Threat Analyst; I&W Splunk Security Clearance

Position: Threat Analyst (I&W) with Splunk with Security Clearance
Threat Analyst (Indications & Warnings) – Splunk Federal Strategic Cyber Programs | Bureau of Diplomatic Security Support

Location:

Northern Virginia
Work Model:
On-site (5 days per week)
Travel Requirement:
Up to two weeks at a time, both domestic and international (approximately 10% overall travel) Program Overview This mission supports the Bureau of Diplomatic Security, Cyber and Technology Security Directorate, delivering integrated cyber operations across three critical functional areas:
Cyber Monitoring and Operations Cyber Threat and Investigations Technology Innovation and Engineering The program provides technical, engineering, data analytics, cybersecurity, operational, and intelligence support to protect U.S. diplomatic systems, personnel, and global infrastructure.

Position Overview ICS is seeking an experienced Threat Analyst (Indications & Warnings) with Splunk expertise to support high-impact Federal Strategic Cyber Programs. This role sits at the intersection of cyber intelligence, operations, and analytics, serving as a core member of the Indications and Warnings (I&W) team. You will track advanced threat actors, correlate intelligence with operational telemetry, and provide actionable insights that protect Department of State (DOS) systems, information, and personnel worldwide.

This is a mission-critical intelligence role for professionals who thrive in classified environments and operate effectively across cyber operations, intelligence fusion, and strategic threat analysis.

Key Responsibilities Serve as a core member of the Indications & Warnings (I&W) team, supporting enterprise-level cyber threat monitoring and intelligence operations. Leverage open-source, proprietary, vendor, and classified intelligence to track advanced persistent threat (APT) activity. Perform pattern, trend, and behavioral analysis to identify malicious cyber activity targeting Department of State (DOS) systems, personnel, and infrastructure. Maintain intelligence records and threat catalogs tracking malicious cyber activity across enterprise environments.

Identify Indicators of Compromise (IOCs) using Splunk SIEM and enterprise security telemetry. Act as a key liaison with members of the U.S. Intelligence Community (IC). Operate as the fusion analysis cell within the Cyber Threat Analysis Division (CTAD). Correlate external threat intelligence with internal security events to identify patterns, vulnerabilities, and adversary campaigns. Monitor geopolitical developments and emerging technologies to assess evolving cyber risk.

Provide intelligence briefings and presentations to technical, operational, and executive audiences. Support attribution analysis, adversary profiling, and intelligence operations during active cyber incidents. Contribute to post-incident reviews, lessons learned, and continuous improvement of threat detection capabilities.

Required Qualifications
Education & Experience Bachelor’s degree with 9+ years of relevant experience, or 4 additional years of experience may be substituted in lieu of degree requirement. Certifications Must possess or obtain prior to start date one of the following: CCNA-Security CND CySA+ GICSP GSEC Security+ CE SSCP Technical & Intelligence Expertise Hands-on experience with Splunk SIEM. Experience leveraging MITRE ATT&CK or other threat models:
Lockheed Martin Cyber Kill Chain Diamond Model Knowledge of APT tracking and threat actor lifecycle analysis. Experience pivoting from IOCs to infrastructure discovery and campaign attribution. Familiarity with modern threat detection platforms. Knowledge of cloud security and threats targeting cloud environments. Strong understanding of network protocols and systems. Experience developing predictive threat models and recommending preemptive defensive measures. Experience supporting active cyber incidents, including:
Attribution analysis Adversary profiling Intelligence support operations Experience supporting post-incident analysis and capability improvement efforts. Communication & Collaboration Exceptional written and verbal communication skills, with the ability to:
Translate technical intelligence into…