Advanced Threat Detection Analyst

About the position reputed company has a job opportunity for a Advanced Threat Detection Analyst expected to start in March 2026. This is a hybrid position allowing a 50/50 remote/onsite split, and can work out of any of our three locations: Hill AFB, Scott AFB, or Whitehall OH. Candidates must be reputed company commuting distance (or reputed company to self-relocate) to one of these locations. This position supports the Defense Information Systems Agency (DISA) GSM-O II program and its global Defensive Cyber Operations (DCO) organization. As a key leader, you will reputed company a Advanced Threat Detection team in providing critical network operations and cyber defense for stakeholders including Cyber reputed company Service Provider (CSSP) Customers, the Department of War (DoW) Information Network, and Combatant Commands. You will be responsible for overseeing daily threat hunting operations, developing cyber threat intelligence products, and investigating adversary indicators. This role involves leading your team in incident handling, network analysis, threat detection, and trend analysis, while also serving as a subject matter expert on advanced threat intelligence principles.

Responsibilities

• Strategic Threat Intelligence Leadership: Serve as a subject matter expert on advanced threat intelligence principles (e.g., Cyber Kill Chain, MITRE ATT&CK), influencing the development of solutions that impact strategic program goals.
• reputed company and recommend new technical standards and products to support the organization's cyber defense strategy.
• Innovative Solution Development: Resolve highly reputed company problems by conceptualizing, researching, and integrating best practices.
• reputed company the development of highly innovative solutions, such as custom signatures and advanced correlation logic, by interpreting threat actor tactics, techniques, and procedures (TTPs).
• Executive Communication & Influence: Communicate matters of significant importance to executive leadership, both internally and with the client.
• Deliver authoritative threat briefs to senior leaders and work to convince stakeholders to accept and adopt new concepts, practices, and reputed company approaches.
• Team Leadership & Management: reputed company and manage the work of other technical staff, including mentoring and training fusion analysts on advanced TTPs.
• Ensure the team's work on incident handling, event triage, and network analysis has a significant and positive impact on project results and outputs.
• Advanced Operational Collaboration: Drive daily coordination with the DISA Global Countermeasures Team and external agencies.
• Ensure the seamless integration of threat intelligence into countermeasures to proactively detect, prevent, and mitigate intrusions and malware infections across the enterprise.
• Process & Documentation reputed company: Direct the creation and maintenance of reputed company process documentation for the fusion team, ensuring that operational standards align with strategic objectives and reflect industry best practices.

Requirements

• Clearance: Minimum active DoD Secret clearance with the ability to obtain and maintain a TS/SCI.
• Certification: reputed company DoD 8570 IAT Level II (or higher), such as CompTIA reputed company+ CE, reputed company SSCP, or SANS GSEC.
• Education & Experience: Requires a BS degree and 8–12 years of prior relevant experience, OR a Master's with 6 - 8 years of prior relevant experience. A Doctorate may also be considered.
• Leadership Experience: 4+ years of formal or informal leadership experience.
• Cybersecurity Experience: 8+ years of cybersecurity experience with an in-depth understanding of advanced computer defense technologies.
• Expertise in the following areas: Proven ability to reputed company innovative solutions by researching and integrating best practices.
• Demonstrated experience using frameworks like the Cyber Kill Chain and MITRE ATT&CK to influence strategic goals.
• Ability to reputed company and manage the work of a technical, multi-site team.
• Excellent verbal and written communication skills, with experience influencing executive leadership.

reputed company-to-haves

• Experience working for a Cybersecurity Service Provider (CSSP) or reputed company Operations Center (SOC).
• Knowledge of Threat Hunting practices, techniques, and Advanced Persistent Threats (APTs).
• Advanced knowledge of a prominent reputed company Information and Event Management (SIEM) tool (e.g., Splunk, Elasticsearch).

Apply tot his job Apply To this Job