Insider Threat Specialist (Intelligence Analyst 3) - 29084

About The Position

Requirements

• 5 years of relevant insider-threat, counterintelligence, security, or intelligence experience with a bachelor’s degree; 3 years with a master’s degree; or 9 years of relevant experience with a high-school diploma or equivalent
• Active TS/SCI
• Demonstrated understanding of insider-threat risks, indicators, and methodologies, including behavioral, cyber, administrative, and operational indicators supporting ONS CI/Insider Threat mission functions
• Comprehensive knowledge of sensitive-sector risks affecting HHS, including research-security vulnerabilities, biomanufacturing threats, supply-chain exposures, and foreign-intelligence targeting; aligned with federal and departmental insider-risk frameworks
• Ability to assess, interpret, and weigh source reliability and credibility; distinguish fact from judgment; and evaluate alternative hypotheses
• Proven ability to conduct trend and pattern analysis, synthesize fragmented information, and identify analytic gaps to inform risk-mitigation strategies
• Expert research and collection-management skills, including crafting PIRs/KEYs and identifying relevant data sources across CI, security, HR, insider-risk systems, and cyber repositories
• Experience with analytical research tools and demonstrated knowledge of databases and intelligence portals, including platforms used for information sharing and analytic collaboration such as HSIN, IC portals, web-based intelligence systems, and internal ONS/CI data environments, consistent with ONS onboarding materials and analytic-collaboration standards
• Ability to brief senior leaders on emerging threats, ongoing investigations, and enterprise-level trends, with proper attribution, classification handling, and articulation of uncertainty
• Strong intelligence acumen, including knowledge of how to leverage IC, federal law-enforcement, and departmental partners, and familiarity with classification guidance and multi-domain coordination requirements
• Excellent technical writing skills for producing insider-threat assessments, risk-indicator summaries, and tailored analytic products
• Strong verbal communication and collaboration skills, with the ability to work effectively with CI, security, HR, legal, cyber, and operational teams
• Proficiency with Microsoft Office Suite and working knowledge of Adobe Acrobat

Nice To Haves

• Ability to adapt to constantly changing priorities and operational demands, especially in fast-moving CI and insider-risk environments.
• Experience engaging with customers and cross-functional counterparts on issues spanning multiple mission areas, similar to the inter-division coordination patterns reflected in (INFO/Action Maybe) House FY27 NDAA Views Letter
• Familiarity with Security Classification Guides (SCGs) and proper derivative-classification processes such as those outlined in the 6500 Derivative Classification Student Guide v01 and Quick Reference Guide for Marking Classified Information
• Knowledge of and experience with the Classification Management Tool (CMT) or similar systems for classification decisions and portion marking
• 1–3 years of technical writing or editing experience, including at least one year within the Intelligence Community, supporting the production of analytic assessments, risk reports, or senior-leader briefings

Responsibilities

• Conducting comprehensive insider-threat analysis, integrating behavioral, technical, and counterintelligence indicators; to identify, assess, and elevate potential risks across the HHS.
• Provide and support briefings to senior departmental leaders and Operating/Staff Divisions, ensuring decision-makers maintain awareness of emerging insider-threat trends, foreign intelligence risks, and organizational vulnerabilities, consistent with ONS insider-threat engagement practices.
• Develop and maintain trusted working relationships with HHS principals and key mission partners, enabling timely information sharing and coordinated risk-mitigation actions in alignment with enterprise insider-threat expectations such as those outlined in the insider-threat PMAP core functions.
• Identifying emerging threats within the assigned portfolio.
• Collaborating with federal, IC, and departmental partners.
• Participation in ONS insider-threat–related working groups and interagency meetings.
• Producing high-quality analytic and operational insider-threat products consistent with established CI/ITP tradecraft standards.

Benefits

• best-in-class medical, dental and vision plan choices
• wellness resources
• employee assistance programs
• Savings Plan Options (401(k))
• financial planning tools
• life insurance
• employee discounts
• paid holidays and paid time off
• tuition reimbursement
• early childhood and post-secondary education scholarships