Cyber Defense Incident Response (SME) CTI

Cyber Defense Incident Response (SME) – Cyber Threat Intelligence (CTI)
Location: Huntsville, Alabama
Clearance Requirement: Active Top Secret (TS/SCI Preferred)

Job Summary:
Are you a cybersecurity expert with a passion for cyber threat intelligence? Do you want to be part of a company and culture where you can grow? Do you thrive in high-security environments, analyzing advanced cyber threats and protecting critical systems? If so, we want you on our team!
We are seeking a Cyber Threat Intelligence (CTI) expert to play a key role in high-priority cybersecurity operations. In this role, you'll lead the collection, analysis, and prioritization of both external and internal cyber threat data, transforming it into actional intelligence by key stakeholders. As a Disruptive CTI expert, you will identify threat patterns, analyze adversary methodologies and motives, and assess the evolving threat landscape to enhance the organization’s cybersecurity defenses. Your insights will drive proactive strategies to stay ahead of emerging threats.

Key Responsibilities
Monitor & Analyze Cyber Threats

• Continuously track and assess external cyber threat intelligence sources, including open-source, proprietary, and classified feeds to stay ahead of emerging threats.
• Identify and evaluate new attack techniques, vulnerabilities, and adversary tactics that could impact critical systems.

Drive Actionable Intelligence

• Triage and prioritize threat intelligence reports, delivering timely recommendations to mitigate cyber risks.
• Support incident response teams by providing intelligence-driven insights that enhance threat detection and mitigation efforts.
• Leverage Splunk Enterprise Security and Microsoft Sentinel to correlate threat intelligence data with real-time security events.

Develop Reports & Enhance Defense Strategies

• Create and maintain threat intelligence reports, dashboards, and briefing materials for both executive and technical audiences.
• Collaborate with internal cybersecurity teams to integrate threat intelligence into proactive defense strategies.
• Ensure compliance with NIST NICE Threat Analysis Work Role guidelines and best practices.

Required Skills & Qualifications
10 years of experience in Cyber Threat Intelligence (CTI), Incident Response, and Digital Forensics.
Expertise in Splunk Enterprise Security and Microsoft Sentinel for security monitoring and data analysis.
Strong analytical skills to assess cyber threats, attack patterns, and adversary Tactics, Techniques, and Procedures (TTPs).
Ability to communicate complex technical findings to both technical and non-technical stakeholders.

Preferred Certifications
GIAC Cyber Threat Intelligence (GCTI) (Highly preferred)
Additional relevant certifications, including:

• GIAC Certified Incident Handler (GCIH)
• GIAC Certified Intrusion Analyst (GCIA)
• GIAC Network Forensic Analyst (GNFA)
• GIAC Certified Forensic Analyst (GCFA)