VP, Cyber Threat Intelligence (Remote)

About The Position

Requirements

• Ability to manage global teams across multiple time zones.
• Occasional travel to global offices.
• Availability outside of standard business hours during critical incident response situations.

Nice To Haves

• 12+ years of experience in cybersecurity, with significant leadership experience in cyber threat intelligence, SOC, or incident response.
• Proven experience building and leading enterprise‑scale CTI programs.
• Deep understanding of adversary tactics, techniques, and procedures (TTPs), MITRE ATT&CK, kill chain models, and threat actor ecosystems.
• Strong executive communication skills, including the ability to translate technical intelligence into business risk.
• Experience integrating intelligence into SOC workflows and security tooling.
• Demonstrated ability to lead globally distributed teams.
• Experience in highly regulated industries (e.g., financial services, healthcare, energy, government).
• Prior experience briefing boards, regulators, or senior executives.
• Familiarity with nation‑state, cybercrime, insider threat, and hacktivist activity.
• Certifications such as CISSP, GCTI, CISM, or equivalent.
• Advanced degree in cybersecurity, intelligence studies, international relations, or a related field.

Responsibilities

• Define and execute the enterprise cyber threat intelligence vision, roadmap, and operating model aligned with SOC and business objectives.
• Serve as the senior authority on cyber threat landscape trends, adversary behaviors, and emerging risks.
• Provide strategic intelligence briefings to executive leadership, board‑level stakeholders, and risk committees.
• Ensure CTI aligns with enterprise risk management, regulatory requirements, and industry best practices.
• Deliver actionable tactical, operational, and strategic intelligence to support: SOC detection engineering and alert prioritization, Incident response and crisis management, Vulnerability and exposure management, Threat hunting and purple team activities.
• Oversee intelligence lifecycle management, including collection, analysis, production, dissemination, and feedback loops.
• Integrate intelligence into security tooling (SIEM, SOAR, EDR, TIP, NDR, etc.).
• Build, mature, and scale a world‑class CTI program, including internal and external intelligence sources.
• Oversee threat intelligence platforms (TIPs), data ingestion, automation, and enrichment pipelines.
• Establish KPIs, SLAs, and effectiveness metrics demonstrating intelligence impact on SOC performance and risk reduction.
• Drive intelligence‑led security operations and continuous improvement.
• Lead, mentor, and grow a high‑performing team of threat intelligence analysts and managers.
• Establish career paths, training programs, and analytical standards.
• Foster a culture of analytical rigor, curiosity, and collaboration across security teams.
• Manage relationships with intelligence vendors, ISACs/ISAOs, law enforcement, and government agencies.
• Represent the organization in trusted intelligence‑sharing communities.
• Evaluate and select third‑party threat intelligence services and data providers.
• Ensure intelligence practices comply with legal, privacy, and regulatory requirements.
• Support investigations, eDiscovery, and legal matters with intelligence insights as required.
• Contribute to enterprise crisis management and business continuity planning.

Benefits

• Bonus Eligible
• All Colorado employees receive paid sick leave in compliance with the Colorado Healthy Families and Workplaces Act and other legally required benefits, as applicable.