Senior Security Analyst (Threat Intelligence Analyst ) (IGT1 Lanka: CFC)

Company Description

About IGT1 Lanka

IGT1 Lanka is a rapidly growing offshore technology and talent solutions company based in Port City Colombo. We are a fully owned subsidiary of IGT I Holdings Sweden AB, funded by the three of world’s leading private equity firms; EQT Group, Hg, and TA Associates. We’re also proud to be a sister company of IFS, Sri Lanka’s largest and most established technology company.

At IGT1 Lanka, we partner with global businesses to scale operations, accelerate innovation, and build world-class SaaS platforms through high-quality offshore delivery. Our people-first culture champions diversity, teamwork, and continuous learning, creating an environment where talent thrives.

With a team of over 300 professionals and counting, we are always looking for passionate, skilled individuals who want to make a global impact while being part of something extraordinary.

Through our offshore collaboration model, you'll be embedded within the team of one of our esteemed international clients, contributing directly to high-impact, enterprise-level initiatives.

About the client: CFC

CFC is a specialist insurance provider, pioneer in emerging risk and market leader in cyber. Our global insurance platform uses cutting-edge technology and data science to deliver smarter, faster underwriting and protect customers from today’s most critical business risks.

Headquartered in London with offices across Europe, USA and Australia, CFC has over 1000 employees and is trusted by more than 150,000 businesses in 90 countries. Learn more at cfc.com and LinkedIn.

Job Description

We are seeking a proactive and analytical Threat Intelligence Analyst to join the Office of the Group CISO. This role is pivotal in helping the organization understand and respond to its evolving threat landscape. You will be responsible for delivering timely, actionable intelligence and performance insights that inform security strategy, control effectiveness, and risk posture across the business.

Key Responsibilities Include:

• Weekly Threat & Control Reviews: Produce concise weekly reports summarizing current threats targeting the organization and evaluating the effectiveness of relevant security controls.
• Monthly KRI Reporting: Develop and maintain key risk indicators (KRIs) that measure how well security controls are performing against active and emerging threats.
• Quarterly Threat Landscape Updates: Deliver in-depth quarterly briefings on the threat activity observed over the past three months, including trends, incidents, and control responses.
• Annual Threat Trends Review: Conduct a comprehensive annual analysis of threat trends, attack vectors, and adversary behaviors targeting the organization, with strategic recommendations.
• Threat Investigations: Investigate specific threats or incidents, correlating internal telemetry with external intelligence to assess impact and recommend mitigations.
• Security Control Recommendations: Assess the effectiveness of technical and procedural security controls in the context of emerging threats and recommend enhancements or changes to security and technology controls to address identified gaps for evolving threats.
• Collaboration & Stakeholder Engagement: Work closely with the Group CISO and wider security team to ensure threat intelligence is communicated in a timely manner.

Qualifications

Essential Knowledge & Experience

• At least 3 years experience of cyber threat intelligence, ideally within financial services.
• Relevant certifications such as GCTI.
• Degree in Cybersecurity, Information Security, Risk Management, or a related field.
• Experience working in Sri Lankan time zones. 

Skills & Ability             

• Strong understanding of threat actors, TTPs (Tactics, Techniques, and Procedures), and threat modelling frameworks (e.g., MITRE ATT&CK).
• Experience with threat intelligence platforms, SIEMs, and security analytics tools.
• Ability to translate technical findings into strategic business insights.
• Excellent written and verbal communication skills, with experience producing executive-level reports.
• Familiarity with regulatory and compliance requirements relevant to financial services.