CTI Lead (Cybersecurity)

TL;DR

CTI Lead (Cybersecurity): Leading Cyber Threat Intelligence operations for the Administrative Office of the US Courts with an accent on technical analysis of cyber threats, malware, and adversary TTPs. Focus on operationalizing intelligence from OSINT and commercial feeds, coordinating with incident response teams, and delivering executive-level threat assessments.

Location: Hybrid (Washington, DC). Active Public Trust clearance is required.

Company

A government contracting firm providing specialized software and cybersecurity support to federal agencies.

What you will do

• Lead 24x7x365 CTI operations for the AOUSC Security Operations Division (SOD).
• Analyze cyber threat actors, campaigns, and adversary TTPs using OSINT, federal reports, and vendor platforms.
• Develop intelligence-driven assessments and tactical threat reports for executive leadership.
• Coordinate actionable intelligence delivery for Incident Response, Threat Hunting, and Detection Engineering teams.
• Operationalize telemetry and threat data using Splunk, Microsoft Sentinel, and CrowdStrike.
• Provide technical guidance and mentorship to CTI analysts and cybersecurity personnel.

Requirements

• Active Public Trust clearance.
• B.S. in Computer Science, Information Technology, or a related field.
• 5+ years of experience in technical cyber threat analysis, OSINT, and malware analysis.
• 5+ years of experience producing executive-level briefings and intelligence reports.
• Expertise with CTI platforms, SIEM systems, and tools like Recorded Future or Cisco Threat Grid.
• Active GCTI or Mandiant Cyber Threat Intelligence certification.