Tyto Athene is searching for a Cyber Threat Intelligence (CTI) Lead to support a law enforcement customer in Ashburn, VA. You will drive advanced cyber threat analysis, intelligence collection, and proactive defense strategies. The CTI Lead will work closely with threat hunters, threat analysts, and an established Security Operations Center (SOC) to detect, analyze, and respond to the most advanced global cyber threats.

Responsibilities:

• Lead cyber threat intelligence operations, including collection, analysis, and dissemination of actionable intelligence.

• Perform host-based and network-based security monitoring to detect and respond to advanced threats.

• Conduct host- and network-based forensics, including intrusion detection, incident response, and malware analysis.

• Develop, refine, and support security content such as signatures, detection rules, and other defensive measures.

• Create scripts and automation tools to support threat detection using languages such as VBScript, Python, C++, HTML, XML, or other relevant formats.

• Conduct cyber threat analysis to identify mitigation or remediation strategies and develop actionable intelligence to protect organizational IT assets.

• Trend and report cyber threat metrics to provide leadership with situational awareness.

• Maintain a comprehensive understanding of the global cyber threat landscape, including threat actors, tactics, techniques, and procedures (TTPs).

• Collaborate closely with SOC personnel, threat hunters, and analysts to strengthen overall cybersecurity posture.

Required:

• Minimum 7 years’ experience as a Tier III senior cybersecurity analyst performing intelligence analysis, collection management, and technical analysis.
• Minimum 5 years’ hands-on experience, including at least the last 2 years, with host-based and network-based security monitoring.
• Strong background in cybersecurity, with experience in:
• Host- and network-based forensics
• Intrusion detection and incident response
• Malware analysis
• Security content development (signatures, rules, etc.)
• Cyber threat intelligence operations
• Experience developing scripts and automation to support threat detection in multiple formats.
• Experience conducting cyber threat analysis, identifying remediation strategies, and producing actionable intelligence.
• Ability to monitor and analyze cyber threat actors and emerging attack techniques to enhance the organization’s IT security posture.

Desired:

• CISSP - Certified Information Systems Security Professional
• GCFA - GIAC Certified Forensic Analyst
• GCFE - GIAC Certified Forensic Examiner
• GREM - GIAC Reverse Engineering Malware
• GNFA - GIAC Network Forensic Analyst

Location:

• Ashburn, VA

Clearance:

• TS/SCI Clearance required

Compensation:

• Compensation is unique to each candidate and relative to the skills and experience they bring to the position. This does not guarantee a specific salary as compensation is based upon multiple factors such as education, experience, certifications, and other requirements, and may fall outside of the above-stated range.

Benefits:

• Highlights of our benefits include Health/Dental/Vision, 401(k) match, Paid Time Off, STD/LTD/Life Insurance, Referral Bonuses, professional development reimbursement, and parental leave.