Cyber Threat Intelligence Analyst, Mid

Key Role:

Support a national-level government agency as a Cyber Threat Intelligence (CTI) Analyst to protect and defend the nation’s interests against threats from cyberspace in collaboration with the private and public sectors. Conduct advanced analysis and research on the latest cyber threats to provide actionable threat intelligence, including adversary indicators of compromise (IOCs), technique, tactics, and procedures (TTPs), behaviors, and trends. Enable national threat hunt operations to defend the client agency and the larger public and private sector networks. Provide support as needed to operational functions detailed in this role during escalation procedures and no-notice emergencies. Conduct analysis to profile threat actor TTPs used to infiltrate networks, systems, and assets to produce threat actor cards, profiles, or threat briefs. Report on current and emerging threats that will exploit vulnerabilities, and details of those vulnerabilities, to stakeholders.

Basic Qualifications:

  • 2+ years of experience in cyber threat intelligence, intelligence analysis, or data science and analysis

  • Experience with collaborating with multiple internal and external stakeholders to gather data or intelligence

  • Experience with analyzing packet capture (PCAP) data, network and system logs to determine adversary TTPs

  • Ability to write succinct briefings, presentations, and reports to convey analysis, threat trends, threat actor profiles, indicator bulletins, vulnerability details, and defensive strategies

  • TS/SCI clearance

  • BA or BS degree

Additional Qualifications:

  • Experience with working in a fast-paced, 24x7x365 cyber threat or analysis center

  • Experience with promptly responding to critical mission needs as needed

  • Experience with integrating large amounts and types of data with common or custom technologies for processing, normalization, and analysis

  • Knowledge of current and emerging cyber adversaries and their techniques, tactics, and procedures (TTPs)

  • Knowledge of threat modeling and adversary tactics and techniques frameworks, including MITRE ATT&CK matrices, Cyber Kill Chain, STRIDE, or PASTA

  • Ability to enrich threat intelligence, including performing DNS lookups and querying existing threat repositories and new sources for additional data correlation

  • Ability to adopt adversary perspective analyzing targeted cyberspace to predict adversary courses of action in support of tactical to operational planning efforts

  • Ability to develop custom automation scripts for process optimization and mission efficacy



Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance is required.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.

Not ready to apply? Join our talent community and sign up for job alerts.