Lead Cyber Threat Intelligence Analyst

ECS is seeking a Lead Cyber Threat Intelligence Analyst to work in our Fairfax, VA office.  Please Note: This position is contingent upon contract award.

ECS is seeking talented professionals to join our successful and growing team in building the next-generation Threat Intelligence Enterprise Service (TIES) solution. The TIES Program is the Cybersecurity and Infrastructure Security Agency’s (CISA) dynamic approach to fulfilling its federally mandated cyber information sharing responsibilities and ensuring real-time automated threat intelligence reaches key security partners. The TIES product is an integrated suite of multiple Commercial Off the Shelf (COTS) products, software configuration packages, and custom code which work together to operate as an integrated solution tailored to meet CISA requirements.  

We seek driven professionals who excel in a dynamic, fast-paced, and highly collaborative environment, where critical thinking, problem-solving, and a mission-focused approach are essential. A passion for continuous learning, improvement, and cybersecurity is vital. 

As a small team committed to radically improving government, every member directly shapes ECS’s direction and success. We take pride in our stewardship, holding deep responsibility for the solutions we develop. Collaboration is at the heart of our work—both within our team and alongside our federal partners. 

ECS is seeking a Lead Cyber Threat Intelligence (CTI) Analyst to support our cybersecurity client in identifying, analyzing, and mitigating cyber threats targeting critical infrastructure and national security. As a key member of the team, you will leverage advanced intelligence techniques, collaborate with federal agencies, and develop proactive strategies to enhance cyber threat detection and response activities. If you're eager for a role that demands both strategic oversight and hands-on CTI analysis, offers collaboration with top-tier professionals, and contributes directly to the cybersecurity and threat intelligence resilience of our customers, this position is tailor-made for you.  

As a Lead CTI Analyst, you will be a leader in steering our CTI operations, crafting and leading a comprehensive strategy to identify, analyze, and mitigate cyber threats. Your expertise will guide the development of actionable cyber threat intelligence, empowering our customers to preempt and respond to cyber incidents effectively. You'll play a critical role in enhancing our cyber threat intelligence capabilities, leveraging advanced technologies, and methodologies to stay ahead of cyber threat adversaries. This role is perfect for a visionary leader with a deep understanding of cyber threat landscapes, a passion for cyber threat innovation and maturation, and a commitment to excellence in cybersecurity defense strategies. The ideal candidate will be able to align to the following duties: 

• Lead the development and implementation of advanced cyber threat intelligence strategies to identify and counteract evolving cyber threats.  

• Analyze and interpret cyber intelligence data to provide actionable insights and recommendations, ensuring our customers can effectively mitigate risks.  

• Manage and optimize our cyber threat intelligence platform associated technologies & processes to ensure timely and efficient collection, analysis, and dissemination of threat data.  

• Produce comprehensive finished cyber threat intelligence reports and advisories, detailing cyber threat analysis, forecasts, and actionable recommendations for customers.  

• Conduct dark web monitoring and analysis to uncover emerging threats, vulnerabilities, and criminal activities potentially impacting our customers.  

• Provide cyber threat intelligence briefings and consultations for customers, offering expert insights into the cyber threat landscapes, potential impacts, and mitigation strategies.  

• Collaborate with cross-functional teams to enhance our overall cybersecurity program, incorporating cutting-edge technologies and best practices in cyber threat intelligence.  

• Mentor and guide a team of cyber threat intelligence analysts, fostering a culture of continuous learning and improvement.  

• Engage with customers to communicate cyber threat findings and strategies, ensuring a cohesive and proactive approach to cybersecurity defense.  
• Continuously assess the value of open-source and commercial threat intelligence feeds to develop and maintain a portfolio that optimizes coverage and value while minimizing duplication, noise, and cost.  

• US Citizenship and an ability to successfully maintain a CISA Entry on Duty (EOD)/Suitability up to a TS/SCI. 
• 10+ years in a cybersecurity operations role (e.g., SOC analyst, incident responder, threat hunter, etc.) 

• 5+ years of experience in a cyber threat intelligence role, preferably providing CTI services for a large federal agency. 

• Deep understanding of network security, endpoint security, and cloud security principles.  

• Strong knowledge of cyber threat groups, including their capabilities and motivations.   

• Practical experience using the MITRE ATT&CK Framework to operationalize CTI.  

• Proficiency in using and managing Threat Intelligence Platforms (TIP)s for gathering, analyzing, contextualizing, and disseminating cyber threat intelligence.  

• Ability to analyze and interpret data to identify potential cyber threats, vulnerabilities, and indicators of compromise (IOCs).  

• Must possess exceptional verbal and written communication skills. Proficiency in producing clear, detailed cyber threat intelligence reports for technical and non-technical audiences. Ability to deliver compelling presentations and briefings to stakeholders, including non-technical audiences.  

• Strong collaborative skills to work effectively with cross-functional teams and stakeholders.  

• Experience with cyber threat intelligence capabilities/tools and products, such as Threat Intelligence Platforms, Cyware and STIX/TAXII.