Please paste the following URL into a browser to view the entire job posting in the CAPPS Career Section: https://capps.taleo.net/careersection/ex/jobdetail.ftljob=00058494
You may apply to the job directly through the CAPPS Career Section. It is not necessary to apply both through Work In Texas and CAPPS Career Section
How to ApplySelect the link below to search for this position: https://capps.taleo.net/careersection/371/jobsearch.ftllang=en
Enter the job posting number and#8220; and#8221; in the keyword search.
You must create a CAPPS Career Section candidate profile or be logged in to apply.
Update your profile and apply for the job by navigating through the pages and steps.
Once ready, select and#8220;Submitand#8221; on the and#8220;Review and Submitand#8221; page.
If you have problems accessing the CAPPS Career Section, please follow the instructions in theResetting CAPPS Password for Job Candidatedesk aid.The Senior Cyber Threat Intelligence Analyst performs highly advanced (senior-level) cybersecurity and intelligence analysis work leading complex cyber threat intelligence efforts that support Texas leadership, Texas Cyber Command operations, and external mission partners. The position serves as a senior analytic resource responsible for integrating strategic, operational, and technical intelligence to inform executive decision-making, support cybersecurity operations, and enhance statewide cyber resilience. Work includes leading high-impact intelligence initiatives, coordinating analytic efforts across teams and stakeholders, advancing intelligence tradecraft and methodologies, and providing expert guidance on emerging cyber threats, adversary capabilities, and risk trends affecting Texas government and critical infrastructure. Works under minimal supervision with extensive latitude for the use of initiative and independent judgment.Essential Job DutiesStrategic Intelligence Leadership and AnalysisLeads complex cyber threat intelligence analysis efforts and produces high-impact intelligence products supporting executive decision-making, operational planning, and cybersecurity operations. Directs and conducts advanced analysis of threat actors, campaigns, tactics, techniques, and procedures (TTPs), geopolitical developments, and emerging risks affecting Texas government and critical infrastructure. Develops strategic warning products, executive briefings, campaign assessments, actor profiles, and sector-specific intelligence reporting. Identifies long-term threat trends, systemic vulnerabilities, recurring exploit patterns, and emerging operational risks requiring enterprise attentionIntelligence Integration, Coordination, and Operational SupportLeads the integration of cyber threat intelligence into cybersecurity operations, incident response activities, and organizational decision-making processes. Coordinates intelligence support during active cybersecurity incidents by providing advanced contextual analysis, attribution assessments, and operational intelligence to accelerate detection, response, and recovery efforts. Develops and oversees the dissemination of indicators, detection logic, and intelligence reporting for operational use by cybersecurity teams and mission partners. Collaborates with security operations, incident response, forensics, threat hunting, and partner organizations to refine intelligence priorities, improve information sharing, and enhance operational effectiveness.Stakeholder Engagement, Advisement, Mission CoordinationServes as a senior representative of the organizationand#8217;s intelligence function in engagements with executive leadership, governmental entities, critical infrastructure partners, and external stakeholders. Provides expert advisement and strategic briefings regarding cyber threats, emerging risks, intelligence trends, and operational impacts. Facilitates interagency coordination and information sharing initiatives and supports the development of collaborative intelligence relationships across state, federal, local, and private-sector partners. May provide guidance, mentoring, and technical leadership to analysts and other personnel.Tradecraft, Innovation, and Program DevelopmentLeads efforts to strengthen intelligence tradecraft, analytic rigor, and continuous improvement initiatives across intelligence operations. Establishes and promotes standards for sourcing, confidence assessment, structured analytic techniques, and product quality. Evaluates and applies emerging technologies, including artificial intelligence and large language model tools, to improve analytic workflows and intelligence capabilities while ensuring responsible and appropriate use. Identifies opportunities to enhance methodologies, processes, tools, and intelligence integration across the organization.
Qualifications: Minimum QualificationsSeven (7) years of experience in cyber threat intelligence, all-source intelligence analysis, or a closely related analytic discipline
Demonstrated experience producing written intelligence products for varied audiences, from executive leadership to technical defenders
Working knowledge of adversary tradecraft, intrusion lifecycle concepts, and common analytic frameworks (e.g., MITRE ATTCK, Diamond Model, kill chain)
Familiarity with indicator types, detection logic, and the lifecycle of technical indicators from discovery to dissemination
Ability to read and interpret technical artifacts (e.g., logs, network data, malware reports, vulnerability disclosures) to develop analytic judgments
Experience using AI-assisted tools in an analytic workflowPreferred QualificationsExperience:Experience leading or coordinating cyber threat intelligence efforts, projects, or analytic initiatives
Experience producing intelligence for state, local, federal, or military consumers, or for critical infrastructure operators
Regional or actor-specific expertise in one or more of: China, Russia, Iran, or DPRK cyber programs
Sector-specific familiarity with energy, water, elections, public safety, healthcare, or financial services threat landscapes
Experience working alongside SOC, incident response, or threat hunting teams, including during active incidents
Familiarity with CTI platforms, indicator standards (e.g., STIX/TAXII), and detection languages (e.g., YARA, Sigma) sufficient to author or review content
Experience briefing senior executives or elected officials
Experience designing, integrating, or evaluating LLM-based analytic workflows, including prompt development and handling of sensitive dataLicensure:GIAC Certified Cyber Threat Intelligence (GCTI)
Certified Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM), and/or
CompTIA Security+ or CySA+Knowledge, Skills, and AbilitiesKnowledge of advanced cybersecurity and cyber threat intelligence principles, methodologies, adversary tradecraft, and incident response practicesKnowledge of computer systems, networks, operating systems, security technologies, and cybersecurity operational environmentsKnowledge of computer systems, networks, operating systems, applications, and security technologies, including their capabilities and limitations.Knowledge of intelligence analysis techniques, confidence assessment methodologies, structured analytic techniques, and intelligence reporting standardsSkill in leading complex intelligence analysis efforts and producing high-quality intelligence products for executive and operational audiencesSkill in synthesizing strategic, operational, and technical information into actionable intelligence and recommendationsSkill in briefing, advising, and communicating effectively with technical personnel, executive leadership, and external stakeholdersSkill in the use of cybersecurity tools, inte
