intelligence
• Threat Modeling
• Security Operations Center (SOC)
• Incident Response
• Vulnerability Management
• Open-Source Intelligence (OSINT)
• MITRE ATT&CK Framework
• Microsoft Azure Security
• SIEM (Security Information and Event Management)
• EDR (Endpoint Detection and Response)