Back to jobs
New

Cyber Threat Intelligence Analyst

Northern Virginia

Job Title: Cyber Threat Intelligence Analyst

Position Summary

The Senior Cyber Threat Intelligence Analyst is responsible for collecting, analyzing, and disseminating actionable intelligence to support enterprise cybersecurity operations, fraud prevention, and risk mitigation. This role proactively identifies emerging cyber threats, fraud campaigns, dark web activity, insider threats, and brand misuse that could impact organizational assets, personnel, or operations.

The ideal candidate possesses extensive experience conducting cyber threat intelligence analysis, monitoring dark web activity, identifying fraud indicators, and producing operational and executive-level intelligence reporting. This individual will collaborate closely with Security Operations, Incident Response, Threat Hunting, Vulnerability Management, and executive leadership to ensure intelligence is integrated into defensive operations and strategic decision-making.

Key Responsibilities

Cyber Threat Intelligence

  • Collect, analyze, correlate, enrich, and disseminate actionable cyber threat intelligence from commercial, open-source, government, and proprietary intelligence sources.
  • Produce timely intelligence products supporting cybersecurity operations, executive leadership, and mission stakeholders.
  • Identify emerging cyber threats, adversary tactics, techniques, and procedures (TTPs), and evaluate their potential impact to the organization.
  • Maintain threat intelligence processes, workflows, and standard operating procedures to support continuous intelligence operations.

Fraud Intelligence & Dark Web Monitoring

  • Monitor dark web forums, marketplaces, messaging platforms, and underground communities for indicators of fraud, credential theft, data leakage, and criminal activity targeting the organization.
  • Identify emerging fraud schemes, financial crime trends, phishing campaigns, and identity-based attacks relevant to federal operations.
  • Analyze criminal infrastructure and threat actor activity to identify risks before they impact organizational assets.
  • Develop intelligence products that help detect, prevent, and mitigate fraud targeting bureau systems, services, and customers.
  • Support fraud reporting and intelligence-sharing processes in accordance with Bureau of the Fiscal Service (BFS) requirements and established reporting mechanisms.

Brand Protection & Threat Monitoring

  • Monitor organizational brands, domains, and digital assets for misuse, impersonation, phishing, counterfeit activity, and unauthorized use.
  • Investigate potential brand abuse incidents and recommend mitigation strategies.
  • Coordinate with appropriate stakeholders to support brand protection activities, including takedown requests for malicious or unauthorized content.
  • Monitor cyber, insider, physical, and environmental threats that could impact enterprise operations.

Operational Intelligence Support

  • Integrate threat intelligence into Security Operations Center (SOC), Incident Response, Threat Hunting, Vulnerability Management, and Security Fusion Center activities.
  • Provide intelligence support during cybersecurity investigations and incident response activities.
  • Develop actionable recommendations that improve detection capabilities and reduce organizational risk.
  • Collaborate with cross-functional teams to improve intelligence-driven security operations.

Artificial Intelligence & Threat Intelligence Automation

  • Leverage Artificial Intelligence (AI) and automation technologies to improve threat intelligence collection, enrichment, prioritization, and analysis.
  • Research emerging AI-enabled threat intelligence platforms and security operations capabilities.
  • Evaluate opportunities to automate intelligence workflows using multi-source threat feeds and advanced analytics.
  • Provide recommendations on integrating AI into cybersecurity operations while supporting responsible and secure implementation practices.

Reporting & Briefings

  • Produce technical intelligence reports, executive summaries, threat assessments, and operational briefings.
  • Communicate complex threat information to technical and non-technical audiences.
  • Develop actionable recommendations based on intelligence findings to improve organizational security posture.
  • Support leadership with strategic intelligence products that inform operational and risk-based decisions.

Required Qualifications

  • Bachelor's degree in Cybersecurity, Intelligence Studies, Computer Science, Information Assurance, Criminal Justice, or a related field.
  • 5+ years of experience in Cyber Threat Intelligence, Security Operations, Fraud Intelligence, Digital Risk Protection, or Cyber Defense.
  • Demonstrated experience conducting dark web investigations and monitoring criminal ecosystems.
  • Strong understanding of cyber-enabled fraud, financial crime, phishing campaigns, account takeover, identity theft, and social engineering tactics.
  • Experience producing actionable cyber threat intelligence for operational security teams and executive leadership.
  • Knowledge of cyber threat frameworks including:
    • MITRE ATT&CK
    • Cyber Kill Chain
    • Diamond Model of Intrusion Analysis
  • Experience with commercial threat intelligence platforms, Digital Risk Protection (DRP) solutions, and open-source intelligence (OSINT).
  • Familiarity with Security Operations Center (SOC) workflows, incident response processes, and threat hunting methodologies.
  • Strong analytical, investigative, and critical thinking skills.
  • Excellent written and verbal communication skills.

Preferred Qualifications

  • GIAC Cyber Threat Intelligence (GCTI)
  • GIAC Open Source Intelligence (GOSI)
  • Certified Information Systems Security Professional (CISSP)
  • Certified Fraud Examiner (CFE)
  • SANS FOR578 (Cyber Threat Intelligence) or equivalent training.
  • Experience supporting Bureau of the Fiscal Service (BFS), Treasury, or other federal civilian agencies.
  • Experience using threat intelligence platforms such as Recorded Future, Anomali, ThreatConnect, Mandiant, Microsoft Defender Threat Intelligence, or similar technologies.
  • Familiarity with AI-enabled threat intelligence platforms, automation tools, and machine learning applications for cybersecurity.

Knowledge, Skills, and Abilities

  • Extensive knowledge of cybercriminal ecosystems, underground marketplaces, dark web communities, and threat actor behaviors.
  • Strong understanding of fraud methodologies, financial cybercrime, digital identity abuse, and brand impersonation techniques.
  • Ability to identify indicators of compromise (IOCs), indicators of attack (IOAs), and emerging fraud trends.
  • Experience correlating intelligence from multiple sources to produce timely, actionable reporting.
  • Ability to communicate intelligence findings effectively to cybersecurity teams, investigators, executives, and mission stakeholders.
  • Strong investigative mindset with the ability to recognize patterns, anticipate adversary behavior, and proactively identify organizational risks.
  • Ability to leverage automation and artificial intelligence to improve intelligence collection, enrichment, and operational effectiveness.

Compensation & Benefits

  • Competitive salary
  • Employer-paid health insurance premiums (medical, dental, vision)
  • Employer-paid short/long term disability insurance and basic life/AD&D insurance
  • 401K with a 4% employer contribution
  • Professional development reimbursement options available (training, certification, education, etc)​
  • Flexible and remote work policies for most positions
  • Paid Time Off (PTO) at a rate of three (3) weeks plus one (1) day per year of service up to four (4) weeks annually
  • 11 paid holidays per calendar year​

At SIXGEN, we are committed to fair and equitable compensation practices. The anticipated salary range for this role is $100,000 - $155,000 per year, depending on experience and qualifications. This range reflects our compensation philosophy, which takes into account various factors including the candidate's relevant experience, education, skills, LCATs rates and position level, and market competitiveness. In addition to base salary, employees may be eligible for other forms of compensation to include our growth incentive program, incentives and benefits. The final salary offer will be determined after a thorough review of the candidate's background and alignment with the role. Please note that this range is subject to change and should be considered as a guideline rather than a definitive figure.

We are committed to fostering an inclusive culture that values diversity in our people, reflecting the communities we serve and our customer base. We strive to attract and retain a diverse talent pool and create an environment where everyone is empowered to be their authentic selves at work.

SIXGEN is an Equal Opportunity Employer. We ensure that all applicants are considered for employment without regard to race, color, religion, sexual orientation, gender identity, national origin, disability, age, marital status, ancestry, projected veteran status, or any other protected group or class.

 

Create a Job Alert

Interested in building your career at SixGen, Inc.? Get future opportunities sent straight to your email.

Apply for this job

*

indicates a required field

Phone
Resume/CV*

Accepted file types: pdf, doc, docx, txt, rtf

Cover Letter

Accepted file types: pdf, doc, docx, txt, rtf


Select...
Select...
Select...

Voluntary Self-Identification

For government reporting purposes, we ask candidates to respond to the below self-identification survey. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file.

As set forth in SixGen, Inc.’s Equal Employment Opportunity policy, we do not discriminate on the basis of any protected group status under any applicable law.

Select...
Select...
Race & Ethnicity Definitions

If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to the Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categories is as follows:

A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability.

A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.

An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.

An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.

Select...

Voluntary Self-Identification of Disability

Form CC-305
Page 1 of 1
OMB Control Number 1250-0005
Expires 04/30/2026

Why are you being asked to complete this form?

We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years.

Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

A disability is a condition that substantially limits one or more of your “major life activities.” If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to:

  • Alcohol or other substance use disorder (not currently using drugs illegally)
  • Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS
  • Blind or low vision
  • Cancer (past or present)
  • Cardiovascular or heart disease
  • Celiac disease
  • Cerebral palsy
  • Deaf or serious difficulty hearing
  • Diabetes
  • Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders
  • Epilepsy or other seizure disorder
  • Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome
  • Intellectual or developmental disability
  • Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD
  • Missing limbs or partially missing limbs
  • Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports
  • Nervous system condition, for example, migraine headaches, Parkinson’s disease, multiple sclerosis (MS)
  • Neurodivergence, for example, attention-deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities
  • Partial or complete paralysis (any cause)
  • Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema
  • Short stature (dwarfism)
  • Traumatic brain injury
Select...

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.