Cyber Threat Intelligence Team Lead - USDS

Responsibilities
- Build, mature, and lead the Cyber Threat Intelligence team within TikTok USDS's FUSE Intelligence capability
- Define and implement a roadmap for continuing development of CTI capabilities including a tooling/technology ecosystem supporting enterprise and on-platform threat analysis
- Lead, mentor and develop team of CTI analysts focused on diverse threat intelligence collection and analytic tasks including Deep/Dark Web, malware analysis, vulnerability intelligence, strategic risk assessment, threat modeling, threat hunting/red team support, SOC support, detection engineering, and on-platform investigations.
- Develop and implement analytic playbooks and workflows focused on the curation and enrichment of internal and external intelligence sources; maintain and tune data flows within a Threat Intelligence Platform and/or other analytic tooling including SIEM.
- Support and expand a cross-functional intelligence consumer base that includes SOC, Incident Response, Threat Hunting, Detection Engineering, Red Team, Financial Crimes/Fraud team, and TikTok product/engineering teams through the delivery of tailored intelligence analytic products and solutions.
- Develop and implement automations to enhance intelligence collection and processing
- Identify and further develop current intelligence sources and reporting processes; manage acquisition and evaluation of premium intelligence sources and delivery of metrics on intelligence value (ROI) derived from tool and intelligence investment.
- Bolster and expand CTI investigative and analytic resources that can be applied to on-platform security challenges including fraud, attempted user account compromises, and other violative activities.
- Align CTI intelligence resources to FUSE interdisciplinary intelligence reporting, including cyber threat intelligence, converged risk, protective intelligence/threat management, criminal intelligence, and influence operations.

Qualifications

Minimum Qualifications
- Experience leading a cyber threat intelligence team within a global commercial enterprise or intelligence vendor
- Deep understanding of CTI team operations in conjunction with a SOC, Incident Response team, Red Team, Threat Hunting, Threat Detection, or other core CTI stakeholders.
- Technical knowledge sufficient to support analysis and investigation of complex threats to include network operations, cloud security principles, large data set manipulation, SQL querying, and basic malware analysis.
- Firm grasp of CTI analytic methodologies, tooling, and approaches to conducting threat actor analysis, TTP assessments, and intelligence contributions to detection engineering processes.
- Experience authoring intelligence products, aclear grasp of the intelligence lifecycle, and ability to integrate intelligence into a diverse range of security and enterprise workflows.

Preferred Qualifications:
- Demonstrated ability to lead a CTI team and mature capabilities over time.
- Excellent communication skills along with teamwork and collaboration abilities on global and multi-functional teams with different intelligence source groups
- Experience creating and disseminating reports to multi-level audiences in a technical environment
- Knowledge of cyber intelligence data sources and platforms while Demonstrating time management and prioritization skills
- Highly motivated to contribute and grow within a complex area of emerging importance in an enterprise environment

This role requires the ability to work with and support systems designed to protect sensitive data and information. As such, this role will be subject to strict national security-related screening.

Client-provided location(s): Washington, DC

Job ID: TikTok-7528179172326852871

Employment Type: OTHER

Posted: 2025-07-30T00:42:01