Threat Intelligence Engineer

Who is Element?

We serve as a partner at the intersection of innovation and our clients' needs, efficiently crafting meaningful user experiences for government and commercial customers. By breaking down complex problems to their fundamental elements, we create modern digital solutions that drive efficiencies, maximize taxpayer dollars, and deliver essential outcomes that serve the people. 

Why Work at Element?

Make an impact that resonates-join our vibrant team and discover how you can improve lives through digital transformation.  Our talented professionals bring unparalleled energy engagement, setting a higher standard for impactful work. Come be a part of our team and shape a better future. 

Position Overview 

Element is looking for an experienced, permanent/full-time Threat Intelligence Engineer. The candidate will directly support Element’s Threat Intelligence program to identify, assess, and to ensure the solution meets operational needs for monitoring, oversight, and investigation responsibility through actionable threat intelligence and proactive risk mitigation strategies.

The ideal candidate is a technical expert with deep knowledge of the threat landscape and strong analytical skills. This role involves advanced threat analysis, intelligence reporting, and direct coordination with security operations teams to enhance situational awareness and threat detection capabilities. Prior experience working within or alongside law enforcement or the intelligence community is highly desirable. As a member of this project, you will help ensure the delivery of healthcare to millions of Americans by monitoring and preventing fraud, waste, and abuse.

• Monitor, ingest, and analyze cyber threat intelligence from open-source (OSINT), commercial feeds, and federal/government alerting sources to detect threats relevant to the client’s systems and infrastructure.
• Produce timely, actionable intelligence reports and briefings tailored to multiple audiences including technical staff, SOC teams, and executive leadership.
• Lead investigations and attribution analysis on Insider Threats, Advanced Persistent Threat (APT) activity, malware campaigns, phishing operations, and zero-day vulnerabilities.
• Collaborate closely with Security Operations Center (SOC), incident response, and vulnerability management teams to validate indicators of compromise (IOCs) and enhance detection capabilities.
• Maintain expert-level knowledge of attacker Tactics, Techniques, and Procedures (TTPs) and apply threat modeling frameworks such as MITRE ATT&CK.
• Contribute to the development of threat profiles, risk assessments, and mitigation recommendations to improve the client’s cybersecurity resilience.
• Align intelligence efforts with compliance and regulatory requirements, including FISMA, FedRAMP, and HIPAA.
• Deliver written analysis and verbal briefings to both technical and non-technical stakeholders, distilling complex threat information into strategic guidance.

• Bachelor’s degree in Cybersecurity, Information Assurance, Computer Science, or a related technical field.
• Minimum of 5 years of hands-on experience in cyber threat intelligence, threat analysis, or incident response.
• Proficiency with threat intelligence platforms (TIPs), SIEM tools such as Splunk or QRadar, and EDR tools.
• In-depth knowledge of threat actor tactics and current trends in cybercrime, nation-state activity, and vulnerability exploitation.
• Familiarity with NIST Cybersecurity Framework (CSF), FISMA, and other federal cybersecurity standards.
• Excellent analytical thinking and written/verbal communication skills with the ability to brief executive audiences.

• Prior experience supporting federal healthcare-focused cybersecurity programs.
• Experience working in or with federal law enforcement or intelligence agencies (e.g.,FBI, DHS, NSA, CIA, military intelligence).
• Active security clearance (Secret, Top Secret, or TS/SCI).Certifications such as GIAC Cyber Threat Intelligence (GCTI), CISSP, CEH, or similar.
• Hands-on experience with threat intelligence sharing standards and tools (e.g., STIX, TAXII, MISP).Experience supporting or working within SOC or CSIRT environment.
• Ability to transform technical data and indicators into executive-level narratives that inform strategic decisions.
• Exceptional verbal and written communication skills with the ability to build trust across diverse teams.

Location

Be in your Element residing anywhere in the Continental US. We are a remote-first company based in Washington, DC.

Element is an Equal Opportunity Employer all qualified applicants will receive consideration for employment without regard to age, ancestry, race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, marital status, protected veteran status, or any other legally protected class. 

We believe in a world where solutions we build improve the lives of those who use them.