Job Description

Public Trust: None

Requisition Type: Regular

Your Impact

Own your opportunity to work with the largest government agency in the nation. Make an impact by advancing the Department of Defense’s mission to keep our country safe and secure.

Job Description

We are seeking a seasoned Cyber Threat Intelligence Analyst to lead efforts in fusing multiple intelligence disciplines, performing complex network and threat analyses, and utilizing advanced cybersecurity tools and methodologies. This role requires expertise in cyber intelligence, digital forensics, advanced OSINT methodologies, and targeting strategies to address sophisticated threats and support organizational priorities. The ideal candidate will demonstrate strong analytical and communication skills, proficiency in cyber environments and open-source research, and a deep understanding of cyber defense, vulnerability assessment tools, and modern intelligence frameworks. This position is critical to developing actionable insights and advancing mission-critical cybersecurity objectives in a dynamic and fast-evolving environment.

Qualifications and Requirements:

• Security Clearance Level: Active in-scope TS/SCI Clearance

• Education: Requires bachelor’s degree, relevant experience may be considered in lieu

• Experience: Minimum 8+ years in open-source research and analysis, threat intelligence, intrusion analysis, incident response, or malware analysis. Prior OSINT analytic support for DoD is preferred.

• Skills and abilities: Strong written, oral, and interpersonal communication skills. Strong analytical and problem-solving skills. Must have ability to work independently with little or no supervision.

Key Responsibilities:

• Cyber Threat Analysis & Intelligence Gathering

  • Employ OSINT/PAI analysis and collection TTPs to conduct comprehensive Cyber threat analysis that can be fused with sensitive information collected via HUMINT, SIGINT, OSINT, and GEOINT intelligence collection platforms to support customer requirements.

  • Identify, track, and assess cyber threats, including APTs (Advanced Persistent Threats), nation-state actors, and criminal organizations.

  • Research and analyze national security, technology, infrastructure, geographic areas, biographic data, and vulnerabilities.

  • Employ cybersecurity and open-source research tools to create targeted plans supporting organizational priorities.

  • Analyze event data for situational awareness and evaluate attack effectiveness.

  • Providing risk assessments and recommendations based on analysis of technologies, threats, intelligence, and vulnerabilities. 

  • Apply counter-ubiquitous technical surveillance methodologies to enhance intelligence analysis.

• Target Analysis

  • Conduct detailed research and assessment of cyber adversaries, their infrastructure, capabilities, and intent.

  • Perform digital network exploitation (DNE) and cyber target development to support DoD customer missions.

  • Correlate cyber threat data with geospatial and signals intelligence to support operational targeting.

• Reporting & Briefing

  • Prepare intelligence reports, briefings, and technical assessments for senior leadership and operational units.

  • Produce OSINT products for targeting, assessments, supply chain analysis, vendor due diligence, and network evaluations.

  • Present findings to government agencies, military personnel, and intelligence stakeholders.

  • Maintain situational awareness by continuously monitoring cyber threat developments.

  • Prepare threat assessments and trend analyses based on unclassified data.

• Other Responsibilities

  • Develop and refine analytical procedures to meet dynamic requirements.

  • Conduct surface, deep, and dark web research using advanced techniques and methodologies.

  • Advise on cybersecurity policies, solutions, and requirements in alignment with organizational goals.

Technical Skills and Qualifications:

• Strong knowledge of cyber threat intelligence frameworks (MITRE ATT&CK, Cyber Kill Chain, Diamond Model).

• Proficiency in malware analysis, digital forensics, and network traffic analysis.

• Experience with threat intelligence platforms (ThreatConnect, MISP, Anomali, etc.).

• Familiarity with penetration testing tools (Kali Linux, Metasploit, Wireshark, etc.).

• Knowledge of scripting languages such as Python, PowerShell, or Bash for automation.

• Hands-on experience with SIEM tools (Splunk, Elastic Stack, ArcSight).

• Understanding of nation-state cyber tactics, techniques, and procedures (TTPs).

Preferred Skills and Qualifications:

• Advanced knowledge of all-source intelligence and OSINT tools, databases, and methodologies.

• Strong understanding of network protocols (e.g., UNIX/Linux, TCP/IP).

• Expertise in surface, deep, and dark web research and OSINT tradecraft.

• Familiarity with social media analytics and commercial marketing best practices.

• Proficiency in the intelligence life cycle, network threats, attack methodologies, and exploitation techniques.

• Familiarity in coding languages such as Python, R, or Java.

• Familiarity with cloud platforms such as AWS or Azure.

Soft Skills and Additional Requirements:

• Superior written and verbal communication skills, including proficiency with Microsoft Office.

• Strong analytical and critical thinking skills for threat correlation and risk assessment.

• Excellent written and verbal communication skills for reporting and briefing stakeholders.

• Ability to work in a classified environment and handle sensitive intelligence data.

• Strong teamwork and collaboration skills within multi-agency environments.

Preferred (not required) Certifications and Training:

• GIAC Cyber Threat Intelligence (GCTI) certification or equivalent.  

• GIAC Open-Source Intelligence (GOSI) certification or equivalent.  

• Certified Ethical Hacker (CEH) or higher.

• Certified Ethical Social Engineer (CESE), or Certified Social Engineering Prevention Specialist (CSEPS), or Certified Social Engineer, or equivalent.

• Practical Open-Source Intelligence (OSINT) Training or equivalent.

• Advanced Open-Source Intelligence (OSINT) Gathering and Analysis Training or equivalent.

• GIAC Certified Forensic Analyst (GCFA) or equivalent.

GDIT is your place:
● 401K with company match
● Comprehensive health and wellness packages
● Internal mobility team dedicated to helping you own your career
● Professional growth opportunities including paid education and certifications
● Cutting-edge technology you can learn from
● Rest and recharge with paid vacation and holidays

#armajobs

Work Requirements

Years of Experience

8 + years of related experience

* may vary based on technical training, certification(s), or degree

Certification

GIAC Cyber Threat Intelligence (GCTI) - Global Information Assurance Certification - GIAC

Open-Source Intelligence (OSINT) Gathering and Analysis - SANS

Travel Required

Less than 10%

Citizenship

U.S. Citizenship Required

Job Tags

Similar Jobs