This is a senior, highly technical role within CRAFT, built for complex problem-solving beyond standard operational procedures . You will work across stealthy, long-dwell intrusion patterns and advanced tradecraft including credential abuse, supply chain targeting, living-off-the-land techniques, custom malware, infrastructure obfuscation, and exploitation of emerging vulnerabilities, including potential AI-augmented attacker behavior. Success looks like faster, higher-confidence investigative outcomes, stronger detections, and reduced dependency on ad hoc support from already constrained operational teams.
Hands-on technical research and analysis of cyber espionage activity, including APT TTPs, adversary infrastructure, and intrusion lifecycle behaviors, and you will translate technical detail into clear, actionable guidance for operational response.

You will augment CyberOps during high-priority incidents by providing rapid investigation support, hypothesis-driven analysi...