Team Lead for Indications and Warnings Team

Clearance Level
Interim Secret
Cyber Security
Rosslyn, Virginia

REQ#: RQ108610

Travel Required: Less than 10%
Public Trust: None
Requisition Type: Regular

Team Lead for Indications and Warnings Team

Classification:  Direct Project Work (Onsite), Location:  Rosslyn, VA  

Key: No

Program Description: Serves as a Team Lead for Indications and Warnings Team in support of a major federal client.  This organization provides services that analyze and produce enhanced cyber security and threat intelligence information to include threats and potential threats to the customer’s personnel, information, and information systems; provides timely and relevant intelligence to assist with mitigating cyber threats confronting the Department; supports evaluation, implementation, and operations of tools/technologies used in advanced analysis. Responsible for written and oral briefings to stakeholders and community partners across the Foreign Affairs community.  

Functional Duties:

The Cyber Threat Analyst will support the customer’s overall cyber threat analysis efforts. The analyst must have the political acumen and the confidence to reach out and work with other agencies and industry stakeholders, to share threat information and work together to advance one another’s capabilities.  Ensures that relevant threat indicators are infused in all aspects of program operations.

As a senior analyst, they must have significant background in cyber threat analysis, intelligence analysis and reporting, intrusion detection/response, firewall architecture, and emerging technologies. They must also understand security vulnerabilities and malicious actor tactics, techniques, and procedures (TTPs) to assess known and emerging cyber threats and better evaluate the effectiveness of layered defenses and to provide strategic recommendations on new technical and non-technical protections.  The ideal candidate will have a solid understanding of cyber threats across multiple cyber threat groups/actors, targeted intrusion techniques, and different categories of indicators of compromise. Additionally, the candidate would have an understanding of intrusion detection systems, intrusion analysis, data integration platforms, endpoint detection, data analytics, and cyber defense architectures. 

Candidate should have proven expert written and oral communication skills to include experience with executive-level presentations. Candidate should have knowledge related to the current state of cyber international relations, adversary tactics, and trends. Candidate will possess the ability to work quickly, and a willingness to complete ad hoc, time sensitive assignments.



  • A Bachelor’s Degree in Computer Science, Information Systems, Intelligence Studies, English, Communications, History, International Affairs or Studies, or other related technical or liberal art discipline is desired. Four (4) additional years of general experience (as defined below) may be substituted for the degree.

Certifications Desired:  CISSP, SANS GCTI, CCSP

General Experience: 8 years of experience in intelligence or technical analysis with increasing responsibilities. Demonstrated oral and written communications skills. 

  • Good working knowledge of cyber threat intelligence analysis
  • Prior military or intelligence community experience and/or formal analytic training/certification
  • Strong analytical skills and the ability to effectively research, write, communicate and brief to varying levels of audiences to include at the executive level
  • Previous experience managing cross functional and interdisciplinary project teams to achieve tactical and strategic objectives.

Specialized Experience:

  • Three to five years of experience in intelligence or technical analysis with a focus on cyber threat analysis and threat modeling, to include preparing and presenting results.
  • Three to five years of experience with assessing cyber threat groups, attack methodologies, forensics analysis techniques, malware analysis, attack surface comprehension, spear phishing, research/validation of new cyber threat TTPs.
  • Understanding and experience with the MITRE ATT&CK Framework
  • Ability to work with across a large cyber program to improve an organization’s detection capabilities, as well as, develop mitigations, signature development, and assisting incident response procedures.
  • Demonstrated expertise in deploying and maintaining tools to facilitate the flow of intelligence analysis and reports.
  • Experience writing contract deliverables and short suspense products to stakeholders.

Security Clearance:  TS (clearable to SCI)

COVID-19 Vaccination Requirement: To protect the health and safety of its employees and to comply with customer requirements, GDIT may require employees in certain positions to be fully vaccinated against COVID-19. Vaccination requirements will depend on the status of the federal contractor mandate and customer site requirements.

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.