Threat Intelligence Lead

Company Description

 

More about our mission and what we offer.

Job Description

We’re looking for a FinCrime Threat Intelligence Lead to build and scale Wise’s internal intelligence capability.

Your mission is to proactively investigate criminal networks, extract actionable insights, and establish a function that helps Wise stay ahead of fraud, not just respond to it.

You’ll start as a senior individual contributor, but your remit is to lay the foundations and scale a strategic intelligence domain that protects Wise from organised fraud, scams, money laundering, and criminal abuse at scale.

This is not a passive role. You’ll embed inside the criminal ecosystem, uncover how fraudsters operate, reverse-engineer their tools and tactics, and translate those insights directly into product, detection, and operational impact.

You’ll be the founding member of a proactive intelligence function, one that hunts threats before they ever appear in dashboards. You’ll partner directly with Product to drive results, and your insights will enhance Wise’s FinCrime strategy, delivering measurable protection for customers and the platform.

 

What you’ll be doing

Gather & analyse data

• Collect, monitor, and correlate data across multiple sources: public sources, deep web, dark web, fraud marketplaces, and proprietary feeds.
• Maintain knowledge bases and threat libraries with detailed profiles of adversaries, mule networks, and active scams.
• Research and document tactics, techniques, and procedures (TTPs) used in theft attacks.
• Evaluate and refine intelligence feeds to ensure maximum value for Wise.

 

Produce & share intelligence

• Create intelligence reports tailored to different audiences:
• Executives: strategic risk insights, trends, and decision framing.
• Product & Security teams: technical/tactical guidance on how attacks work and how to block them.
• Ops agents: real-time operational playbooks for investigations.
• Provide clear, actionable recommendations on mitigation strategies.
• Maintaining and evolving Wise’s threat intelligence program, ensuring feeds, signals, and reports are integrated into everyday fraud prevention.
• Reverse-engineer scam infrastructure, mule flows, fraud-as-a-service offerings, and phishing or spoofing kits

 

Collaborate & respond

• Partner with Fraud Ops and product during incidents, providing context and insights that accelerate containment and remediation.
• Work cross-functionally with Fraud Product, Design & ML to embed prevention controls upstream.
• Work with Ops to sharpen response workflows and minimise blind spots.

 

Build & Lead a domain over time

• Define the function’s knowledge base, operating model, and reporting cadence
• Set the blueprint for a world-class fraud intelligence team - with hiring, tooling, and delivery plans
• Act as Wise’s internal subject matter expert on criminal fraud networks and typologies

 

Types of Intelligence you’ll deliver

• Strategic → High-level landscape and actor objectives, for executives and product leaders.
• Tactical → Attacker TTPs and defense guidance for fraud prevention teams.
• Technical → IOCs (malicious IPs, domains, phishing kits, mule playbooks) to power detection systems.
• Operational → Real-time insights on timing, motives, and methods of theft attacks gathered from forums, chat rooms, and infiltrations.

Qualifications

Required

• 8–10+ years in threat intelligence or fraud prevention (fintech or financial services preferred).

• Dark web research, OSINT, or infiltration

• Experience conducting both contextual research (understanding criminal ecosystems) and field research (active infiltration, monitoring).

• Exceptional communicator, able to brief executives, influence product strategy, and mentor cross-functional teams.

• Background in law enforcement, cyber threat intelligence, fraud prevention, dark web research.

• Experience building and running threat intelligence teams, in addition to a proven ability to coach and scale agent capability, turning frontline ops into proactive fraud hunters.

 

Preferred 

• Experience in fintech, crypto, or financial institutions

• Prior work in law enforcement, threat intel vendors, or dark web research

• Familiarity with detection workflows, rule tuning, or feature creation for models

• Knowledge of AML and KYT typologies, mule behaviours, and cross-border laundering

Certifications (valued, not required)

• GCTI, CREST CTIM, OSINT certs, CFE, CFCS, ACAMS, or Chainalysis Reactor

 

Additional Information

We’re people without borders - without judgement or prejudice, too. We want to work with the best people, no matter their background. So if you’re passionate about learning new things and keen to join our mission, you’ll fit right in.

Also, qualifications aren’t that important to us. If you’ve got great experience, and you’re great at articulating your thinking, we’d like to hear from you.

And because we believe that diverse teams build better products, we’d especially love to hear from you if you’re from an under-represented demographic.

For everyone, everywhere. We're people building money without borders  — without judgement or prejudice, too. We believe teams are strongest when they are diverse, equitable and inclusive.

We're proud to have a truly international team, and we celebrate our differences.
Inclusive teams help us live our values and make sure every Wiser feels respected, empowered to contribute towards our mission and able to progress in their careers.

If you want to find out more about what it's like to work at Wise visit Wise.Jobs.

Keep up to date with life at Wise by following us on LinkedIn and Instagram.