Senior Cyber Threat Intelligence (CTI) Analyst

US Securities & Exchange Commission
Denver, United States of America
25 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Shift work
Languages
English
Experience level
Senior
Compensation
$ 267K

Job location

Denver, United States of America

Tech stack

Artificial Intelligence
Artificial Neural Networks
Computer Vision
Computer Security
Information Systems
Computer Telephony Integration
Natural Language Processing
Open Source Intelligence
Performance Tuning
Security Information and Event Management
Software Vulnerability Management
Mitre Att&ck
Deep Learning
Cyber Threat Analysis
Information Technology
Cybercrime
Cyber Warfare

Job description

The Office of Information Technology is seeking a IT Specialist (INFOSEC) (Senior Cyber Threat Intelligence (CTI) Analyst). In this role, you will lead intelligence-driven detection, hunting, and response initiatives, and serve as a subject matter expert for both internal stakeholders and the broader cyber defense community., In this role, you will be responsible for proactively identifying, analyzing, and communicating cyber threats relevant to the organization by leveraging advanced threat intelligence methodologies, frameworks (such as MITRE ATT&CK), and collaborative partnerships to inform and enhance the organization's cyber defense posture. This role plays a critical role in enabling the Security Operations Center (SOC) to move from reactive incident response to proactive, intelligence-driven defense. By illuminating adversaries, informing detection and response, and fostering a culture of collaboration and knowledge sharing, this role directly contributes to the resilience and security of the SEC.

In this role as a Senior Cyber Threat Intelligence (CTI) Analyst, you will be responsible for:

  • Producing high-quality written and verbal intelligence products, including threat assessments, briefings, and technical reports for diverse audiences.
  • Working closely with SOC analysts, incident responders, detection engineers, and vulnerability management teams to contextualize threats and drive intelligence-led defense.
  • Analyzing adversary tactics, techniques, and procedures (TTPs), campaigns, and threat actor profiles to produce actionable intelligence for SOC operations and executive stakeholders.
  • Leading or participating in threat hunting activities, leveraging CTI to generate hypotheses and identify previously undetected malicious activity.
  • Translating intelligence findings into technical detection requirements, such as SIEM rules, EDR analytics, and custom signatures.
  • Developing and maintaining threat models and using frameworks such as MITRE ATT&CK to map adversary behaviors and inform detection and response strategies.
  • Driving continuous improvement of CTI processes, including intelligence requirements, collection management, and feedback loops.
  • Collecting, processing, and fusing cyber threat intelligence (CTI) from internal and external sources, including open-source intelligence (OSINT), commercial feeds, government advisories, and information sharing groups.
  • Tuning and optimizing detection and response capabilities based on evolving threat intelligence and lessons learned from incidents.
  • Contributing to the development and maintenance of threat intelligence platforms (TIPs) and automation workflows., * CITZENSHIP: You must be a US Citizen.
  • SELECTIVE SERVICE: Males born after 12/31/59 must be registered or exempt from Selective Service (see https://www.sss.gov/).
  • SECURITY CLEARANCE: Entrance on duty is contingent upon completion of a pre-employment security investigation. Favorable results on a Background Investigation may be a condition of employment or selection to another position.
  • PERMANENT CHANGE OF STATION (PCS): Moving/Relocation expenses are not authorized.
  • DIRECT DEPOSIT: All Federal employees are required to have Federal salary payments made by direct deposit to a financial institution of their choosing.
  • PROBATIONARY PERIOD: This appointment may require completion of a one-year probationary period.
  • The selectee is required to report to the duty station(s) listed.
  • The duties of this position may require the incumbent to carry a cell phone and be on call 24 hours a day, seven days a week on a rotational basis, based on the needs of the organization.
  • The candidate must be able to obtain/maintain a Top Secret security clearance., report events that occur or might occur within the network to protect information, information systems, and networks from threats.
  • Critical Thinking: Considers a variety of factors, general and subject matter-specific, when making decisions and determining next steps.
  • Technical Communication: Translates technical information into non-technical terms and accurately convey technical information to end users (e.g., staff, management) and outside parties, including the technical documentation of applications, systems, Standard Operating Procedures, etc.
  • Artificial Intelligence and Machine Learning: Uses principles, methods, and tools to design or implement systems that perform and apply human-like intelligence functions such as those that use neural networks, deep learning, natural language processing, and image recognition., * Describe the situation (i.e., the challenged faced, the problem solved)
  • Describe the specific actions you took
  • State the outcome, results, or long-term impact of your accomplishment
  • Name and email address of someone who can verify this information

Reference checks may be conducted as part of the final selection process, and you will be notified before any contacts are made.

Basis for Rating: The rating panel will evaluate applicants' accomplishment records and resume, and then place them into one of the following categories:

  • Pass - Meets the minimum qualification requirements and has at least a moderate amount of skills and experience in most of the job related competencies.
  • Fail - Meets the minimum qualification requirements, but has only limited experience in several of the job related competencies.

Requirements

Do you have experience in Threat intelligence reports?, Applicants are responsible for confirming all required materials are submitted by the closing date of the announcement. Please check the How You Will Be Evaluated and Required Documents sections carefully, as missing documents will render the application incomplete and ineligible for review.

Qualifying experience may be obtained in the private or public sector. Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional, philanthropic, religious, spiritual, community, student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience. All qualification requirements must be met by the closing date of this announcement.

BASIC REQUIREMENT: For all positions individuals must have IT-related experience demonstrating each of the four competencies listed below:

  • Attention to Detail - Is thorough when performing work and conscientious about attending to detail.

  • Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.

  • Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.

  • Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.

MINIMUM QUALIFICATION REQUIREMENT: In addition to meeting the basic requirement, applicants must also meet the minimum qualification requirement below.

SK-14: Applicant must have at least one year of specialized experience equivalent to the GS/SK-13 level:

  • Collecting and handling information about emerging cyber threats;

  • Utilizing structured methodologies to analyze how attackers behave;

  • Sharing cyber threat intelligence with security teams and mission partners to protect systems; and

  • Delivering cyber threat assessments that help organizational leaders make informed decisions.

ACCOMPLISHMENT RECORD COMPETENCIES: Your Accomplishment Record narratives should address the following competencies. See the How You Will Be Evaluated section below for more information, Candidates should be committed to improving the efficiency of the Federal government, passionate about the ideals of our American republic, and committed to upholding the rule of law and the United States Constitution., Education must be accredited by an accrediting institution recognized by the U.S. Department of Education in order for it to be credited towards qualifications. Therefore, provide only the attendance and/or degrees from schools accredited by accrediting institutions recognized by the U.S. Department of Education., Position sensitivity and risk Critical-Sensitive (CS)/High Risk Jobs require a background check and some require a security clearance. The type depends on the job. Background check type

  • Suitability/Fitness

Financial disclosure required Yes Some jobs require financial disclosure to identify conflicts of interests.

Benefits & conditions

4.34.3 out of 5 stars Denver, CO Hybrid work $149,204 - $267,168 a year - Full-time, A career with the U.S. government provides employees with a comprehensive benefits package. As a federal employee, you and your family will have access to a range of benefits that are designed to make your federal career very rewarding. Opens in a new windowLearn more about federal benefits.

Review our benefits

Eligibility for benefits depends on the type of position you hold and whether your position is full-time, part-time or intermittent. Contact the hiring agency for more information on the specific benefits offered., A complete application package must be submitted by 11:59 PM (EST) on the closing date of the announcement to receive consideration. No additional documentation will be accepted after the deadline

  • To begin, click Apply to access the online application. You will need to be logged into your USAJOBS account to apply. If you do not have a USAJOBS account, you will need to create one before beginning the application.
  • Follow the prompts to select your resume and/or other supporting documents to be included with your application package. You will have the opportunity to upload additional documents to include in your application before it is submitted. Your uploaded documents may take several hours to clear the virus scan process.
  • After acknowledging you have reviewed your application package, complete the Include Personal Information section as you deem appropriate and click to continue with the application process.
  • You will be taken to the online application which you must complete in order to apply for the position. Complete the online application, verify the required documentation is included with your application package, and submit the application.

Apply for this position