Bottomline
Brand and Exposure Management Analyst
Bottomline, Portsmouth, New Hampshire, United States, 00215
Why Choose Bottomline?
Are you ready to transform the way businesses pay and get paid? Bottomline is a global leader in business payments and cash management, with over 35 years of experience and moving more than $16 trillion in payments annually. We're looking for passionate individuals to join our team and help drive impactful results for our customers. If you're dedicated to delighting customers and promoting growth and innovation, we want you on our team!
Location: This role is Remote based; Candidates can be located in the US or EU markets.
The Role The Brand Security and Exposure Management Analyst is a business-focused cyber monitoring role responsible for protecting the organization’s brand reputation, customer trust, and corporate identity across digital channels. This position bridges cybersecurity awareness with business risk management, focusing on the detection and response to brand abuse, impersonation schemes, data exposure incidents, and supply chain compromises that could impact customer confidence or organizational reputation. The successful candidate will coordinate cross‑functional responses involving fraud, legal, privacy, and customer service teams while providing supplemental support to security operations during scheduled shifts. This role emphasizes business acumen, stakeholder communication, and practical risk mitigation over deep technical analysis.
How you’ll contribute Brand Protection and Reputation Monitoring
Lead the development and implementation of brand monitoring capabilities within Security Operations, establishing processes for detecting and responding to brand abuse across digital channels
Monitor online sources including social media, mobile app stores, domain registrations, and underground forums for unauthorized use of corporate trademarks, executive impersonation, and fraudulent schemes targeting customers
Identify phishing campaigns, fake websites, counterfeit mobile applications, and social engineering attacks that exploit the organization’s brand to defraud customers or damage reputation
Track discussions and activities on underground platforms where stolen customer data, compromised credentials, or payment card information may be traded or disclosed
Assess the business impact and reputational risk of brand abuse incidents, prioritizing response activities based on potential customer harm and operational disruption
Exposure Response and Cross-Functional Coordination
Coordinate takedown and remediation efforts for fraudulent domains, fake social media accounts, counterfeit applications, and phishing infrastructure impersonating the organization
Partner with Legal counsel to facilitate cease and desist actions, intellectual property enforcement, and appropriate escalation to law enforcement when criminal activity is identified
Collaborate with Fraud teams to understand emerging fraud patterns, share intelligence on threat actor tactics, and support investigations of customer‑impacting incidents
Work with Privacy officers to ensure appropriate handling of customer data exposure incidents, including breach notification assessments and regulatory reporting requirements
Support customer-facing teams by providing timely intelligence on active threats, recommended customer communications, and guidance on responding to customer inquiries about suspicious activity
Maintain documentation of brand abuse cases, response timelines, and resolution outcomes to demonstrate program value and inform process improvements
Supply Chain Exposure and Vendor Incident Coordination
Monitor public disclosures and intelligence sources for security incidents, data breaches, and compromises affecting third-party vendors and technology partners
Assess potential business impact when supply chain partners experience security incidents, including risks to customer data, operational continuity, and regulatory compliance
Coordinate with internal stakeholders to determine appropriate response actions when vendor compromises are identified, including contract reviews, audit requests, or service migration planning
Support vendor risk management activities by providing external intelligence on supplier security posture, incident history, and threat actor targeting of the supply chain
Track ransomware campaigns and data extortion operations affecting the financial services sector, alerting leadership to potential impacts on business operations or partner relationships
Security Operations Center Support
Provide alternating shift coverage for the Security Operations Center, supporting 24/7 monitoring and basic incident response capabilities during scheduled rotations
Review and triage security alerts escalated from Level 1 analysts, performing initial assessment and escalating confirmed incidents to senior security personnel
Leverage brand monitoring insights to enhance security operations awareness of external threats, phishing campaigns, and credential exposure affecting the organization
Document security events and response activities according to established procedures, ensuring appropriate record-keeping for compliance and audit purposes
Participate in on-the-job training and skill development to build competency in security operations procedures, incident response workflows, and monitoring technologies
Education
Bachelor’s degree in Cybersecurity, Information Security, Business Administration, Criminal Justice, Fraud Management, or related field
Master’s degree in Cybersecurity or Information Systems preferred
Professional Experience
1‑3 years of experience in financial services, insurance, anti‑money laundering (AML), fraud prevention, compliance, or cybersecurity roles with exposure to business risk management
Experience working in cross‑functional environments involving fraud, legal, compliance, privacy, or customer service organizations
Familiarity with payment processing operations, financial crimes typologies, or customer data protection requirements in regulated industries
Core Skills and Knowledge
Strong business acumen with ability to translate cyber risks into business impact, financial exposure, and reputational consequences
Basic understanding of cybersecurity principles, common attack methods, and fraud tactics used against financial institutions
Comfortable conducting online research across social media platforms, search engines, and public information sources to identify brand abuse
Awareness of phishing techniques, social engineering tactics, and impersonation schemes commonly used to target customers and employees
Willingness to learn security monitoring tools and procedures with on-the-job training and mentorship from senior security personnel
Core Competencies
Business Risk Focus: Ability to assess cyber incidents through a business lens, prioritizing response activities based on customer impact, financial exposure, and reputational risk
Stakeholder Communication: Exceptional written and verbal communication skills with ability to engage effectively with legal, fraud, privacy, compliance, and business leadership
Investigative Mindset: Strong critical thinking and problem-solving abilities with natural curiosity to investigate suspicious activity and identify patterns of abuse
Coordination Excellence: Proven ability to orchestrate multi‑team responses, facilitate decision-making across organizational boundaries, and drive incidents to resolution
Customer Protection Orientation: Genuine commitment to safeguarding customer interests, protecting brand trust, and minimizing harm from fraud and abuse
Adaptability: Comfortable operating in ambiguous situations, learning new technologies and procedures, and adjusting priorities as business needs evolve
Ethical Judgment: Demonstrates discretion when handling sensitive information, maintains confidentiality, and exercises sound judgment in escalation decisions
Operational Flexibility: Willingness to support alternating shift schedules and transition seamlessly between proactive brand monitoring and reactive security operations support
Reporting Structure Direct Reporting: Cyber Threat Intelligence Manager
Indirect Reporting: Senior Manager, Security Operations and Senior Manager, Threat and Vulnerability Management for SOC operational matters and shift coordination.
Working Conditions This position operates in a 24/7 security operations environment requiring alternating shift coverage including evenings, weekends, and holidays on a rotating basis. The role requires extended periods of computer use for online monitoring, investigation activities, and documentation. The analyst should be prepared for urgent response situations requiring rapid coordination across Legal, Fraud, Privacy, and customer-facing teams. Due to the nature of brand abuse monitoring, the analyst may encounter disturbing content including criminal discussions, stolen data, and schemes designed to harm customers.
This job description is intended to convey information essential to understanding the scope of the position and is not an exhaustive list of skills, efforts, duties, responsibilities, or working conditions associated with it. Management reserves the right to modify, add, or remove duties as necessary.
We welcome talent at all career stages and are dedicated to understanding and supporting additional needs. We’re proud to be an equal‑opportunity employer, committed to creating an inclusive and open environment for everyone.
#J-18808-Ljbffr
Are you ready to transform the way businesses pay and get paid? Bottomline is a global leader in business payments and cash management, with over 35 years of experience and moving more than $16 trillion in payments annually. We're looking for passionate individuals to join our team and help drive impactful results for our customers. If you're dedicated to delighting customers and promoting growth and innovation, we want you on our team!
Location: This role is Remote based; Candidates can be located in the US or EU markets.
The Role The Brand Security and Exposure Management Analyst is a business-focused cyber monitoring role responsible for protecting the organization’s brand reputation, customer trust, and corporate identity across digital channels. This position bridges cybersecurity awareness with business risk management, focusing on the detection and response to brand abuse, impersonation schemes, data exposure incidents, and supply chain compromises that could impact customer confidence or organizational reputation. The successful candidate will coordinate cross‑functional responses involving fraud, legal, privacy, and customer service teams while providing supplemental support to security operations during scheduled shifts. This role emphasizes business acumen, stakeholder communication, and practical risk mitigation over deep technical analysis.
How you’ll contribute Brand Protection and Reputation Monitoring
Lead the development and implementation of brand monitoring capabilities within Security Operations, establishing processes for detecting and responding to brand abuse across digital channels
Monitor online sources including social media, mobile app stores, domain registrations, and underground forums for unauthorized use of corporate trademarks, executive impersonation, and fraudulent schemes targeting customers
Identify phishing campaigns, fake websites, counterfeit mobile applications, and social engineering attacks that exploit the organization’s brand to defraud customers or damage reputation
Track discussions and activities on underground platforms where stolen customer data, compromised credentials, or payment card information may be traded or disclosed
Assess the business impact and reputational risk of brand abuse incidents, prioritizing response activities based on potential customer harm and operational disruption
Exposure Response and Cross-Functional Coordination
Coordinate takedown and remediation efforts for fraudulent domains, fake social media accounts, counterfeit applications, and phishing infrastructure impersonating the organization
Partner with Legal counsel to facilitate cease and desist actions, intellectual property enforcement, and appropriate escalation to law enforcement when criminal activity is identified
Collaborate with Fraud teams to understand emerging fraud patterns, share intelligence on threat actor tactics, and support investigations of customer‑impacting incidents
Work with Privacy officers to ensure appropriate handling of customer data exposure incidents, including breach notification assessments and regulatory reporting requirements
Support customer-facing teams by providing timely intelligence on active threats, recommended customer communications, and guidance on responding to customer inquiries about suspicious activity
Maintain documentation of brand abuse cases, response timelines, and resolution outcomes to demonstrate program value and inform process improvements
Supply Chain Exposure and Vendor Incident Coordination
Monitor public disclosures and intelligence sources for security incidents, data breaches, and compromises affecting third-party vendors and technology partners
Assess potential business impact when supply chain partners experience security incidents, including risks to customer data, operational continuity, and regulatory compliance
Coordinate with internal stakeholders to determine appropriate response actions when vendor compromises are identified, including contract reviews, audit requests, or service migration planning
Support vendor risk management activities by providing external intelligence on supplier security posture, incident history, and threat actor targeting of the supply chain
Track ransomware campaigns and data extortion operations affecting the financial services sector, alerting leadership to potential impacts on business operations or partner relationships
Security Operations Center Support
Provide alternating shift coverage for the Security Operations Center, supporting 24/7 monitoring and basic incident response capabilities during scheduled rotations
Review and triage security alerts escalated from Level 1 analysts, performing initial assessment and escalating confirmed incidents to senior security personnel
Leverage brand monitoring insights to enhance security operations awareness of external threats, phishing campaigns, and credential exposure affecting the organization
Document security events and response activities according to established procedures, ensuring appropriate record-keeping for compliance and audit purposes
Participate in on-the-job training and skill development to build competency in security operations procedures, incident response workflows, and monitoring technologies
Education
Bachelor’s degree in Cybersecurity, Information Security, Business Administration, Criminal Justice, Fraud Management, or related field
Master’s degree in Cybersecurity or Information Systems preferred
Professional Experience
1‑3 years of experience in financial services, insurance, anti‑money laundering (AML), fraud prevention, compliance, or cybersecurity roles with exposure to business risk management
Experience working in cross‑functional environments involving fraud, legal, compliance, privacy, or customer service organizations
Familiarity with payment processing operations, financial crimes typologies, or customer data protection requirements in regulated industries
Core Skills and Knowledge
Strong business acumen with ability to translate cyber risks into business impact, financial exposure, and reputational consequences
Basic understanding of cybersecurity principles, common attack methods, and fraud tactics used against financial institutions
Comfortable conducting online research across social media platforms, search engines, and public information sources to identify brand abuse
Awareness of phishing techniques, social engineering tactics, and impersonation schemes commonly used to target customers and employees
Willingness to learn security monitoring tools and procedures with on-the-job training and mentorship from senior security personnel
Core Competencies
Business Risk Focus: Ability to assess cyber incidents through a business lens, prioritizing response activities based on customer impact, financial exposure, and reputational risk
Stakeholder Communication: Exceptional written and verbal communication skills with ability to engage effectively with legal, fraud, privacy, compliance, and business leadership
Investigative Mindset: Strong critical thinking and problem-solving abilities with natural curiosity to investigate suspicious activity and identify patterns of abuse
Coordination Excellence: Proven ability to orchestrate multi‑team responses, facilitate decision-making across organizational boundaries, and drive incidents to resolution
Customer Protection Orientation: Genuine commitment to safeguarding customer interests, protecting brand trust, and minimizing harm from fraud and abuse
Adaptability: Comfortable operating in ambiguous situations, learning new technologies and procedures, and adjusting priorities as business needs evolve
Ethical Judgment: Demonstrates discretion when handling sensitive information, maintains confidentiality, and exercises sound judgment in escalation decisions
Operational Flexibility: Willingness to support alternating shift schedules and transition seamlessly between proactive brand monitoring and reactive security operations support
Reporting Structure Direct Reporting: Cyber Threat Intelligence Manager
Indirect Reporting: Senior Manager, Security Operations and Senior Manager, Threat and Vulnerability Management for SOC operational matters and shift coordination.
Working Conditions This position operates in a 24/7 security operations environment requiring alternating shift coverage including evenings, weekends, and holidays on a rotating basis. The role requires extended periods of computer use for online monitoring, investigation activities, and documentation. The analyst should be prepared for urgent response situations requiring rapid coordination across Legal, Fraud, Privacy, and customer-facing teams. Due to the nature of brand abuse monitoring, the analyst may encounter disturbing content including criminal discussions, stolen data, and schemes designed to harm customers.
This job description is intended to convey information essential to understanding the scope of the position and is not an exhaustive list of skills, efforts, duties, responsibilities, or working conditions associated with it. Management reserves the right to modify, add, or remove duties as necessary.
We welcome talent at all career stages and are dedicated to understanding and supporting additional needs. We’re proud to be an equal‑opportunity employer, committed to creating an inclusive and open environment for everyone.
#J-18808-Ljbffr