Manager, Cyber Threat Intelligence & Countermeasures

Location: VA Vienna - Headquarters Full/Part Time: Full-Time Regular/Temporary: Regular

Job Description

Employee Perks

Why You Will Love Being Part of the Navy Federal Team:

*Competitive compensation with opportunities for annual raises, promotions, and bonus potential
*Best-in-Class Benefits! (7% 401k match / Pension plan / Tuition reimbursement / Great insurance options)
*On-site amenities include fitness center, wellness center, cafeteria, etc. at Pensacola, FL; Vienna, VA and Winchester, VA campuses
*Consistently Awarded Top Workplace
*Nationally recognized training department by TRAINING Magazine IND123
*An employee-focused, diverse, and service-oriented workplace environment

Basic Purpose

This position is responsible for the Cyber Threat Intelligence & Countermeasures program within the Navy Federal Cybersecurity Operations Center (CSOC).  The Manager will work closely with Cybersecurity leadership to define the strategic vision for the program and continuously develop and mature an intelligence-driven computer network defense program.  The Manager will work closely with additional teams of cybersecurity analysts and engineers to protect Navy Federal’s brand, data, and IT assets from cyber-based threats.


• Oversee the cyber threat intelligence program supporting both employees and a growing customer member base from cyber-based threats. 
• Continue to developing and maturing an existing cyber threat intelligence program.
• Develop and maintain a catalog of intelligence products for a diverse stakeholder audience to include tactical, operational and strategic reports, and threat briefings.
• Develops and refines intelligence requirements to drive collection, processing, analysis and dissemination of cyber threat information.
• Support the Incident Response & Monitoring team and other areas of the CSOC in the effective detection, analysis, containment, and eradication of malicious activity.
• Establish standards around cultivating intelligence sources, analyzing information, creating intelligence, proactively searching for exposures or related incidents, and providing advanced threat analysis for security events.
• Implement traditional intelligence analysis/research methods and utilize various tools to proactively address cyber threats.
• Collaborate with industry partners and internal lines of business to discover and analyze threats.
• Escalating issues to management in a timely manner with appropriate information regarding risk and impact.
• Develop and establish operational metrics and reporting based on Key Performance Indicators (KPI's).
• Manage personnel to include establishing KSA’s (Knowledge Skills, Abilities), performance management and professional development, and provide leadership, guidance, and technical expertise.
• Provide external audit evidence/support and assure compliance to required standards, procedures, guidelines and processes.
• Execute ad-hoc tasks or lead small projects as needed.



• Expert-level understanding of the intelligence cycle, analytical tradecraft, threat modeling, and research methodologies.
• Previous experience building out an operational capability, preferably within a cyber-related function.
• A strong understanding of the current threat landscape and adversary tactic, techniques and procedures (TTP's).
• A strong desire to solve challenging and complex problems.
• Strong deductive reasoning and critical thinking abilities.
• Experience with CND-based analytical frameworks (e.g., Cyber Kill Chain, Pyramid of Pain, MITRE ATT&CK, etc.).
• Experience using and evaluating threat intelligence platforms and external intelligence enrichment sources.
• Experience delivering senior leader presentations and written products.
• Excellent verbal and written communication skills to include the ability convey technical details in a clear and understandable manner to both, technical and non-technical audiences alike.
• Previous supervisory or management experience over a technical team.
• Strong leadership qualities to include the ability to team-build, lead, mentor, and motivate others.
• The ability to foster team work and collaboration across operational teams.
• Strong planning and organizational skills for the purposes of prioritizing tactical/strategic initiatives and achieving goals.


• Traditional Intelligence Community (IC) background.
• Experience in adversary emulation, dark/deep web research, and threat hunting.
• Experience with Splunk or other big data analytic platforms.
• Experience with link analysis tools such as Palantir, Analyst Notebook, and Maltego.
• Relevant certifications and training - GIAC (e.g., GCIH, GCIA, GCFA, etc.), CEH, CISSP, Security+.
• Prior experience working in financial services or other highly-regulated sector.
• Experience managing a geographically dispersed workforce.
• Previous experience building out an operational capability, preferably within a cyber-related function.

Pensacola, FL or Vienna, VA (occasional travel between these locations is required)

Monday-Friday, 8:00AM-4:30PM

Equal Employment Opportunity

Navy Federal values, celebrates, and enacts diversity in the workplace.  Navy Federal takes affirmative action to employ and advance in employment qualified individuals with disabilities, disabled veterans, Armed Forces service medal veterans, recently separated veterans, and other protected veterans.  EOE/AA/M/F/Veteran/Disability


Navy Federal reserves the right to fill this role at a higher/lower grade level based on business need.

Bank Secrecy Act

Remains cognizant of and adheres to Navy Federal policies and procedures, and regulations pertaining to the Bank Secrecy Act.