Detections Engineering, Threat Evaluation, and Countermeasures (DETECT) Technical Lead

About The Position

Requirements

• Demonstrated ability to leverage intelligence on attacker methodology, tools, and infrastructure to improve defensive posture
• Experience collecting, analyzing, and interpreting qualitative and quantitative cyber data
• Ability to identify patterns in complex threat actor behavior and communicate evolving threats
• Experience working with detection creation methodologies across multiple platforms
• Functional understanding of threat analysis frameworks such as the Diamond Model, Cyber Kill Chain, and MITRE ATT&CK
• Knowledge of security infrastructure including firewalls, IDS/IPS, proxy servers, email security, anonymization technologies, and SIEM platforms
• Strong written and verbal communication skills, including briefing senior technical leadership
• Seven (7) or more years of experience in cyber threat analysis, detection engineering, incident response, offensive or defensive cyber operations, or related fields
• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related discipline preferred
• Equivalent professional experience may be substituted for formal education
• Experience supporting enterprise cyber defense, intelligence analysis, or security operations missions
• Minimum Security Clearance: Secret, with ability to obtain Top Secret / Sensitive Compartmented Information (TS/SCI)

Nice To Haves

• Experience using analytic and threat intelligence tools such as Augury, Splunk, TAC, Palantir, Shodan, Analyst Notebook, or similar platforms
• Experience collaborating and coordinating with intelligence community partners on cyber-related topics
• Ability to edit and tailor highly technical analysis products for non-technical audiences
• Strong analytical reasoning and problem-solving skills
• Demonstrated leadership experience guiding analysts in dynamic threat environments

Responsibilities

• Lead threat intelligence collection, analysis, production, and dissemination of finished intelligence products
• Provide technical leadership for identifying cyber threats, trends, and emerging adversary behaviors
• Analyze open-source intelligence and other data sources to assess cyber risks and threat activity
• Maintain expert knowledge of adversary intrusion sets, tactics, techniques, and procedures (TTPs)
• Support network security monitoring and incident response teams with tactical threat context
• Communicate intrusion and compromise activity to appropriate agencies and stakeholders
• Coordinate cyber threat tracking with government and partner organizations
• Proactively monitor internal and external environments for malicious activity, vulnerabilities, and attack indicators
• Develop cyber risk and threat assessments with actionable recommendations
• Lead and mentor analysts supporting detection engineering and threat evaluation missions
• Compile, maintain, and refine standard operating procedures (SOPs) and analytical documentation
• Ensure documentation and operational practices remain compliant with CJCSM 6510.01B and applicable directives
• Participate in program reviews, product evaluations, and onsite certification activities
• Present complex threat intelligence findings clearly to senior technical leadership and agency partners

Benefits

• Short/Long Term Disability
• Basic Life Insurance
• Direct Payroll Deposit
• Leave Accrual
• Holidays
• 401(k) Match
• Additional (Voluntary) Life Insurance
• 401(k)
• Medical Coverage
• Dental Coverage
• Vision Care Plan
• Flexible Spending Account Plan