Manager, Cyber Threat Intelligence and Focused Operations

Location: FL Pensacola - Operations Full/Part Time: Full-Time Regular/Temporary: Regular

Job Description


You have goals, dreams, hobbies and things you’re passionate about.

What’s Important to You Is Important to Us
We’re looking for people who not only want to do meaningful, challenging work, keep their skills sharp and move ahead, but who also take time for the things that matter to them—friends, family and passions. And we're looking for team members who are passionate about our mission—making a difference in military members' and their families' lives. Together, we can make it happen.

Don’t take our word for it.

  • FORTUNE 100 Best Companies to Work For®
  • Computerworld® Best Places to Work in IT
  • FORTUNE® Best Workplaces for Millennials
  • Forbes® America’s Best Employers
  • PEOPLE® Companies That Care


Basic Purpose

This position is responsible for Navy Federal’s Cyber Threat Intelligence and Focused Operations programs within the Cybersecurity Operations Center (CSOC), responsible for cyber threat intelligence, adversary emulation, and threat hunt operations. The Manager will work closely with Cybersecurity leadership to define the strategic vision for the program and continuously develop and mature an intelligence-driven computer network defense program. The Manager will work closely with additional teams of cybersecurity analysts and engineers to protect Navy Federal’s brand, data, and IT assets from cyber-based threats.


• Oversee the development of the Cyber Threat Intelligence and Focused Operations programs.
• Track and perform adversary emulation based on TTP’s as defined within the MITRE ATT&CK framework as well as subsequent and detection validation.
• Proactively search for data exposures or related incidents, indications of compromise, and providing advanced threat analysis for security events.
• Develop and maintain a catalog of intelligence products for a diverse stakeholder audience as well as intelligence requirements to drive collection, processing, analysis and dissemination of cyber threat information.
• Support the Incident Response & Monitoring team and other areas of the CSOC in the effective detection, analysis, containment, and eradication of malicious activity.
• Collaborate with industry partners and internal lines of business to discover and analyze threats.
• Escalating issues to management in a timely manner with appropriate information regarding risk and impact.
• Develop and establish operational metrics and reporting based on KPI's/KRI’s and OKR’s.
• Manage personnel to include establishing KSA’s, performance management and professional development, and provide leadership, guidance, and technical expertise.
• Provide external audit evidence/support and assure compliance to required standards, procedures, guidelines and processes.
• Regularly conduct Lessons Learned / After Action Reviews.
• Execute ad-hoc tasks or lead small projects as needed.



• Previous experience building out an operational capability, preferably within a cyber-related function.
• A strong understanding of the current threat landscape and adversary tactic, techniques and procedures (TTP's).
• Experience in adversary emulation, dark/deep web research, and threat hunting.
• Understanding of the intelligence cycle, analytical tradecraft, threat modeling, and research methodologies.
• A strong desire to solve challenging and complex problems.
• Strong deductive reasoning and critical thinking abilities.
• Experience with CND-based analytical frameworks (e.g., Cyber Kill Chain, Pyramid of Pain, MITRE ATT&CK, etc.).
• Experience delivering senior leader presentations and written products.
• Excellent verbal and written communication skills to include the ability convey technical details in a clear and understandable manner to both, technical and non-technical audiences alike.
• Previous supervisory or management experience over a technical team.
• Strong leadership qualities to include the ability to team-build, lead, mentor, and motivate others.
• The ability to foster team work and collaboration across operational teams.
• Strong planning and organizational skills for the purposes of prioritizing tactical/strategic initiatives and achieving goals.


• Experience with leveraging Splunk or other big data analytic platforms.
• Relevant certifications GIAC (e.g., GCIH, GCIA, GCFA, etc.), CEH, CISSP, Security+.
• Prior experience working in financial services or other highly-regulated sector.
• Experience managing a geographically dispersed workforce.

Hours: Monday - Friday, 8:00am - 4:30pm

Location: 820 Follin Lane, Vienna, VA 22180 or 5550 Heritage Oaks Drive, Pensacola, FL 32526 (occasional travel between the two sites is required)

Equal Employment Opportunity

Navy Federal values, celebrates, and enacts diversity in the workplace.  Navy Federal takes affirmative action to employ and advance in employment qualified individuals with disabilities, disabled veterans, Armed Forces service medal veterans, recently separated veterans, and other protected veterans.  EOE/AA/M/F/Veteran/Disability


Navy Federal reserves the right to fill this role at a higher/lower grade level based on business need.

Bank Secrecy Act

Remains cognizant of and adheres to Navy Federal policies and procedures, and regulations pertaining to the Bank Secrecy Act.