Cyber Threat Intelligence Lead

At Agile Defense we know that action defines the outcome and new challenges require new solutions. That’s why we always look to the future and embrace change with an unmovable spirit and the courage to build for what comes next.

Our vision is to bring adaptive innovation to support our nation's most important missions through the seamless integration of advanced technologies, elite minds, and unparalleled agility—leveraging a foundation of speed, flexibility, and ingenuity to strengthen and protect our nation’s vital interests.

Requisition #: 1437

Job Title:

Cyber Threat Intelligence Lead

Location:

Reston, VA

Clearance Level: TS (SCI Eligible)

Agile Defense is currently seeking a highly technical, hands‑on Cyber Intelligence Lead with advanced tradecraft and skillsets in cyber threat analysis to develop and operate cyber security capabilities for a Cybersecurity Operation Center (CSOC) for a variety of federal customers. To ensure the integrity, security, and resiliency of critical operations, we are seeking candidates with diverse backgrounds in cyber security systems operations, cyber intelligence analysis and digital forensic.

Strong written and verbal communications skills are a must. The ideal candidate will have a solid understanding of cyber threats and information security in the domains of TTP’s, Threat Actors, Campaigns, and Observables. Additionally, the ideal candidate would have professional experience with cyber intelligence analysis both at unclassified and classified levels, intrusion set/nation state attribution, intrusion detection systems, intrusion analysis, security information event management platforms, endpoint threat detection tools, big data analytics, and cyber ticketing management.

Directs the collection, analysis, production, and integration of cyber threat intelligence into CSOC detection and response workflows. Maintains continual situational awareness and applicable context of threat actors, tactics, techniques, and procedures (TTPs), and active campaigns to inform the creation of detection content, cyber hunting priorities, and strategic leadership decisions. Produce actionable intelligence reports, indicators of compromise (IOCs), and early‑warning assessments to support CSOC operations.

Integrates with the detection engineering and threat hunting teams, drive development of signatures, rules, queries and detection content. The candidate will maintain comprehensive tracking of threat actors, trends, and metrics; deliver timely customized strategic, tactical or metrics based reports to customers.

Education, Background, and Years of Experience

Bachelor’s degree in computer science, engineering, cybersecurity or STEM

Seven (7) years of experience as a Tier III senior cyber security analyst performing intelligence analysis, collection management, and technical analysis.

Five (5) years of hands‑on experience with experience in the last two (2) years that includes host‑based and network‑based security monitoring using cybersecurity capabilities.

• Possess a strong cyber security background with experience in the identification of advanced cyber threat activities, intrusion detection, incident response, malware analysis, and security content development (e.g., signatures, rules, etc.); and cyber threat intelligence.
• Ability to read and write scripts at an intermediate level to support cyber threat detection such as VB scripts, Python, Powershell and HTML, XML.
• Cyber threat analysis with ability to identify, mitigate or remediation courses of action; developing actionable intelligence used to protect organizational IT assets.

GCTI, GFCA

Hybrid in Reston, VA

Physical Requirements

Happy - Be Infectious.

Helpful - Be Supportive.

Honest - Be Trustworthy.

Humble - Be Grounded.

Hungry - Be Eager.

Hustle - Be Driven.