What You'll Be Working On: ️ Gathering, analyzing, and disseminating threatintelligence from multiple sources to identify emerging cyber threats ️ Identifying attack patterns, trends, and vulnerabilities to inform defensive strategies ️ Collaborating with internal teams to enhance incident response and improve threat detection capabilities ️ Producing detailed threat reports, including indicators of compromise (IOCs), tactics, techniques, and procedures … TTPs) ️ Supporting vulnerability management and assisting with the development of security posture recommendations What We're Looking For: ️ Proven experience as a ThreatIntelligence Analyst or in a similar role within cybersecurity ️ Strong knowledge of threatintelligence platforms (TIPs), open-source intelligence (OSINT), and malware analysis ️ Familiarity with cybersecurity frameworks (e.g., MITRE ATT&CK, STIX More ❯
Warwick, Warwickshire, United Kingdom Hybrid / WFH Options
Akkodis
Cyber ThreatIntelligence Analyst Akkodis are currently working in partnership with a leading service provider to recruit a Cyber ThreatIntelligence Analyst to join a leading Cyber Defence Team and play a pivotal role in providing actionable technical intelligence to detection engineers, threat hunters and security operations. This role offers a highly competitive salary … and the opportunity for remote working. The Role As a Cyber ThreatIntelligence Analyst you will support the rest of the Cyber Defence engineering team in regard to the roadmap and what to focus on. You will share intel to help them understand what's emerging as well as what advanced persistent threat actors are leveraging to … compromise systems. You will work directly across all areas of Cyber Defence to produce bespoke and technical intelligence across Tactical, Strategic, and Operational intelligence. The Responsibilities Conduct in-depth analysis of threat groups, their capabilities, motivations, and tactics A strong understanding of threats posed Articulate complex concepts to various stakeholders across the business. Knowledge of tactics, techniques and More ❯
Job title: Cyber ThreatIntelligence Analyst Location: Preston, Frimley or Filton We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role. Salary: Circa £45,000 depending on experience What you’ll be doing: Performing threat research to identify threats relevant to BAE Systems, including collecting … processing, and disseminating actionable, high fidelity threatintelligence Assisting with the identification of current tactics, techniques, & procedures (TTPs) and Indicators of Compromise (IOC) Uses analysis techniques useful for investigating suspected attacks and perform intelligence tasking Will develop and maintain knowledge of cyber security threats, analyst toolsets and relevant activity group tactics, techniques, and procedures (TTPs) Your skills … and experiences: Essential: An understanding of Cyber ThreatIntelligence techniques and best practice Knowledge of cyber threat landscape, current affairs, and geopolitics, including activity groups and how to apply this knowledge within an operational environment Desirable: Knowledge of the types of threat actors and how they operate Knowledge of network protocols such as HTTP(S), SMTP More ❯
Cyber Hunt Threat Analyst (CHTA Team) Charleston, SC Minimum Secret Clearance required with upgrade eligibility to TS/SCI As a Threat Detection Specialist you will be a part of the NIWC Cybersecurity Service Provider (CSSP) Operations Threat Detection Team (CHTA Team) and an SME in both network and host-based security tools with associated tools providing … data enrichment, orchestration, and automated response. The CHTA Team works closely with the Cyber ThreatIntelligence team to coordinate ingestion of near-real-time threatintelligence data into the workflow ensuring rapid analysis, creation of indicator logic, and the conduction of cyber threat hunting missions based off adversarial Technique, Tactics, and Procedures (TTPs). Position … Responsibilities and Duties: • Maintains knowledge on the current cyber threat landscape • Creates, updates, and maintains indicator logic using all CSSP tools and resources • Provides relevant and useful alerts for the Operations Watch team Qualifications: • US Citizen • At least 3 years of experience with IDS/IPS Solutions • At least 3 years of experience performing analysis or threat hunting More ❯
KMI is a Minority Business Enterprise (MBE) and Small Disadvantage Business (SDB) that specializes in Logistics, Warehouse Services, Distance Learning/Training, Enterprise Solutions, Financial Management Support, Program Management, Intelligence Analysis & Threat Assessment, and Data Analytics/Operations Research. Since 1998, our solutions and services have helped our clients improve performance, drive cost and operational effectives, and map … technology needs for tomorrow's requirements. Title: Lead Intelligence Analyst Location: 119 D Street, N.E Washington, DC Monday-Friday on-site (with occasional duty on weekends) Duration: 1 years, with 4 optional years Start date: June 1, 2025 (anticipated) Shift: 6 am to 2 pm or 2 pm to 10 pm Security Clearance: Must obtain a Top Secret/… SCI within 1 year of start date. Salary: $95,000- Education/Experience: Bachelor's Degree in intelligence, law enforcement, security, or related field and must possess at least seven (7) of cumulative experience in open-source intelligence collection, analysis, and reporting. There is no education substitute for the Lead Intelligence Analyst positions. The Lead will work More ❯
KMI is a Minority Business Enterprise (MBE) and Small Disadvantage Business (SDB) that specializes in Logistics, Warehouse Services, Distance Learning/Training, Enterprise Solutions, Financial Management Support, Program Management, Intelligence Analysis & Threat Assessment, and Data Analytics/Operations Research. Since 1998, our solutions and services have helped our clients improve performance, drive cost and operational effectives, and map … technology needs for tomorrow's requirements. Title: Intelligence Analyst - Level I Location: 119 D Street, N.E Washington, DC Monday-Friday on-site (with occasional duty on weekends) Duration: 1 years, with 4 optional years Start date: June 1, 2025 (anticipated) Shift: 6 am to 2 pm or 2 pm to 10 pm Security Clearance: Must obtain a Top Secret …/SCI within 1 year of start date. Salary: TBD Education/Experience: Bachelor's degree in intelligence, law enforcement, security, or related field and must possess at least three (3) of cumulative experience in open-source intelligence collection, analysis, and reporting. At this level, CIRSs often work independently and support major tasks in addition to Level More ❯
KMI is a Minority Business Enterprise (MBE) and Small Disadvantage Business (SDB) that specializes in Logistics, Warehouse Services, Distance Learning/Training, Enterprise Solutions, Financial Management Support, Program Management, Intelligence Analysis & Threat Assessment, and Data Analytics/Operations Research. Since 1998, our solutions and services have helped our clients improve performance, drive cost and operational effectives, and map … technology needs for tomorrow's requirements. Title: Intelligence Analyst - Level II Location: 119 D Street, N.E Washington, DC (onsite and remote) Duration: 1 years, with 4 optional years Start date: early July Shift: Monday-Friday 12 pm to 8 pm. Voluntary overtime during events Security Clearance: Must obtain a Top Secret/SCI within 1 year of start date. … Salary: $80,000 w/clearance; $75,000 w/no clearance, salary will increase to $80,000 once clearance is obtained Education/Experience: Bachelor's degree in intelligence, law enforcement, security, or related field and must possess at least five of cumulative experience in open-source intelligence collection, analysis, and reporting. At this level, CIRSs often More ❯
EW/SIGINT Threat Analyst Job Category: Intelligence Time Type: Full time Minimum Clearance Required to Start: Secret Employee Type: Regular Percentage of Travel Required: Up to 10% Type of Travel: Outside Continental US The Opportunity: CACI is seeking an EW/SIGINT Threat Analyst to support the U.S. Army at Aberdeen Proving Ground, MD. You will … weapon system and emitter information to create a prioritized list of threats to be reprogrammed into MDS software. Develop MDS reprogramming and simulation requirements in the form of a Threat Analysis Specification (TAS) to meet emerging threats. Critically analyze and review results of tests against developmental MDS programming to confirm system threat detection requirements from the TAS are … for aircrew such as Kneeboard Cards and Pertinent Notes. Conduct analysis of new threats to aviators in the field and write System Impact Messages that detail indications of the threat relevant to their ASE. Perform independent reviews of intelligence briefings, reports and information/issue papers produced by Service Production Centers. The primary focus of this position is More ❯
Cyber Threat Hunt Analyst Location: Mclean, VA Signature Federal Systems seeks a Cyber Threat Hunt Analyst to join our Cyber Security Operations Center (CSOC) in McLean, VA. The ideal candidate will have a deep understanding of cyber threat hunting, advanced persistent threats (APTs), and the latest tactics, techniques, and procedures (TTPs) used by adversaries. Join ManTech and … play a vital role in our nation's security by helping to enhance our security posture. Responsibilities include but are not limited to: Conduct threat hunting activities to detect advanced threats that evade traditional security solutions and continuously monitor and analyze threatintelligence sources to stay informed about emerging threats. Search for signs of malicious activity in … our network and systems. Develop and implement new and innovative threat detection techniques and strategies. Analyze large datasets to identify patterns and anomalies indicative of malicious activities. Collaborate with other CSOC team members and stakeholders to respond to and investigate security incidents. Provide detailed reports and briefings on threat hunting activities and findings to senior management. Develop and More ❯
Paradyme is seeking experienced Senior Cybersecurity Analyst (Red Team) for upcoming projects in support of major federal law enforcement and intelligence customers. The people in these positions will work in secured federal facilities in: Washington, DC; Huntsville, AL; and Clarksburg, WV. A current TOP SECRET clearance is required to be considered. We are seeking a Senior Cybersecurity Analyst, Red … Team Analyst, to conduct advanced threat emulation operations. This role requires a technical expert who can be part of the Operations Red Team to simulate real-world cyber threats and collaborate across teams to enhance the government customers Cybersecurity posture. The ideal candidate will bring deep offensive security expertise, practical experience, and a passion for continuous innovation in a … environment. Key Responsibilities: Create Operational Plans and Strategies to set the foundation of the Red Team Operations Work with Team to meet cybersecurity objectives Execute objective-based, time-constrained threat scenarios Tailor operations to emulate realistic threat profiles, including Advanced Persistent Threats (APT) and insider threats Threat Emulation and Attack Simulation: Help deploy offensive tools and techniques More ❯
Principal Cybersecurity Researcher (Reverse Engineering) London, UK With 1,000 intelligence professionals, over $300M in sales, and serving over 1,900 clients worldwide, Recorded Future is the world's most advanced, and largest, intelligence company! Reversing Emulation and Testing (RET) is a core function of Insikt Group's Technical Analysis (TA) Team. We seek a principal technical threat … lead high-impact research and drive innovation in analytical capabilities within Insikt Group. You will guide and shape technical research into state-sponsored and cybercriminal malware, collaborating across functional intelligence teams to support finished intelligence reporting and platform enrichment. Your responsibilities will include not only conducting advanced malware reverse engineering and infrastructure emulation but also designing and implementing … internal tools and workflows that increase our team's efficiency. You will be expected to develop and formalize novel approaches to dynamic analysis, configuration extraction, and threat behavior modeling. This position entails representing Insikt Group's technical threat research in customer briefings, webinars, and industry engagements. You will communicate complex technical findings to diverse audiences ranging from internal More ❯
disrupt threats to cleared industry, cleared personnel, DOD, and the Defense Counterintelligence and Security Agency (DCSA). The CI Analyst will facilitate USG responses to adversary action by sharing threat indicators and enabling responsive measures from other agencies and services. Compensation & Benefits: Estimated starting salary range: $85,000-$100,000. Pay commensurate with experience. Full time benefits include Medical … Produce professional briefings and supporting documentation used to articulate and communicate operational activities and or CI threats to various internal and external audiences. Produce and deliver briefings derived from threat assessments written by the Contractor and/or other DCSA CI personnel to USG customers and cleared industry partners. Prepare, coordinate, and present Government-approved briefings (CI briefings, threat … industry under the NISP. Review reports forwarded by DCSA CI Special Agents (CISAs) and perform detailed research to determine if the reports meet the criteria for creation of an Intelligence Information Reports (IIR), NIP, CI Incident Reports (CIR), or other type of reports IAW current DCSA SOPs. If a report is warranted, the Contractor shall write the report and More ❯
and mitigating cyber threats within a fast paced technical and cybersecurity proactive and reactive environment. RESPONSIBILITIES Leadership and Planning Support and coordinate advanced vulnerability assessments, incident response initiatives, and threat hunting operations for the Blue Team. Support the collaborative activities of the Purple Team, combining offensive (Red Team) and defensive (Blue Team) strategies to identify security weaknesses and enhance … defenses. Support the development and subsequent execution of strategic plans that align with threatintelligence and operational realities, ensuring assessments are comprehensive and based on real-world risks. ThreatIntelligence and Risk Assessment Leverage threatintelligence to scope and prioritize projects, ensuring that assessments address true operational risks and are not limited by arbitrary … boundaries. Support risk-based evaluations of the government customer critical systems, networks and infrastructure to uncover potential vulnerabilities that could impact missions. Maintain up-to-date knowledge of the threat landscape and integrate this information into assessment and response activities. Threat Hunting Oversight Support proactive threat hunting efforts to identify weaknesses and vulnerabilities to emerging threats on More ❯
Springfield, Virginia, United States Hybrid / WFH Options
Zachary Piper Solutions, LLC
data to identify anomalous activity and potential threats to resources. Provides detection, identification, and reporting of possible cyber-attacks/intrusions, anomalous activities, and misuse activities Create and deploy threat-based signatures for operational intrusion detection capabilities. Create and implement detection rules from intelligence reporting Basic Qualifications: Bachelor's Degree or 4+ years of years of additional cyber … experience in a cyber role Experience with modern Windows, UNIX, network operating systems, databases, and virtual computing Experience with enterprise security tools, including Security information and event management (SIEM), Threatintelligence platforms (TIPs), or Network monitoring tools Experience with creating, modifying, tuning, IDS signatures/SIEM correlation searches and other detection signatures. Knowledge of implementation of countermeasures or More ❯
in London - Contract - Hybrid Inside IR35 - umbrella Key Responsibilities SIEM Management & Optimization: Design, implement, and maintain Microsoft Sentinel workspaces, connectors, analytics rules, and playbooks Develop advanced KQL queries for threat hunting and reporting Optimize SIEM performance, cost, and data retention policies Troubleshoot log ingestion and parsing issues Log Source Integration: Onboard and configure critical log sources (AD, firewalls, servers … cloud infrastructure) Manage event collection and forwarding infrastructure Implement data filtering and custom log parsing Threat Detection & Use Case Development: Develop and refine detection rules based on threatintelligence and attack patterns Continuously improve detection efficacy and reduce false positives Security Monitoring & Incident Response: Monitor systems for anomalies and malicious activity Contribute to threat hunting and More ❯
in London - Contract - Hybrid *Inside IR35 - umbrella* Key Responsibilities SIEM Management & Optimization: Design, implement, and maintain Microsoft Sentinel workspaces, connectors, analytics rules, and playbooks Develop advanced KQL queries for threat hunting and reporting Optimize SIEM performance, cost, and data retention policies Troubleshoot log ingestion and parsing issues Log Source Integration: Onboard and configure critical log sources (AD, firewalls, servers … cloud infrastructure) Manage event collection and forwarding infrastructure Implement data filtering and custom log parsing Threat Detection & Use Case Development: Develop and refine detection rules based on threatintelligence and attack patterns Continuously improve detection efficacy and reduce false positives Security Monitoring & Incident Response: Monitor systems for anomalies and malicious activity Contribute to threat hunting and More ❯
in London - Contract - Hybrid *Inside IR35 - umbrella* Key Responsibilities SIEM Management & Optimization: Design, implement, and maintain Microsoft Sentinel workspaces, connectors, analytics rules, and playbooks Develop advanced KQL queries for threat hunting and reporting Optimize SIEM performance, cost, and data retention policies Troubleshoot log ingestion and parsing issues Log Source Integration: Onboard and configure critical log sources (AD, firewalls, servers … cloud infrastructure) Manage event collection and forwarding infrastructure Implement data filtering and custom log parsing Threat Detection & Use Case Development: Develop and refine detection rules based on threatintelligence and attack patterns Continuously improve detection efficacy and reduce false positives Security Monitoring & Incident Response: Monitor systems for anomalies and malicious activity Contribute to threat hunting and More ❯
this position is Senior or Expert -The level for this position is Senior 6-10 years experience required or Expert- 11-15 years experience. - B4Corp is seeking a Cyber Threat Hunt Analyst to join ar Cyber Security Operations Center (CSOC) in McLean, VA. The ideal candidate will have a deep understanding of cyber threat hunting, advanced persistent threats … by adversaries. Join us and play a vital role in our nation's security by helping to enhance our security posture. Responsibilities include but are not limited to: Conduct threat hunting activities to detect advanced threats that evade traditional security solutions and continuously monitor and analyze threatintelligence sources to stay informed about emerging threats. Search for … signs of malicious activity in our network and systems. Develop and implement new and innovative threat detection techniques and strategies. Analyze large datasets to identify patterns and anomalies indicative of malicious activities. Collaborate with other CSOC team members and stakeholders to respond to and investigate security incidents. Provide detailed reports and briefings on threat hunting activities and findings More ❯
Apply now to join a team focused on protecting enterprise assets against evolving cyber threats. Key Responsibilities: Lead investigations and response efforts for high-severity security incidents. Conduct proactive threat hunting using Microsoft Sentinel and the Defender suite. Develop and fine-tune analytic rules, workbooks, and automation playbooks in Sentinel. Perform deep-dive analysis of malware, phishing, and lateral … Microsoft Sentinel, including KQL, custom analytic rules, and automation. Hands-on experience with Microsoft Defender for Endpoint, Identity, and Office 365. Strong knowledge of the MITRE ATT&CK framework, threatintelligence, and adversary TTPs. Solid understanding of Windows, Linux, and core network security principles. Skilled in incident response, digital forensics, and proactive threat hunting. Experience working with More ❯
our clients active incident response (IR) operations and evolving cybersecurity priorities. This position is mission-critical and will require an advanced understanding of malicious code behavior, exploitation tactics, and threat actor techniques, tactics, and procedures (TTPs). The successful candidate will work under government supervision and collaborate with multidisciplinary cyber response teams to produce actionable technical reports and threat … e.g., IDA Pro, Ghidra, x64dbg, Wireshark, Cuckoo Sandbox, Volatility) to support forensic evaluation. Support active incident response operations by analyzing malware and providing rapid assessments to stakeholders within the Threat Hunting and IR teams. Author detailed technical reports that describe malware behavior, persistence mechanisms, command-and-control protocols, exploitation vectors, and recommended mitigation strategies. Conduct static and dynamic analysis … isolated environments to safely evaluate malicious samples. Identify network and host-based indicators of compromise (IOCs) and assist in developing YARA/Snort/Suricata detection signatures. Collaborate with threatintelligence teams to enrich malware analysis results with broader context on adversary infrastructure and capabilities. Research and stay abreast of emerging malware families, vulnerabilities, and novel exploitation techniques More ❯
leading endpoint, network, email, and cloud security that interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market-leading Taegis XDR/MDR, identity threat detection and response (ITDR), next-gen SIEM capabilities, managed risk, and a comprehensive set of advisory services. Sophos sells all these solutions through reseller partners, Managed Service Providers (MSPs … worldwide, defending more than 600,000 organizations worldwide from phishing, ransomware, data theft, other every day and state-sponsored cybercrimes. The solutions are powered by historical and real-time threatintelligence from Sophos X-Ops and the newly added Counter Threat Unit (CTU). Sophos is headquartered in Oxford, U.K. More information is available at . Role … Summary Sophos is hiring a Sr. Manager to lead and scale our external security communications-with a focus on threat research, incident response, and defensive guidance. This role sits at the intersection of technical insight and operational execution, helping define how Sophos communicates with CISOs, security leaders, and the broader market. This is a unique role: you'll be More ❯
as primary liaison with DCSA and other U.S. Government security representatives, handling inspections, reviews, and reporting requirements. Advise and as necessary lead the response to adverse information reports, insider threat indicators, and other reportable incidents. Develop and oversee a robust insider threat program and security training/awareness initiatives. Support the company's business development activities as needed. … contracts. Supervise and develop a high-performing team of security professionals across multiple locations in a fast-paced, multidisciplinary engineering and development environment. Stay current on evolving security regulations, threatintelligence, and industry best practices. Required Skills: Due to the sensitivity of customer related requirements, U.S. Citizenship is required. An active Top Secret security clearance (SCI eligibility preferred … and associated security frameworks. Direct experience working with DCSA and managing successful security inspections/audits. Strong understanding of DISS, NBIS, NISS, SWFT, ACCS, NCCS, eAPP, ITPSO (Insider Threat Program Security Officer) and other personnel security systems. Proven experience managing FCLs and PCLs across multiple locations and contract types (e.g., DoD, IC, FOCI considerations). Experience supporting or managing More ❯
of the most complex enterprise environments in the UK and beyond. This isn't a typical penetration testing role. You'll be leading tailored campaigns that emulate real-world threat actors - from phishing initial access through to cloud-native post-exploitation and domain-level compromise in hybrid estates. We focus on intelligence-led engagements, simulating TTPs derived from … current threat actors, helping our clients uncover blind spots and prepare for the attacks that actually matter. We value curiosity, creativity, and diverse experience - some of our team came from medicine, others from blue team, IT, or non-technical backgrounds. If you're an experienced operator looking to work on challenging problems alongside a strong and supportive team, we … and social engineering campaigns with behavioural realism. Performing advanced Active Directory enumeration and abuse, including trust path abuse, delegation exploitation, and credential material extraction. Simulating adversary behaviour based on threatintelligence and frameworks (MITRE ATT&CK, TIBER, etc.). Identifying and exploiting weaknesses in cloud environments (Microsoft 365, Azure AD, AWS, GCP, Okta). Bypassing modern detection controls More ❯
of the SOC, including incident response, monitoring, and reporting. Designing, implementing, and continuously improving operational security processes. Acting as the primary point of contact for security incidents and coordinating threat response efforts. Actively contributing to the further development of the SOC in terms of processes and tooling. Collaborating with other IT departments (infrastructure, networks, applications) and external partners. Reporting … least 5 years of experience in IT Security, ideally with 2+ years in a managerial role within a SOC or similar environment. Solid knowledge of SIEM systems, incident response, threatintelligence, and security monitoring. Proven experience in managing projects and optimizing operational processes. A true team player with strong communication and interpersonal skills. You have a helicopter view More ❯
projects aligned with industry frameworks and compliance requirements, such as NIST800-53, ISO27001, NIST CSF, NIS 2, DORA. Leverage emerging technologies such as AI, IoT, cloud solutions, and advanced threat detection systems. Advise on their application, assess their suitability for specific environments, and determine optimal implementation timing and approach. Manage large-scale programmatic engagements, including stakeholder engagement, scoping, pricing … and issue escalation. Business development: Identify and originate cyber risk management and technology resilience opportunities. Manage key client relationships, supported by account, sales, and marketing plans. Position our cyber threatintelligence, assurance, and incident response practices. Provide energetic consulting leadership in KSA, promoting Control Risks as a trusted advisor on cyber and technology risk, leading to increased long More ❯