Cyber Threat Intelligence Lead

Clearance Level
Cyber Security
Washington, District of Columbia

REQ#: RQ139253

Travel Required: Less than 10%
Public Trust: NACI (T1)
Requisition Type: Pipeline

Conducts all-source analysis, digital forensics, and targeting to identify, monitor, assess, and counter the threat posed by malicious actors against information systems, critical infrastructure, and cyber-related interests. Provide assessments of the intentions of adversary groups to conduct computer network exploitation (CNE) and computer network attack (CNA) against infrastructure systems, applications, and data. Review the ingest of cyber news feeds, signature updates, incident reports, threat briefs, and vulnerability alerts from external sources and determine its applicability to the system environment


  • Prepare and coordinate strategic, high-level Cyber Threat Assessments, and provide tactical analysis, advice, and information concerning adversary cyber actions and capabilities to the Government. 
  • Use all-source analysis and all available disciplines to research, draft, and submit information to the Government.  
  • Maintain in‐depth visibility across the Enterprise and a means of filtering and prioritizing threat data into concise, actionable intelligence.
  • Compile and interpret the information received about emerging threats at different classification levels through data feeds.
  • Review the ingest of cyber news feeds, signature updates, incident reports, threat briefs, and vulnerability alerts and determine its applicability to the systems environment.
  • Identify potential threats and identify current and evolving hacking tools and methodologies available to disrupt these systems.
  • Determine risks to the Enterprise and develop mitigations and/or countermeasures.
  • Author and redistribute cyber intelligence information based on knowledge of adversary capabilities, intentions, techniques, tactics, and procedures (TTP).
  • Develop situational awareness and report cyber threat, vulnerability, and asset management data to Government Leadership.
  • Communicate methods for detecting activities of specific threats, and plan operations to mitigate or disrupt the threat.
  • Collaborate in the development of enterprise-level playbooks for automation and orchestration.
  • Employ a Cyber Kill Chain methodology as part of the defense-in-depth strategy for enhanced insights and reporting of cyber activity.
  • Collaborate with government and contractor cyber threat analysts to satisfy requests for information from stakeholders throughout the enterprise as well as with external partners and stakeholders.
  • Submit assessments on trending topics in Cyberspace for Government leadership review, approval, and distribution.
  • Develop and present environment-relevant briefings on threats to the Information Environment.
  • Apply scientific and technical knowledge to solving complex problems, produce short-term and long-term written assessments, and brief decision makers.
  • Participate in cyberspace-related, community of interests, Video Teleconferences (VTC), and other venues.
  • Present key technical intelligence to senior decision/policymakers


  • 10 years of computer information technology experience.
  • 5 years performing Cyber Threat Assessments
  • 3 years of intrusion detection and/or incident handling experience
  • Bachelor degree
  • Certification: CISSP, GIAC, CEH, CISA, CISP, or equivalent
  • Knowledge/Understanding of Cyber Kill Chain threat framework/model for the identification and prevention of cyber intrusions activity and for enhanced insights and reporting of cyber activity
  • Public Trust clearance capability

About Our Work

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

COVID-19 Vaccination

GDIT does not have a vaccination mandate applicable to all employees. To protect the health and safety of its employees and to comply with customer requirements, however, GDIT may require employees in certain positions to be fully vaccinated against COVID-19. Vaccination requirements will depend on the status of the federal contractor mandate and customer site requirements.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.