Cyber Threat Investigator 2

The Charles Stark Draper Laboratory•Reston, MA

5d•Onsite

About The Position

The incumbent shapes and enhances Draper’s Office of Threat Management (OTM) in its efforts to proactively protect employees and safeguard critical research and development projects supporting US national security. The Cyber Threat Investigator 2 leverages both cyber and investigative capabilities to improve Counterintelligence (CI) and Insider Threat (InT) actions to identify and counter threats posed by insiders, foreign, and illicit cyber actors against Draper staff, its programs, infrastructure, and systems. This role helps OTM further integrate with Draper’s Information Security and Information Technology functions and with external law enforcement partners to detect cases of unauthorized access, data exfiltration, and other risky behaviors to improve the overall effectiveness of Draper’s CI and InT efforts, and to enhance Draper’s security posture.

Requirements

Extensive experience in cyber-related investigations, digital forensics, and insider threat detection within government or corporate environments.
Knowledge of cybersecurity frameworks and insider threat program standards.
Advanced skill in investigative techniques, forensic tools, evidence handling, and chain-of-custody protocols.
Strong understanding of network architecture, access controls, and data protection measures.
Ability to communicate complex findings clearly and concisely through investigation, reporting, and briefings.
Active or Prior Security Clearance.
5 years directly related experience in conducting Cyber investigations and/or operations.
Experience conducting cyber investigations in a collaborative environment across internal functions and with interagency partners.
Applicants selected for this position will be required to obtain and maintain a government security clearance.
Current in-scope Top Secret security clearance with SCI eligibility is required.

Nice To Haves

Master’s Degree and/or related certifications (e.g., CISSP, CISM, GCFA, CEH, CFE) a plus.
Credentialed federal agent (former/retired) and/or federal government Cyber-CI or Cyber-criminal investigative, with associated training a distinct plus.

Responsibilities

Investigate cyber-related CI and InT incidents, threat indicators, and associated risks (e.g., suspicious activity, unauthorized disclosures, data or system misuse, and/or compromise of sensitive information).
Partner with InfoSec and IT teams, applying forensic analysis of digital evidence skills to develop cases to help OTM identify, report, and mitigate external or internal risks.
Develop investigative strategies for complex cyber-enabled CI and InT cases, related to the protection of intellectual property, proprietary information, employees, and infrastructure, ensuring timely resolution, and compliance.
Within OTM’s CI and InT responsibilities, collaborate with InfoSec’s analysts and across Security functions to identify vulnerabilities exploited by insiders or external actors.
Provide technical cyber investigative support to ongoing OTM investigations and initiatives.
Assist InfoSec in monitoring detection tools, capabilities, and enhance investigative workflows and processes.
Prepare comprehensive technical and investigative reports for OTM, Draper leadership, and external partners.
Collaborate with and support Security on the development of Cyber-related InT awareness for the Draper workforce.
Assist Security in identifying threat trends, vulnerabilities, to employ corrective actions and tighten procedures.
Coordinate with law enforcement and CI partners to share information and establish joint mitigation strategies.