Back to jobs
New

Cyber Threat Intelligence (CTI) Manager

Portsmouth, NH

Why Choose Bottomline?

Are you ready to transform the way businesses pay and get paid? Bottomline is a global leader in business payments and cash management, with over 35 years of experience and moving more than $16 trillion in payments annually. We're looking for passionate individuals to join our team and help drive impactful results for our customers. If you're dedicated to delighting customers and promoting growth and innovation - we want you on our team!

Location: This role is Remote based; Candidates can be located in the US or EU markets.

The Role 

The Cyber Threat Intelligence Manager is a critical leadership role responsible for establishing, managing, and advancing the organization's threat intelligence capabilities within the fintech and payment processing ecosystem. This position requires a strategic mindset combined with hands-on technical expertise to deliver actionable intelligence that drives risk-informed decision-making across the enterprise. The successful candidate will serve as the primary intelligence authority, translating complex threat landscapes into clear, actionable insights for both technical and executive audiences while building a mature, scalable threat intelligence program aligned with business objectives. 

How you’ll contribute

Threat Intelligence Program Leadership 

  • Lead the design, implementation, and ongoing maturation of the enterprise threat intelligence program in partnership with the Senior Director of Security Operations and Senior Manager of Threat and Vulnerability Management 
  • Deploy and operationalize the organization's threat intelligence platform, ensuring integration with existing security infrastructure and maximizing operational efficiency 
  • Establish and maintain intelligence collection requirements, prioritization frameworks, and dissemination protocols tailored to stakeholder needs 
  • Develop and maintain relationships with external intelligence sharing communities, industry groups, ISACs, and government agencies relevant to financial services 

Intelligence Production and Analysis 

  • Produce high-quality strategic, operational, and tactical intelligence products addressing threat actor TTPs, emerging attack vectors, and sector-specific risks affecting payment processing operations 
  • Analyze threat data from multiple sources to identify trends, patterns, and indicators of compromise relevant to the organization's attack surface 
  • Translate technical threat intelligence into actionable recommendations for security operations, incident response, and risk management teams 
  • Deliver regular intelligence briefings to the Senior Director of Security Operations, CISO, and other executive stakeholders on the evolving threat landscape 

Cross-Functional Operations and Incident Support 

  • Serve as the fusion operations lead, coordinating intelligence-driven response across fraud, security, and privacy teams during complex, cross-functional incidents 
  • Provide intelligence support to vulnerability management operations, including threat context for prioritization decisions and exploitation likelihood assessments 
  • Support US hours coverage for vulnerability management activities when the Senior Manager requires operational assistance 
  • Collaborate with the SOC, incident response, and detection engineering teams to ensure intelligence is operationalized into defensive capabilities 

Stakeholder Engagement and Requirements Management 

  • Establish and manage intelligence requirements from diverse stakeholders across risk management, compliance, fraud prevention, application security, and business units 
  • Develop tailored intelligence products and briefings appropriate to audience technical sophistication and organizational role 
  • Serve as the subject matter expert on cyber threat intelligence for internal and external engagements, including audits, regulatory inquiries, and board presentations 

If you have the attributes, skills, and experience listed below, we want to hear from you.

Education 

  • Master's degree in Cybersecurity, Information Security, Computer Science, Information Technology, or related technical field 
  • Relevant professional certifications such as GCTI, GIAC, CISSP, CISM, or equivalent strongly preferred 

Professional Experience 

  • 3-5 years of progressive cybersecurity experience with at least 2 years in threat intelligence, security operations, or incident response roles 
  • Demonstrated experience working in financial services, fintech, payment processing, or insurance sectors with understanding of sector-specific threats 
  • Hands-on experience with threat intelligence platforms, SIEM technologies, and security data analysis tools 
  • Exposure to vulnerability management practices, including risk-based prioritization, remediation workflows, and metrics development 

Technical Competencies 

  • Strong understanding of the cyber threat landscape, including threat actor motivations, capabilities, and TTPs relevant to financial services 
  • Familiarity with threat intelligence frameworks including MITRE ATT&CK, Cyber Kill Chain, Diamond Model, and intelligence lifecycle methodologies 
  • Knowledge of corporate supply chain risk management principles and third-party risk assessment practices 
  • Proficiency in intelligence analysis techniques and structured analytic methods 
  • Understanding of how threat intelligence informs and enhances enterprise risk management programs 

PREFERRED QUALIFICATIONS 

  • Experience implementing or managing threat intelligence platforms or similar technologies 
  • Familiarity with payment card industry (PCI) standards, regulatory requirements, and compliance frameworks applicable to payment processing 
  • Previous experience in fusion center or multi-disciplinary coordination roles 

CORE COMPETENCIES 

  • Analytical Thinking: Ability to synthesize complex, disparate data sources into coherent intelligence assessments and actionable recommendations 
  • Communication Excellence: Superior written and verbal communication skills with ability to tailor messaging for technical and non-technical audiences 
  • Strategic Vision: Capacity to balance immediate operational needs with long-term program development objectives 
  • Collaboration: Proven ability to build effective relationships across organizational boundaries and influence without direct authority 
  • Adaptability: Comfortable operating in fast-paced, high-stakes environments with evolving priorities and emerging threats 
  • Initiative: Self-directed work ethic with ability to identify gaps and proactively develop solutions 
  • Leadership Potential: Demonstrates readiness for future people management responsibilities through mentorship, knowledge sharing, and team contribution 

REPORTING STRUCTURE 

Strategic and Day-to-Day Reporting: Senior Director of Security Operations 

This position may have limited people management responsibilities as the threat intelligence function scales. 

WORKING CONDITIONS 

This position operates in a professional office environment with standard business hours, though occasional evening or weekend work may be required to support incident response activities or accommodate stakeholder schedules across multiple time zones. The role requires extended periods of computer use for data analysis and report generation. Some travel may be required for conferences, training, or meetings with industry partners. 

This job description is intended to convey information essential to understanding the scope of the position and is not an exhaustive list of skills, efforts, duties, responsibilities, or working conditions associated with it. Management reserves the right to modify, add, or remove duties as necessary. 

#LI-AD1

We welcome talent at all career stages and are dedicated to understanding and supporting additional needs. We're proud to be an equal opportunity employer, committed to creating an inclusive and open environment for everyone.

Create a Job Alert

Interested in building your career at Bottomline? Get future opportunities sent straight to your email.

Apply for this job

*

indicates a required field

Resume/CV*

Accepted file types: pdf, doc, docx, txt, rtf

Cover Letter

Accepted file types: pdf, doc, docx, txt, rtf

Select...
Select...
Select...
Select...

Bottomline - US Employee & Candidate Privacy Notice

What is the purpose of this document?

This is an Employee and Candidate Privacy Notice for Bottomline Technologies, Inc (“Bottomline”, “we” and “us”). Bottomline is committed to protecting the personal information of current and former employees, contractors, and job applicants. This Privacy Notice describes how we collect, use, disclose, and protect personal information in accordance with applicable state and federal privacy laws, where the employee, intern, contractor, volunteer, and applicant (or their emergency contact, where relevant) resides in a state which provides relevant data protections.

Personal information does not include:

  • Publicly available information that is lawfully made available from government records, that an individual has otherwise made available to the public.
  • De-identified or aggregated information.
  • Information excluded from the scope of applicable state legislation, such as:

o       Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data.

o       Personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (CFIPA) and the Driver’s Privacy Protection Act of 1994.

The data we collect:

In each case as permitted by applicable law, we may collect the following categories of personal information for the purposes described below:

  • Personal identifiers, such as your name, preferred name, postal address, unique personal identifiers (such as device identifiers, cookies, beacons, pixel tags, mobile ad identifiers and similar technology), telephone number, online identifier, Internet Protocol address, email address, Social Security number, driver’s license number, passport number, date of birth, signature, physical characteristics or description, state identification card number, insurance policy number, education, bank account number, credit card number, debit card number, other financial information, medical information and health insurance information.
  • Characteristics of protected classifications, such as race, color, national origin, religion, age, sex, gender, marital status, medical condition, disability, citizenship status and military or veteran status. We only collect this information if you voluntarily disclose it and as permitted by applicable law, and we will not use this information to make hiring decisions.
  • Online activity, such as your browsing history, search history, IP address and information regarding your interaction with a website, application, or advertisement or Bottomline device.
  • Geolocation data that indicates your precise location.
  • Sensory data, such as audio and visual information that we may obtain if you use video interviewing as part of the application process. If you visit, work, or perform services in Bottomline’s facilities or facilities in which we operate, your entry, exit and actions in or around those facilities may be monitored by CCTV.
  • Professional or employment-related information, such as your employment history, job application or resume, employment contract, references, information about skills and abilities, accomplishments and awards, training and development information, performance evaluation information and employment termination information.
  • Non-public education information, such as your education history, education records (such as grades, transcripts, and class lists) and other information included in your resume or cover letter.
  • Inferences drawn from other personal information, including any information referenced above to create a profile about you reflecting your preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
  • Sensitive personal information, such as race/ethnicity, disability status, health information (where permitted and applicable), biometric data (e.g., for security or timekeeping).
  • Emergency Contact and Dependent Information: For benefits and emergency response purposes

Bottomline may also collect personal information included in job interview notes, responses to screening questions, information provided from background checks, assessment results and any other information you provide in connection with the recruitment process.

How do we collect your personal information?

We usually collect personal data from candidates using an application tracking system. We may also automatically collect certain information, such as IP addresses and device identifiers. Should it not be collected during your initial application process, we may use the following sources to collect your personal information:

  • You, the candidate or employee;
  • Our HR Operations team may collect the following information for onboarding and employee record maintenance purposes; resume, photo, title, name, preferred name, address, telephone number, email address, emergency contact details, date of birth, gender, marital status, ID number and expiry, disability, ethnicity, citizenship status, and banking and tax information, as appropriate and required for the location of the role.
  • Any recruitment agency through which you apply or are recommended by, from which we collect the following categories of data: including name, title, address, telephone number, personal email address, date of birth, gender, employment history, qualifications, remuneration, benefits information, proof of identity, proof of address any other information deemed relevant to the role for which you are being considered;
  • Our background check provider, from which we collect the following categories of data: identity and right to work confirmation, criminal history, global sanctions and politically exposed persons (PEP) screening, education and employment verification, credit and financial background (where relevant), directorships and conflict of interest checks, and adverse media searches. All checks are conducted only where necessary and appropriate for the position, in accordance with applicable laws and with your explicit consent;
  • Our i-9 processing vendor, from which we collect the following categories of data: legal name, Social Security Number, date of birth, identity and right to work documentation;
  • Prior employers and professional references;
  • Educational institutions;
  • Credentialing and licensing organizations;
  • Publicly available sources, such as public social media profiles on LinkedIn, X (Twitter) or Facebook;
  • Emails/conversations with HR/your manager relating to your employment (e.g. leave due to sickness);
  • Through Bottomline’s online systems (e.g. holiday booking system, sick leave booking system, office desk systems, training tools and monitoring Bottomline systems such as email, and internet usage);
  • CRM systems for sales performance and commission and payment processing;
  • Applications to other roles within Bottomline;
  • Employee vetting processes; and
  • Other sources as directed by you.

How is your personal information used?

We may use the personal information we collect about you for the following business purposes:

  • Recruitment of Employees and Processing and Managing Job Applications: We use your personal information to process your job application, create an applicant profile, evaluate your qualifications, schedule, and conduct interviews and communicate with you.
  • Conducting Pre-Employment Screening and Background Checks: In accordance with applicable law, we use your personal information to conduct employment screening, re-screening (where required for your role) and background checks.
  • Compensation and Expense Management: We use your personal information to conduct payroll processing, salary administration, expense reimbursement, manage Bottomline’s corporate credit card program and other compensation purposes such as determining bonuses, equity, and other forms of employee compensation.
  • Benefits Administration: We use your personal information we collect to administer benefits we provide, such as medical, dental, vision, disability insurance, and other employee benefit programs.
  • General Human Resources Management: We use your personal information we collect to provide general HR management services, including managing employee on-boarding, termination and separation, travel administration and return-to-work screening (including any medical screening as required or permitted by applicable law).
  • Training and Professional Development: We use your personal information to provide employment-related training, assisting with professional licensing and development.
  • Internal Employment Purposes: We use your personal information to conduct internal investigations, conduct surveys, analyse resources, resolve disputes, prevent, or detect fraud or security incidents, conduct employee performance reviews, enforce policies and the code of conduct, protect the rights and safety of employees or others, and manage whistleblower programs.
  • Compliance with Legal Requirements and Enforcement of Legal Rights: We use your personal information to comply with applicable laws, regulations, and legal processes (such as responding to subpoenas or court orders), and to respond to legal claims, resolve disputes, enforce legal rights contained in employment or other contracts and comply with legal or regulatory recordkeeping requirements including audits.

We retain personal information as long as needed to fulfil the purposes outlined in this notice, or as required by law, including after the end of employment or withdrawal of an application. Retention periods are based on applicable legal, regulatory, tax, accounting, and operational requirements.

Sharing your personal information

We may share your personal information with third parties, for the business purposes described in this notice, with the following parties:

  • Affiliates and Subsidiaries: We may share your personal information with Bottomline’s affiliates and subsidiaries.
  • Service Providers: We may share your personal information with service providers, such as recruiters, pre-employment screening services, third-party benefits administrators, payroll processors, background check providers and others for a business purpose. When we disclose personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract.
  • Governmental Authorities: As required by law or legal process, we may share your personal information with federal or state regulatory agencies, law enforcement, courts, and other governmental authorities.
  • Professional Advisors: We may share your personal information with our professional advisors, such as auditors and law firms.
  • Parties Involved with Business Transfers: We may share your personal information to third parties in the event we sell or transfer all or a portion of Bottomline’s business or assets (including in the event of a merger, acquisition, joint venture, reorganization, divestiture, dissolution, or liquidation).including third-party service providers and other entities in the group, where required by law, where it is necessary to administer the application process or where we have another legitimate interest in doing so.

Bottomline does not sell any personal information to third parties.

Your rights and obligations

It is important that the personal information we hold about you is kept up to date. Please use the applicable processes to inform us of any updates to your personal information.

Under certain circumstances and where applicable state legislation requires, you have the right to:

  • Request information on the categories of personal information, sources used, purposes for processing and categories of third parties with whom your personal information is shared.
  • Request access to your personal information. This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
  • Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
  • Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it.
  • Object to profiling of your personal information which is used to make decisions with legal or similarly significant effects.
  • Request the transfer of your personal information to another party.

If you want to exercise these rights, please contact Bottomline’s Data Protection Officer in writing. You will need to provide enough information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative and you will need to describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. We will only use personal information provided in a verifiable request to confirm the requestor’s identity or authority to make the request.

We endeavor to respond to a verifiable request within forty-five (45) days of its receipt. If we require more time, we will inform you of the reason and extension period in writing. We will deliver a written response by mail or electronically, at your option. Any disclosures we provide will only cover the 12-month period preceding the verifiable request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance, specifically by electronic mail communication.

We do not charge a fee to process or respond to your verifiable request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

Data Protection Officer contact details

If you have any questions about this notice or your personal information, then please contact Bottomline’s Data Protection Officer - DataProtectionOfficer@bottomline.com.

You also may have the right to make a complaint to the data privacy regulator in your state of residence.

Changes to this Privacy Notice

We may update this notice at any time. This notice was published on May 19, 2025.

Voluntary Self-Identification

For government reporting purposes, we ask candidates to respond to the below self-identification survey. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file.

As set forth in Bottomline’s Equal Employment Opportunity policy, we do not discriminate on the basis of any protected group status under any applicable law.

Select...
Select...
Race & Ethnicity Definitions

If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to the Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categories is as follows:

A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability.

A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.

An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.

An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.

Select...

Voluntary Self-Identification of Disability

Form CC-305
Page 1 of 1
OMB Control Number 1250-0005
Expires 04/30/2026

Why are you being asked to complete this form?

We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years.

Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

A disability is a condition that substantially limits one or more of your “major life activities.” If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to:

  • Alcohol or other substance use disorder (not currently using drugs illegally)
  • Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS
  • Blind or low vision
  • Cancer (past or present)
  • Cardiovascular or heart disease
  • Celiac disease
  • Cerebral palsy
  • Deaf or serious difficulty hearing
  • Diabetes
  • Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders
  • Epilepsy or other seizure disorder
  • Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome
  • Intellectual or developmental disability
  • Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD
  • Missing limbs or partially missing limbs
  • Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports
  • Nervous system condition, for example, migraine headaches, Parkinson’s disease, multiple sclerosis (MS)
  • Neurodivergence, for example, attention-deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities
  • Partial or complete paralysis (any cause)
  • Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema
  • Short stature (dwarfism)
  • Traumatic brain injury
Select...

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.