Job Requirements
Maclean, VA
Top Secret/SCI Full Scope Polygraph
Mid Level Career (5+ yrs experience)
$120,000 - $200,000
Job Description
CYBER THREAT INTELLIGENCE ANALYST
Tysons, VA | Onsite | Active TS/SCI with Full-Scope Polygraph required
OVERVIEW
We are hiring a Cyber Threat Intelligence Analyst to support a national security mission out of Tysons, VA. This is a hands-on analytic role for someone who can track adversaries end to end: collect and analyze intelligence, build deception to draw activity out, and run the forensics when something hits. You will work alongside hunt, engineering, and operations teams in a cleared environment, turning raw signal into finished intelligence that drives decisions.
WHAT YOU WILL DO
Produce finished threat intelligence on adversary tactics, techniques, infrastructure, and campaigns
Design and deploy deception engineering (honeypots, decoys, canaries, and instrumented environments) to detect, study, and attribute adversary activity
Lead and support DFIR efforts: investigate incidents, perform host and network forensics, scope, contain, and document
Run OSINT collection and analysis to support attribution, targeting, and early warning
Map observed activity to MITRE ATT&CK and the cyber kill chain
Brief findings clearly to both technical teams and leadership
Collaborate across SOC, threat hunting, and engineering to close the loop from detection to response
WHAT YOU BRING
Active TS/SCI with full-scope polygraph, required from day one, non-negotiable
Experience in cyber threat intelligence, threat hunting, or incident response within a cleared environment
Hands-on experience with deception techniques and technologies
Strong OSINT tradecraft
Working knowledge of MITRE ATT&CK, malware behavior, and host and network forensics
Sharp analytic writing and the ability to brief with confidence
NICE TO HAVE
Deception engineering at scale
Malware analysis or reverse engineering
Scripting for automation, Python preferred
Relevant certifications such as GCTI, GCFA, GREM, or GCIH
Prior IC or DoD mission support
LOCATION AND CLEARANCE
Onsite in Tysons, VA, with occasional travel to Reston or Chantilly
Active TS/SCI with full-scope polygraph required at start
Candidates must be cleared and deployable on day one; clearance-in-process timelines are out of scope
Tysons, VA | Onsite | Active TS/SCI with Full-Scope Polygraph required
OVERVIEW
We are hiring a Cyber Threat Intelligence Analyst to support a national security mission out of Tysons, VA. This is a hands-on analytic role for someone who can track adversaries end to end: collect and analyze intelligence, build deception to draw activity out, and run the forensics when something hits. You will work alongside hunt, engineering, and operations teams in a cleared environment, turning raw signal into finished intelligence that drives decisions.
WHAT YOU WILL DO
Produce finished threat intelligence on adversary tactics, techniques, infrastructure, and campaigns
Design and deploy deception engineering (honeypots, decoys, canaries, and instrumented environments) to detect, study, and attribute adversary activity
Lead and support DFIR efforts: investigate incidents, perform host and network forensics, scope, contain, and document
Run OSINT collection and analysis to support attribution, targeting, and early warning
Map observed activity to MITRE ATT&CK and the cyber kill chain
Brief findings clearly to both technical teams and leadership
Collaborate across SOC, threat hunting, and engineering to close the loop from detection to response
WHAT YOU BRING
Active TS/SCI with full-scope polygraph, required from day one, non-negotiable
Experience in cyber threat intelligence, threat hunting, or incident response within a cleared environment
Hands-on experience with deception techniques and technologies
Strong OSINT tradecraft
Working knowledge of MITRE ATT&CK, malware behavior, and host and network forensics
Sharp analytic writing and the ability to brief with confidence
NICE TO HAVE
Deception engineering at scale
Malware analysis or reverse engineering
Scripting for automation, Python preferred
Relevant certifications such as GCTI, GCFA, GREM, or GCIH
Prior IC or DoD mission support
LOCATION AND CLEARANCE
Onsite in Tysons, VA, with occasional travel to Reston or Chantilly
Active TS/SCI with full-scope polygraph required at start
Candidates must be cleared and deployable on day one; clearance-in-process timelines are out of scope
group id: 91173751