Advanced Threat Analyst

About The Position

Requirements

• Minimum of 12 years with BS/BA; Minimum of 10 years with MS/MA; Minimum of 7 years with Ph.D.
• Clearance: TS/SCI (active)
• Candidate must meet ONE: Master’s degree or Ph.D. in Strategic Intelligence, Cybersecurity Risk Management, Computer Science, or related field; OR Relevant DoD/Military advanced threat/CTI training (examples: DIA Advanced Cyber Threat Analysis; NCS Advanced Cyber Intelligence; SANS FOR578); OR Relevant professional certifications or equivalent experience (examples: CISSP, CASP+, GIAC GCIA, GIAC GREM, CREST CCTIM).
• Minimum Progressive cyber threat/vulnerability analysis, with at least 5 years performing advanced threat hunting, vulnerability correlation, and risk prioritization in enterprise or DoD environments.
• Deep experience with ACAS, Forescout (or NAC), SIEM/SOAR, EDR/endpoint telemetry, vulnerability management platforms, CVSS scoring, STIG/IAVM interpretation, and eMASS/RMF artifact workflows.
• Proficiency with scripting (Python), data analytics, and big‑data/ELK/Splunk or equivalent platforms; strong report writing and briefing skills.

Nice To Haves

• Prior DoD/CCRI/ARNG/NETCOM/ARCYBER analytic experience
• Experience conducting exploitability validation, malware reverse‑engineering, or RED/Purple team engagements
• Familiarity with threat intelligence platforms (TIP), CTI ingestion, and analytic normalization

Responsibilities

• Aggregate and analyze telemetry and vulnerability data (ACAS, Forescout, SIEM, EDR/EDR‑like tools) to validate exposure, assess exploitability, and prioritize risk using CVSS, mission impact, and MITRE ATT&CK mappings.
• Correlate vulnerability findings with asset criticality, configuration baselines, patch records, and STIG/IAVM compliance to identify systemic weaknesses and trends.
• Perform advanced threat hunting, TTP mapping, and adversary behavior analysis; develop detection hypotheses and analytic signatures for operationalization.
• Lead remediation validation and verification efforts; coordinate mitigations with system owners, SOC, CIRT, and engineering teams; update POA&Ms and RMF/eMASS artifacts.
• Produce executive‑grade risk briefings, trend analyses, and operational reports translating technical risk into prioritized COAs for leadership.
• Maintain evidentiary integrity for findings, ensure auditability in eMASS/enterprise governance tools, and support CCRI/inspection readiness.
• Monitor and report emerging threat patterns and readiness gaps; recommend capability or process improvements.
• Mentor junior analysts and contribute to analytic method standardization, playbooks, and QA of analytic products.