Cyber Threat Intelligence Lead
About The Position
Agile Defense is currently seeking a highly technical, hands-on Cyber Intelligence Lead with advanced tradecraft and skillsets in cyber threat analysis to develop and operate cyber security capabilities for a Cybersecurity Operation Center (CSOC) for a variety of federal customers. To ensure the integrity, security, and resiliency of critical operations, we are seeking candidates with diverse backgrounds in cyber security systems operations, cyber intelligence analysis and digital forensic. Strong written and verbal communications skills are a must. The ideal candidate will have a solid understanding of cyber threats and information security in the domains of TTPâs, Threat Actors, Campaigns, and Observables. Additionally, the ideal candidate would have professional experience with cyber intelligence analysis both at unclassified and classified levels, intrusion set/nation state attribution, intrusion detection systems, intrusion analysis, security information event management platforms, endpoint threat detection tools, big data analytics, and cyber ticketing management.
Requirements
- Bachelorâs degree in computer science, engineering, cybersecurity or STEM
- Seven (7) years of experience as a Tier III senior cyber security analyst performing intelligence analysis, collection management, and technical analysis.
- Five (5) years of hands-on experience with experience in the last two (2) years that includes host-based and network-based security monitoring using cybersecurity capabilities.
- Possess a strong cyber security background with experience in the identification of advanced cyber threat activities, intrusion detection, incident response, malware analysis, and security content development (e.g., signatures, rules, etc.); and cyber threat intelligence.
- Ability to read and write scripts at an intermediate level to support cyber threat detection such as VB scripts, Python, Powershell and HTML, XML.
- Cyber threat analysis with ability to identify, mitigate or remediation courses of action; developing actionable intelligence used to protect organizational IT assets.
Nice To Haves
- GCTI
- GFCA
Responsibilities
- Directs the collection, analysis, production, and integration of cyber threat intelligence into CSOC detection and response workflows.
- Maintains continual situational awareness and applicable context of threat actors, tactics, techniques, and procedures (TTPs), and active campaigns to inform the creation of detection content, cyber hunting priorities, and strategic leadership decisions.
- Produce actionable intelligence reports, indicators of compromise (IOCs), and early-warning assessments to support CSOC operations.
- Integrates with the detection engineering and threat hunting teams, drive development of signatures, rules, queries and detection content.
- The candidate will maintain comprehensive tracking of threat actors, trends, and metrics; deliver timely customized strategic, tactical or metrics based reports to customers.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
