Harness your expertise to shape robust cybersecurity strategies and safeguard critical assets. Your leadership will be pivotal in enhancing our resilience against sophisticated, globally coordinated cyber threats.
As a Cyber Threat Intelligence Executive Director on our Cyber Research and Analysis Fusion Team (CRAFT), you will lead mission‑driven analytical initiatives to uncover emerging threats, drive attribution against advanced adversaries, and engineer scalable capabilities across the cybersecurity mission space. CRAFT serves as the core innovation hub within CyberOps, enabling deeper analysis, rapid prototyping, and mission augmentation across the firm.
You will leverage deep experience in cyber operations, network exploitation, malware analysis, and digital forensics to inform threat modeling and support strategic decision‑making at the highest levels of the firm. Your work will accelerate analyst workflows, uncover intelligence gaps, and integrate data‑driven capabilities across diverse functional teams, transforming raw technical signals into mission‑relevant insights that empower threat hunters, red teams, and senior executives alike.
In this role, you will collaborate with global partners and internal stakeholders to craft scalable solutions, engineer resilient workflows, and shape the firm’s cyber defense posture through enriched data, advanced attribution methodologies, and next‑generation detection techniques. Your leadership will draw on experience partnering with foreign governments and industry to build joint working groups and operational frameworks, directly influencing the evolution of the firm’s threat intelligence capabilities and playing a critical role in the future of proactive cybersecurity operations.
Job responsibilities
• Drive innovation in analytical and attribution capabilities by developing automated solutions that extract, normalize, and enrich large‑scale cyber data sets from diverse sources
• Lead and mentor interdisciplinary teams of cyber analysts, threat hunters, and engineers, fostering a culture of tradecraft excellence and continuous improvement
• Partner with stakeholders across Cybersecurity Operations (CyberOps) and CRAFT to support threat identification, strategic collection enhancements, and detection engineering
• Build, document, and deploy reusable analytic workflows to reduce manual effort and accelerate discovery of emerging threat behaviors
• Identify gaps and redundancies in cyber operations through structured assessments and develop targeted recommendations for process, technology, and partnership improvements
• Contribute to the development of new tradecraft by advising teammates across CyberOps on novel data types, adversary platforms, and emerging tools, techniques, and procedures
• Collaborate with internal and external partners to advance shared technical objectives, including work with foreign governments, industry peers, and public‑private forums where appropriate
• Serve as a force multiplier by enabling scaled adoption of data‑driven tools, techniques, and shared practices across functional domains
• Lead or support the design of bespoke solutions that augment analyst workflows and integrate with broader enterprise intelligence and incident response infrastructure
• Participate in research and prototyping of future‑focused analytics to assess new data sources, adversary tooling, and emerging platforms
Required qualifications, capabilities, and skills
• 15+ years of experience in cybersecurity, cyber operations, and signals intelligence, including leadership roles in high‑stakes, national‑level missions
• 5+ years of professional experience working outside US, preferably in EMEA, APAC, or LATAM. Demonstrated success operating in multi‑regional environments and collaborating across time zones
• Deep experience leading technical teams focused on threat attribution, malware analysis, mobile and network defense, and cyber threat intelligence production
• Demonstrated success in shaping and executing cyber strategies, including reallocating significant investments, modernizing analysis environments, and integrating new detection capabilities at scale
• Experience advising senior stakeholders, mediating complex information‑sharing or policy issues, and representing technical equities in cross‑agency or international forums
• Strong foundation in threat intelligence principles, risk identification, and security control assessments, with a track record of turning intelligence into operational outcomes
• Skilled in leveraging structured and unstructured datasets to derive insights, identify behavioral patterns, and inform both tactical and strategic decisions
• Excellent communication skills and ability to translate complex technical findings to both technical and non‑technical audiences, including executives and external partners
• Proven ability to build partnerships with external organizations (e.g., government, international partners, private sector) to advance common cyber defense objectives
• Active, industry‑standard cybersecurity certifications (e.g., GIAC Certified Forensic Analyst, GIAC Cyber Threat Intelligence) demonstrating technical depth and breadth in incident response, forensics, and threat intelligence