This job has expired

This position was posted on November 15, 2025 and is likely no longer accepting applications. We've kept it here for historical reference. Check out the similar jobs below!

Threat Intelligence Analyst

Rush Street Interactive, Inc.

Job Overview

Location

Remote

Job Type

Full-time

Full Job Description

📋 Description

• Join Rush Street Interactive (NYSE: RSI) as a Threat Intelligence Analyst and become the first line of defense for one of North America’s fastest-growing online gaming platforms. You will sit at the intersection of cybersecurity, data science, and gaming operations, translating raw threat data into actionable intelligence that protects millions of real-money transactions across BetRivers.com, PlaySugarHouse.com, and RushBet.co.
• Own the end-to-end threat-intelligence lifecycle: collection, enrichment, analysis, and dissemination. You will ingest feeds from commercial providers, open-source repositories, dark-web forums, and internal telemetry, then fuse these sources into high-confidence indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) specific to the iGaming threat landscape.
• Produce daily, weekly, and ad-hoc intelligence briefings for executive leadership, SOC analysts, fraud teams, and product managers. Your concise narratives and visualizations will enable stakeholders to prioritize patching, tune detection rules, and shape product roadmaps before adversaries can exploit emerging vulnerabilities.
• Hunt proactively across our hybrid AWS/on-prem environment, leveraging YARA, Sigma, and custom Python to uncover dormant implants, credential-stuffing infrastructure, and affiliate fraud rings. You will pivot from atomic indicators to behavioral patterns, documenting findings in ATT&CK-aligned threat reports that feed directly back into our SIEM and SOAR playbooks.
• Partner with our Compliance & Risk teams to map threat intelligence against PCI-DSS, GLI-33, and emerging U.S. state regulations. You will quantify residual risk in dollars and reputation, translating technical findings into board-ready risk statements that satisfy both auditors and investors.
• Serve as the subject-matter expert during incident response, providing real-time context on threat actor attribution, campaign timelines, and recommended containment actions. Your quick-turn “who, what, when, where, why” briefings will reduce mean-time-to-respond (MTTR) and limit player impact during high-stakes sporting events.
• Build and maintain relationships with external ISACs, law-enforcement cyber units, and industry peers in the gaming and fintech sectors. You will co-author joint advisories, participate in tabletop exercises, and represent RSI at conferences such as G2E, SANS CTI Summit, and DEF CON.
• Automate repetitive tasks using Python, Jupyter Notebooks, and serverless Lambda functions to keep pace with a 24/7 gaming cycle. From enriching IP reputation scores to auto-triaging phishing submissions, your code will free the team to focus on higher-order analysis and strategic planning.
• Mentor junior analysts and run internal “lunch-and-learn” sessions on topics like macOS malware, Kubernetes attack paths, and the latest affiliate fraud schemes. Your knowledge-sharing culture will elevate the entire security organization and create a pipeline of home-grown talent.
• Influence product security by embedding threat intelligence into the SDLC. You will review new game mechanics and payment flows for abuse scenarios, ensuring that “fun” never comes at the expense of player safety or regulatory compliance.

🎯 Requirements

• 3+ years of hands-on experience in cyber threat intelligence, incident response, or security operations, preferably within highly regulated industries such as iGaming, fintech, or e-commerce.
• Demonstrated ability to analyze malware, extract IOCs, and create ATT&CK-mapped threat reports using tools like VirusTotal, Maltego, and MITRE ATT&CK Navigator.
• Proficiency in Python, PowerShell, or similar scripting languages to automate data ingestion, enrichment, and visualization tasks.
• Strong understanding of cloud security concepts (AWS preferred), container orchestration (Kubernetes), and CI/CD pipelines as attack surfaces.
• Excellent written and verbal communication skills with a track record of briefing both technical teams and non-technical executives under tight deadlines.

🏖️ Benefits

• Fully remote-first culture with flexible hours to match your lifestyle and peak productivity windows.
• Annual professional-development stipend of $3,500 for certifications (GCTI, GREM, AWS Security Specialty), conferences, and advanced training.
• Equity participation through RSI’s employee stock-purchase plan, aligning your success with the company’s continued growth on the NYSE.
• Comprehensive health, dental, and vision coverage starting day one, plus a quarterly wellness allowance for gym memberships, mental-health apps, or ergonomic gear.

Skills & Technologies

Remote

Ready to Apply?

Apply Externally

You will be redirected to an external site to apply.

Rush Street Interactive, Inc.

Visit Website

About Rush Street Interactive, Inc.

Rush Street Interactive, Inc. is a Chicago-based gaming operator that runs online casinos and sportsbooks under the BetRivers and PlaySugarHouse brands in regulated U.S. and Latin American markets. Launched in 2012, the company controls its own technology platform, handling player registration, payments, compliance, and real-time analytics for mobile and desktop users. It partners with land-based casinos to extend their brands online, operates iGaming sites in Pennsylvania, Michigan, New Jersey, West Virginia, and Ontario, and offers retail sports betting at numerous partner properties. Rush Street completed a 2021 SPAC merger and is listed on NYSE under RSI.

View Company Profile

Get more remote jobs like this

Subscribe to the weekly newsletter for similar remote roles and curated hiring updates.

Weekly remote jobs and featured talent.

No spam. Only curated remote roles and product updates. You can unsubscribe anytime.