Threat Monitoring Intelligence Analyst Lvl I

Knowledge Management, Inc. (KMI) has the leadership and experience to deliver innovative technology, logistics and management solutions to meet real mission requirements. KMI is a Minority Business Enterprise (MBE) and Small Disadvantage Business (SDB) that specializes in Logistics, Warehouse Services, Distance Learning/Training, Enterprise Solutions, Financial Management Support, Program Management, Intelligence Analysis & Threat Assessment, and Data Analytics/Operations Research. Since 1998, our solutions and services have helped our clients improve performance, drive cost and operational effectives, and map technology needs for tomorrow's requirements.

Title: Threat Monitoring Intelligence Analyst Lvl 1

Assignment Location: Stafford, VA (onsite with potential to go hybrid)

Positions open: Multiple

Start date: End of September/Early October

24/7 shift schedule: 1st, 2nd, mid and 3rd (rotating schedule)

Estimated Contract Duration: 2-year contract w/possible extensions

Required clearance: DHS Public Trust clearance or be clearable for one

Salary: Please provide your salary requirement

Our customer's mission is to promote homeland security and public safety through the criminal and civil enforcement of approximately 400 federal laws governing border control, customs, trade and immigration

Must possess at least 3-5 years with Intelligence experience in threat monitoring, open-source intelligence collection, analysis and reporting.

Threat Monitoring Requirements

• Implement a secure, proactive threat monitoring system with automated alert capabilities.


• Continuously monitor and analyze behavioral trends and social media sentiment (positive, neutral, negative) over defined timeframes (daily, weekly, monthly).


• Ensure immediate recovery of all threat-related data in the event of system outages or data loss.


• Support on-demand (ADHOC) search and reporting capabilities as requested by the requesting authority.


• Provide real-time strategic monitoring of previously identified adverse findings.


• Retain search criteria for adverse results, ADHOC queries, and future investigations.


• Maintain anonymity of the requesting organization in all search and alerting activities.


• Conduct threat actor analysis, including: Historical social media activity indicating further threats. 2. Indicators of violent tendencies. 3. Evidence of intent to act (e.g., weapon imagery, violent rhetoric, group affiliations).


• Monitor all social media platforms in real time, including foreign, deep web, and dark web sources.


• Correlate user identities across multiple social media accounts.


• Generate psychological profiles of threat actors.


• Geo-locate individuals with precision beyond standard geo-tagging.


• Identify individuals or groups with a history of threats or language indicating potential violence toward personnel, facilities, or operations.


• Detect and retrieve deleted messages and content from deactivated accounts.


• Identify threats by geographic location.


• Proactively search for content suggesting potential disruptions to operations.


• Track websites visited by users prior to making threats.


• Utilize AI-powered analytics, including NLP, machine learning, and multilingual processing, to automate monitoring across open, deep, and dark web environments.


• Perform OSINT-based sentiment and emotion analysis, topic modeling, post frequency tracking, reverse image searches, and link analysis to map threat networks and assess risk.


• Apply facial recognition and geospatial tracking to identify threat actors, with tools to timestamp and archive online content.


• Use digital forensics to recover deleted content and extract actionable insights.


• Employ AI-driven OSINT tools to interpret threats in various formats (text, images, video, network data).


• Deliver anticipatory threat intelligence using AI-enabled detection systems.


• Maintain continuous situational awareness of threats targeting facilities, personnel, and operations, including insider threats.


• Provide real-time intelligence on threats to leadership and staff by monitoring public sentiment, vulnerabilities, and atmospherics.


• Use optical character recognition (OCR) and AI to detect and analyze images or videos containing threat-related content or depictions of leadership.


• Monitor and report on unauthorized disclosures of sensitive, FOUO, PII, or classified information.

Reporting Requirements

• Deliver comprehensive daily, weekly, monthly, and annual reports, including ADHOC reports, in PDF or Microsoft Office formats-even when no threats are identified.


• Provide flexible ADHOC reporting with adjustable date ranges and threat categorization (e.g., by target, type, or location).


• Immediately notify the appropriate authority electronically of imminent threats. For protected leadership, also send automated text alerts to assigned protection personnel.


• Include narrative summaries and analytical assessments of all identified threats in each report.


• Present statistical data in both narrative and visual formats (e.g., bar and pie charts).


• Statistical reporting should include: Total negative references found. 2. Number of threats against senior leadership. 3. Number of threats against employees. 4. Number of threats against facilities/operations. 5. Trend analysis over time. 6. Threats categorized by type.


• Daily reports must include: - Running totals of social media posts reviewed. - Daily and cumulative post counts by platform (e.g., Reddit, YouTube, Facebook, X).


• Identify personnel and facilities repeatedly targeted in threats.


• Include the following for each identified threat: Screenshots of threatening content. 2. Real and social media identities of the threat originator. 3. Date, time, and platform of the threat. 4. Targeted personnel or facilities.


• Provide link analysis to identify associations between threat actors (with narrative and visual representations).


• Translate and include foreign-language threats alongside the original content.

Minimum Qualifications:

Must meet the following qualifications, to be vetted by the contract agency prior to referral.

• Previous experience with Protective intelligence or Criminal intelligence analysis experience


• Previously cleared candidates through DHS or ICE is preferred but not required


• Possess United States citizenship (either by birth or naturalization).


• Possess a valid high school diploma or General Educational Development (GED), or equivalency.


• Be able to read, write and speak the English language fluently.


• Be at least 21 years of age.


• Pass a security investigation.


• Successfully complete all on-boarding training.

Benefits: All full-time employees are eligible to participate in our benefits programs:

• Health, dental, and vision insurance


• 401(k) retirement plan


• Paid time off (PTO) and holidays


• Group Term Life and Accidental Death and Dismemberment Insurance


• Voluntary Term Life Insurance


• Short and Long-term disability insurance

Equal Employment Opportunity Statement. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

E-Verify Statement. Knowledge Management, Inc. participates in E-Verify and will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the U.S. If E-Verify cannot confirm that you are authorized to work, KMI is required to give you written instructions and an opportunity to contact Department of Homeland Security (DHS) or Social Security Administration (SSA) so you can begin to resolve the issue before the employer can take any action against you, including terminating your employment. Employers can only use E-Verify once you have accepted a job offer and completed the Form I-9.

Pay Transparency Non-Discrimination Provision. Knowledge Management, Inc. will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)

Disability Statement. If you have a disability and need reasonable accommodation or assistance at any point in the application or onboarding process, please email us at marie@knowledgemanagement.com.