Revolutional delivers advanced technology solutions and mission support to federal agencies across civilian, health, and national security environments. We apply modern capabilities, including AI/ML, cloud, cybersecurity, and IT modernization to solve complex challenges, enable faster and more secure operations, and drive measurable mission outcomes.
We are redefining how federal technology gets built and delivered by operating with a product mindset, prioritizing speed, ownership, and execution over bureaucracy.
Location: Onsite – Government-controlled secure facility
Terms: Full-time
Clearance: Active Top Secret/SCI required
Travel: 0-10%
This position leads the Cyber Threat Intelligence function for a federal enterprise cybersecurity program operating within government-controlled secure facilities. The CTI function is the program's strategic intelligence capability — identifying real and potential threats to computing infrastructure, reviewing and responding to Prioritized Intelligence Requirements (PIRs), and disseminating classified threat briefings and reports that drive both operational response and long-range risk management decisions.
The core challenge: producing actionable, finished all-source intelligence at the classified level that keeps pace with an evolving threat landscape — and leading a CTI team that delivers that intelligence with analytical rigor, tradecraft discipline, and the speed the mission demands.
As Lead Cyber Threat Intelligence Analyst at Revolutional, you are the senior intelligence practitioner and functional lead for the CTI team. You identify potential and real threats to enterprise computing infrastructure, develop risk mitigation strategies, and produce and disseminate classified cyber threat briefings and reports to government leadership and operational teams. You set the analytical standard for the team, own the PIR review process, and ensure every finished product reflects sound tradecraft and current threat awareness.
You bring 7 to 10 years of intelligence experience — with deep grounding in both Threat/Warning Analysis (NICE: AN-TWA-001) and All-Source Analysis (NICE: AN-ASA-001) — and the leadership credibility to run a classified CTI function within a government secure facility. You operate with analytical rigor, produce intelligence that drives decisions, and build a team that does the same.
- Lead the Cyber Threat Intelligence function; set analytical standards, manage team workload, and serve as the senior intelligence authority for all CTI products and assessments
- Identify potential and real threats to enterprise computing infrastructure across classified and unclassified source streams; assess threat actor intent, capability, and opportunity
- Develop and communicate risk mitigation strategies based on current threat intelligence; translate analytical findings into actionable defensive recommendations for security operations and program leadership
- Review, manage, and respond to Prioritized Intelligence Requirements (PIRs); ensure the CTI team's collection and production efforts are aligned with the most critical information needs
- Produce and disseminate classified cyber threat briefings and reports; deliver finished intelligence to government leadership and operational teams at both strategic and tactical levels
- Integrate all-source intelligence — classified, open-source, and technical — into comprehensive threat assessments that reflect the full intelligence picture
- Apply Threat/Warning Analysis tradecraft to deliver early indications and warnings of emerging cyber threats, adversary campaigns, and shifts in threat actor behavior
- Coordinate with SOC, incident response, and threat hunting teams to ensure CTI products are operationally relevant and drive detection and response improvements
- Maintain classified access and handle all intelligence products in accordance with applicable security protocols within government-controlled secure facilities
- Ensure CTI team compliance with NICE Cybersecurity Workforce Framework role-based training requirements
- Develop and maintain intelligence production standards, product templates, and analytical procedures that ensure consistency and quality across the CTI function
- Bachelor's degree in Intelligence Studies, Political Science, Computer Science, Information Security, or related field (or equivalent experience)
- 7 to 10 years of intelligence-related experience with a focus on cyber threat analysis and finished intelligence production
- Demonstrated experience in Threat/Warning Analysis (NICE: AN-TWA-001) and All-Source Analysis (NICE: AN-ASA-001) competency areas
- Experience leading or managing a CTI team or intelligence production function
- Active Top Secret/SCI clearance (Final) required
- Must work onsite within a government-controlled secure facility
- Deep experience identifying and assessing real and potential cyber threats to enterprise computing infrastructure using structured analytic tradecraft
- Proficiency producing finished all-source intelligence products: threat assessments, warning products, PIR responses, and classified briefings at both strategic and tactical levels
- Experience reviewing and managing Prioritized Intelligence Requirements (PIRs) and aligning production efforts to collection priorities
- Demonstrated experience disseminating classified cyber threat briefings and reports to senior government and operational audiences
- Hands-on experience applying Threat/Warning Analysis tradecraft including Early Indications and Warnings methodologies
- Experience integrating classified, open-source, and technical intelligence streams into comprehensive finished products
- Familiarity with MITRE ATT&CK and D3FEND frameworks applied to threat actor profiling and analytical product development
- Working knowledge of the NICE Cybersecurity Workforce Framework AN-TWA-001 and AN-ASA-001 role definitions and associated training requirements
- Analytically authoritative: your assessments are grounded in evidence, structured in tradecraft, and defensible under peer and leadership review
- Senior intelligence leader who sets the production standard, develops analyst capability, and ensures the team's output is consistently mission-quality
- Audience-calibrated communicator — your classified briefings land with senior government leadership and your tactical products are equally actionable for SOC operators
- Operationally connected: you build CTI products that drive decisions and detection improvements, not just analytical archives
One or more of the following is required or strongly preferred:
- GCTI (GIAC Cyber Threat Intelligence), CISM (Certified Information Security Manager), CISSP, CySA+, or equivalent senior intelligence or security credential
- Role-based training required per NICE Cybersecurity Workforce Framework AN-TWA-001 and AN-ASA-001 — must be current or completed within required timeframes
- Prior Intelligence Community (IC) experience in a cyber-focused all-source or warning analytical role
- Experience managing PIR processes and collection management in a classified federal environment
- Background in nation-state adversary tracking, geopolitical threat analysis, or strategic threat assessment
- Experience with threat intelligence platforms (TIPs) and structured data sharing frameworks at the classified level
- Familiarity with FISMA and NIST SP 800 series as they apply to intelligence-informed risk management
- Experience building or maturing a CTI function from early capability to full production maturity
#DICE #LinkedIn
___________________________________________________________________________________________________________
Here at Revolutional we are pleased to have been repeatedly recognized for our outstanding work culture, the innovative work we do, and the employees on our team who make a difference each day. Some of these recognitions include:
- Recognized as a Top 20 "Best Place to Work in Virginia"
- Recipient of Department of Labor's HireVets Gold Medallion
- Great Place to Work Certification for five years running
- A Virginia Chamber of Commerce Fantastic 50 company
- A Northern Virginia Technology Council Tech 100 company
- Inc. 5000 list of fastest growing companies for eleven years
- Two-time SBA SBIR Tibbett's Award winner
- Virginia Values Veterans (V3) Certification
We recognize that every bit of our success is the result of our teams of hard-working, motivated, and innovative professionals who are proud to call themselves part of the Revolutional family! In addition to competitive compensation, a family-focused culture, and a dynamic, productive work environment, we offer all full-time employees a variety of benefits including, but not limited to
- Traditional and HSA- eligible medical insurance plans
- 100% employer-paid dental and vision insurance options
- 100% employer-sponsored STD, LTD, and life insurance
- 5% 401(k) company matching
- Flexible-schedules and teleworking options
- Paid holidays and PTO Accrual Plans
- Paid Parental Leave
- Professional development and career growth opportunities
Team and company-wide events, recognition, and appreciation- - and so much more!
Check out our Revolutional | LinkedIn to find out a little more about who we are and if we are the right next step for your career!
Revolutional is an Equal Opportunity Employer providing equal employment opportunity to all employees and applicants for employment without regard to race, color, religion, national origin, age, gender, gender identity, sexual orientation, disability, or genetics. Revolutional does and will take affirmative action to employ and advance in employment individuals with disabilities and protected veterans. To perform the above job successfully, an individual must possess the knowledge, skills, and abilities listed; meet the education and work experience required; and must be able to perform each essential duty and responsibility satisfactorily. Other duties in addition to those listed may be assigned as necessary to meet business needs. Reasonable accommodation will be made to enable an applicant with a disability to successfully apply for and/or perform the essential duties of the job. If you are in need of an accommodation, please contact [email protected].