Cyber Threat Intelligence Lead

Agile DefenseReston, VA
22hHybrid

About The Position

Agile Defense is currently seeking a highly technical, hands-on Cyber Intelligence Lead with advanced tradecraft and skillsets in cyber threat analysis to develop and operate cyber security capabilities for a Cybersecurity Operation Center (CSOC) for a variety of federal customers. To ensure the integrity, security, and resiliency of critical operations, we are seeking candidates with diverse backgrounds in cyber security systems operations, cyber intelligence analysis and digital forensic. Strong written and verbal communications skills are a must. The ideal candidate will have a solid understanding of cyber threats and information security in the domains of TTP’s, Threat Actors, Campaigns, and Observables. Additionally, the ideal candidate would have professional experience with cyber intelligence analysis both at unclassified and classified levels, intrusion set/nation state attribution, intrusion detection systems, intrusion analysis, security information event management platforms, endpoint threat detection tools, big data analytics, and cyber ticketing management.

Requirements

  • Bachelor’s degree in computer science, engineering, cybersecurity or STEM
  • Seven (7) years of experience as a Tier III senior cyber security analyst performing intelligence analysis, collection management, and technical analysis.
  • Five (5) years of hands-on experience with experience in the last two (2) years that includes host-based and network-based security monitoring using cybersecurity capabilities.
  • Possess a strong cyber security background with experience in the identification of advanced cyber threat activities, intrusion detection, incident response, malware analysis, and security content development (e.g., signatures, rules, etc.); and cyber threat intelligence.
  • Ability to read and write scripts at an intermediate level to support cyber threat detection such as VB scripts, Python, Powershell and HTML, XML.
  • Cyber threat analysis with ability to identify, mitigate or remediation courses of action; developing actionable intelligence used to protect organizational IT assets.

Nice To Haves

  • GCTI
  • GFCA

Responsibilities

  • Directs the collection, analysis, production, and integration of cyber threat intelligence into CSOC detection and response workflows.
  • Maintains continual situational awareness and applicable context of threat actors, tactics, techniques, and procedures (TTPs), and active campaigns to inform the creation of detection content, cyber hunting priorities, and strategic leadership decisions.
  • Produce actionable intelligence reports, indicators of compromise (IOCs), and early-warning assessments to support CSOC operations.
  • Integrates with the detection engineering and threat hunting teams, drive development of signatures, rules, queries and detection content.
  • The candidate will maintain comprehensive tracking of threat actors, trends, and metrics; deliver timely customized strategic, tactical or metrics based reports to customers.
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service