WHAT YOU DO AT AMD CHANGES EVERYTHING
At AMD, our mission is to build great products that accelerate next-generation computing experiences—from AI and data centers, to PCs, gaming and embedded systems. Grounded in a culture of innovation and collaboration, we believe real progress comes from bold ideas, human ingenuity and a shared passion to create something extraordinary. When you join AMD, you’ll discover the real differentiator is our culture. We push the limits of innovation to solve the world’s most important challenges—striving for execution excellence, while being direct, humble, collaborative, and inclusive of diverse perspectives. Join us as we shape the future of AI and beyond. **Together, we advance your career. **
THE ROLE:
AMD is seeking a Senior Threat Intelligence Manager to lead and mature the enterprise Threat Intelligence program as a strategic capability supporting cyber defense, incident response, executive decision-making, and business risk reduction. This leader will be responsible for building an intelligence-driven security function that delivers actionable, relevant, and measurable intelligence across the organization.
The ideal candidate will bring a strong blend of technical depth, operational leadership, stakeholder management, and program maturity expertise. This role requires someone who can move beyond passive feed consumption and instead establish a threat intelligence program that drives outcomes across the SOC, Incident Response, Insider Threat, Vulnerability Management, Detection Engineering, and executive leadership. The Senior Threat Intelligence Manager will be expected to improve the efficacy of intelligence operations, strengthen internal intelligence generation, optimize tooling and processes, and ensure intelligence is aligned to AMD’s assets, business priorities, and threat landscape.
KEY RESPONSIBILITIES:
Threat Intelligence Program Leadership
- Lead the strategy, execution, and maturity of AMD’s Threat Intelligence program across tactical, operational, and strategic intelligence functions.
- Define and maintain the program roadmap, operating model, priorities, and service catalog for intelligence support across Cyber Defense.
- Evolve the program from primarily feed-driven intelligence into an intelligence function that produces high-value internal insights, directly supports investigations, and informs proactive defense decisions.
- Establish clear program objectives, success criteria, and measurable outcomes tied to security operations and business risk reduction.
- Drive continuous improvement in intelligence collection, analysis, production, dissemination, and feedback loops.
Intelligence Operations and Analysis
- Oversee the identification, analysis, and communication of relevant adversary activity, campaigns, malware trends, geopolitical developments, and industry-specific threats that may impact AMD.
- Ensure the team produces timely and actionable intelligence products for technical teams, leadership stakeholders, and cross-functional partners.
- Direct intelligence support for incident response, major investigations, and emerging threat scenarios by translating external and internal indicators into operationally useful context.
- Lead the prioritization of threat activity based on business relevance, internal asset exposure, adversary capability, and likelihood of exploitation.
- Develop and refine intelligence requirements aligned to AMD’s threat profile, crown-jewel assets, and strategic priorities.
Internal Intelligence Generation
- Expand AMD’s internal intelligence generation capabilities by improving the team’s use of internal telemetry, investigative findings, incident trends, vulnerability data, and business context.
- Strengthen the team’s ability to correlate internal events with external threat reporting to produce higher-confidence assessments and better defensive recommendations.
- Partner with SOC, Incident Response, Detection Engineering, Insider Threat, and Vulnerability Management to convert operational findings into durable intelligence outputs.
- Drive the development of intelligence-led hypotheses, adversary tracking, and risk assessments grounded in AMD’s real environment rather than generic external reporting.
Operational Integration Across Cyber Defense
- Ensure threat intelligence is deeply integrated into the SOC, detection engineering, incident response, phishing analysis, insider threat investigations, and vulnerability prioritization workflows.
- Partner with SOC leadership to improve the operational relevance of intelligence, including support for alert tuning, use case development, threat-informed hunting, and detection prioritization.
- Collaborate with Vulnerability Management to align threat intelligence with exploitability, active threat activity, and asset criticality in order to improve remediation prioritization.
- Support Insider Threat and sensitive investigations by providing adversary context, investigative enrichment, and analytical support as needed.
- Build repeatable workflows that ensure intelligence is not produced in isolation, but operationalized into defensive action.
Tooling, Automation, and Platform Maturity
- Own and mature the threat intelligence tooling ecosystem, including the effective deployment, tuning, and operationalization of platforms such as TIPs, external intelligence providers, and intelligence-sharing capabilities.
- Lead the implementation and operational maturity of MISP or equivalent intelligence-sharing and management capabilities, ensuring the platform is used effectively and supports the broader cyber defense mission.
- Evaluate and optimize vendor intelligence sources to improve relevance, signal-to-noise ratio, and measurable analyst value.
- Partner with automation and engineering teams to improve enrichment pipelines, indicator handling, intelligence dissemination, and workflow automation.
- Reduce manual and low-value effort through better integration of tools, data sources, and intelligence processes.
Stakeholder Engagement and Executive Communication
- Serve as the primary leader for communicating threat intelligence priorities, risk implications, and key findings to technical and non-technical stakeholders.
- Provide concise, high-quality intelligence briefings to Cyber Defense leadership and executive stakeholders, including risk-based updates on significant adversary activity and emerging issues.
- Build trusted relationships across legal, privacy, engineering, infrastructure, product security, and business leadership to ensure intelligence supports enterprise decision-making.
- Produce leadership-ready metrics and reporting that clearly demonstrate the effectiveness, relevance, and impact of the Threat Intelligence program.
- Translate complex threat activity into clear business implications, recommended actions, and operational priorities.
Team Leadership and Development
- Lead, mentor, and develop a team of threat intelligence analysts and specialists, building a high-performing organization with strong analytical rigor and operational credibility.
- Set high standards for analytical tradecraft, prioritization, product quality, collaboration, and follow-through.
- Develop analyst capability across tactical, operational, and strategic intelligence disciplines, including internal intelligence generation and adversary analysis.
- Establish accountability for measurable outcomes, not just intelligence production volume.
- Foster a culture of partnership, curiosity, urgency, and operational relevance across the team.
Metrics, Governance, and Program Effectiveness
- Define and track KPIs and KRIs that measure intelligence program effectiveness, operational impact, stakeholder satisfaction, and alignment to business risk.
- Improve the team’s efficacy rates by establishing clearer performance expectations around timeliness, actionability, relevance, and downstream operational value.
- Implement governance around intelligence requirements, product standards, dissemination models, and feedback collection.
- Regularly assess program gaps, process inefficiencies, and capability shortfalls, then drive corrective action.
- Ensure the Threat Intelligence program can demonstrate defensible value to leadership through metrics, case studies, and measurable operational outcomes.
**LOCATION: **
Cyberjaya, Malaysia
#LI-AR2
#LI-On Site
_Benefits offered are described: _AMD benefits at a glance.
AMD does not accept unsolicited resumes from headhunters, recruitment agencies, or fee-based recruitment services. AMD and its subsidiaries are equal opportunity, inclusive employers and will consider all applicants without regard to age, ancestry, color, marital status, medical condition, mental or physical disability, national origin, race, religion, political and/or third-party affiliation, sex, pregnancy, sexual orientation, gender identity, military or veteran status, or any other characteristic protected by law. We encourage applications from all qualified candidates and will accommodate applicants’ needs under the respective laws throughout all stages of the recruitment and selection process.
AMD may use Artificial Intelligence to help screen, assess or select applicants for this position. AMD’s “Responsible AI Policy” is available here.
_ _
This posting is for an existing vacancy.