Cyber Threat Intelligence Specialist

Description

• We're a 'Family Friendly' certified workplace – we understand the often many and varied roles our team members need to play within their own unique family setting and actively support them.

Our team feel Leidos is a great place to work. Learn more about our culture and benefits by visiting us here

Do Work That Matters
Leidos Australia delivers IT and airborne solutions that protect and advance the Australian way of life. Our 2000 local experts, backed by our global experience and network of partners, are working to solve the world's toughest challenges in government, intelligence, defence, aviation, border protection and health markets.

Your New Role And Responsibilities
The Cyber Threat Intelligence Specialist is a technically focused role within the cross-functional Cyber Security team, responsible for leading the organisation's threat intelligence capability. This includes the operation and enhancement of the MISP platform, advanced analysis of external threat feeds, and the production of actionable intelligence to support vulnerability management, incident response, and strategic risk decisions.

You will maintain awareness of adversary tactics, indicators of compromise, and emerging vulnerabilities by correlating information from ACSC CTIS, CISA Known Exploited Vulnerabilities, the US National Vulnerability Database, and other curated MISP feeds. Intelligence outputs will directly inform the Security Risk Management Plan, threat models, and continual improvement cycles.

This is a hands-on position focused on platform operation, feed management, and threat analysis. You'll also be responsible for documenting intelligence products that are traceable, actionable, and relevant to the supported environment, while also contributing across broader security operations.

This role requires flexibility, collaboration, and a willingness to support team objectives across all areas of cyber defence while still focusing on Cyber Threat Intelligence.

Key Responsibilities

• Operate and maintain the MISP threat intelligence platform, integrating structured threat feeds and known malware indicators, while tuning feeds to improve the relevance and quality of threat data.
• Correlate threat intelligence with known vulnerabilities and incident data to support prioritised mitigation, patching, and risk-based decision-making across the environment.
• Generate high-quality intelligence outputs, including threat profiles, risk narratives, contributions to the Security Risk Management Plan (SRMP) and other audit-ready documentation.
• Provide enriched indicators of compromise and attribution context during incident response activities, supporting containment and recovery efforts in collaboration with internal and customer security teams.
• Actively contribute to broader cyber security operations, supporting incident response, vulnerability management, endpoint security management, compliance activities, and continuous improvement initiatives as part of a small, cross-functional team.

Qualifications & Experience

• Proven experience operating or administering MISP or a similar Threat Intelligence Platform (TIP) in a production environment, with a strong understanding of platform integration and maintenance.
• Familiarity with cyber threat intelligence standards and frameworks such as STIX, TAXII, MITRE ATT&CK, and the Cyber Kill Chain, and their application in real-world threat analysis.
• Practical experience working with structured threat feeds and enrichment sources (e.g., CVE/NVD, CTIS, CISA KEV), and applying this intelligence to support vulnerability and incident response workflows.
• Strong written communication skills, with the ability to produce clear, actionable threat intelligence artefacts, technical documentation, and operational advisories for diverse audiences.
• A collaborative and inclusive approach to cyber defence, with a passion for continuous learning, teamwork, and contributing to a shared security mission as part of a wider team.

This role does require the successful applicant to be an Australian Citizen and hold or be able to obtain an NV1 level security clearance.
Diverse Team Members, Shared Values and a Common Purpose
Providing our customers with smarter solutions takes an incredible team with diversity of thought, experience and perspectives driving innovation. Inclusion is at the heart of our culture and is one of our core values. It's about creating a workplace where everyone can do important work, feels welcome, valued, and respected, and has equal access to opportunities to thrive. Paul Chase – Chief Executive, Leidos Australia.
Leidos Australia is an equal opportunities organisation and is committed to creating a truly inclusive workplace. We welcome and encourage applications from Aboriginal and Torres Strait Islanders, culturally and linguistically diverse people, people with disabilities, veterans, neurodiverse people, and people of all genders, sexualities, and age groups.

Our five Advocacy Groups (Women and Allies Network, Young Professionals, Defence & Emergency Services, Action for Accessibility and Abilities and Pride+) provide an opportunity for team members to connect and collaborate on shared interests, and work to support and celebrate our diverse community.

Next Steps

• To apply for this role, follow the links or apply via our Careers page.
• Recruitment process - virtual / face to face interview & background checks.
• Applicants may also need to meet International Traffic in Arms Regulations (ITAR) requirements. In certain circumstances this can place limitations on persons who hold dual nationality, permanent residency or are former nationals of certain countries as per ITAR 126.1.
• We are committed to making our recruitment process accessible to all candidates. Please contact our Careers team if you'd like to discuss any additional support during your application or throughout the recruitment process.

If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo — because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 — and moving faster than anyone else dares.

Original Posting
For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.