• Develop AI agents, assistants, bots and automations applied to Customer Success processes. • Support the mapping of AI use opportunities in routines such as onboarding, engagement, renewals, risk analysis, estimates/forecasting and decision support. • Work together with CS teams to enable practical, secure and business-aligned applications. • Build, maintain and evolve automations that support operational workflows and the scalability of the area. • Use n8n as the primary tool for maintaining, improving and expanding implemented AI solutions. • Use Python to extend existing solutions, develop new automations and create new AI applications. • Integrate solutions via APIs and automated flows, ensuring stability, traceability and alignment with business processes. • Perform maintenance, operational monitoring and continuous improvement of already implemented AI Agents. • Ensure the sustainment of production AIs by monitoring operation, stability, business alignment and opportunities for improvement. • Support balancing the roadmap between operations, enhancement of existing deliverables and development of new initiatives. • Participate in CS Ops rituals to understand operational pain points, gather requirements and support the construction of viable solutions. • Ensure governance best practices, data quality, traceability and documentation of the applied solutions.

Role Description The Cyber Threat Intelligence Analyst supports the Small Business Administration (SBA) Enterprise Cybersecurity Services (ECS) program by delivering advanced cyber threat intelligence, threat analysis, proactive threat hunting, and operational cybersecurity support services. The Cyber Threat Intelligence Analyst is responsible for: - Collecting, analyzing, correlating, and disseminating actionable cyber threat intelligence to support the SBA Security Operations Center (SOC), cybersecurity operations, incident response activities, and enterprise risk mitigation efforts. - Supporting 24x7x365 cybersecurity operations through advanced analysis of indicators of compromise (IOCs), adversary tactics, techniques, and procedures (TTPs), emerging vulnerabilities, and threat actor activity impacting federal information systems and cloud environments. Qualifications - Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, Intelligence Studies, Information Assurance, or related discipline. Relevant experience may substitute for degree requirements. - Minimum of 5 years of experience supporting cybersecurity operations, cyber threat intelligence, threat hunting, incident response, or SOC operations. - Experience analyzing threat intelligence, indicators of compromise, adversary TTPs, and cybersecurity attack methodologies. - Hands-on experience with SIEM, EDR, IDS/IPS, network analysis, and cyber defense tools. - Experience conducting threat hunting and advanced event correlation across enterprise environments. - Knowledge of federal cybersecurity frameworks and guidance including NIST SP 800-61, NIST SP 800-53, and CISA operational guidance. - Understanding of MITRE ATT&CK framework and cyber kill chain methodologies. - Experience with cloud security monitoring and threat analysis in Microsoft Azure, AWS, Microsoft 365, and hybrid environments. - Strong analytical, investigative, communication, and reporting skills. - Ability to support 24x7x365 cybersecurity operational environments. Requirements - Provide cyber threat intelligence and operational analysis support for the SBA SOC in support of Task Area 3.5.3 Cybersecurity Operations Support. - Conduct proactive cyber threat hunting activities across enterprise systems, cloud environments, endpoints, and network infrastructure. - Analyze indicators of compromise (IOCs), threat actor tactics, techniques, and procedures (TTPs), malware behaviors, and emerging cyber threats. - Monitor and evaluate cyber threat intelligence feeds, vendor reporting, CISA advisories, US-CERT alerts, and external intelligence sources. - Perform advanced correlation and analysis of security events, SIEM data, IDS/IPS alerts, EDR telemetry, DNS logs, firewall logs, and network traffic. - Support incident response and cybersecurity investigations through intelligence-driven analysis and threat attribution support. - Develop cyber threat intelligence reports, operational briefings, situational awareness products, and executive-level summaries. - Assist with the identification of previously unknown attack vectors and suspicious activity through threat hunting and anomaly analysis. - Support digital forensics and incident analysis activities in coordination with SOC analysts, engineers, and incident responders. - Develop and maintain threat intelligence playbooks, threat models, attack scenarios, and adversary profiles. - Perform analysis of cloud security events and cyber threats impacting Microsoft 365, Azure, AWS, Salesforce, and hybrid cloud environments. - Conduct research on advanced persistent threats (APTs), ransomware groups, insider threats, nation-state actors, and emerging cyber attack trends. - Provide recommendations for defensive countermeasures, detection logic improvements, and enhanced security monitoring capabilities. - Assist in the development of threat signatures, SIEM use cases, detection analytics, and threat detection content. - Support continuous improvement of cybersecurity operations, threat intelligence workflows, and incident response processes. - Coordinate with federal stakeholders, law enforcement, privacy officials, insider threat teams, and mission partners during cyber incident activities. - Document investigative findings, intelligence assessments, and operational actions within case management and reporting systems. - Participate in SOC operational meetings, shift briefings, incident coordination calls, and cybersecurity readiness activities. - Maintain awareness of evolving cybersecurity technologies, federal threat reporting requirements, and NIST cybersecurity guidance. - Support cybersecurity communications, intelligence sharing, and collaboration activities across the SBA enterprise. Benefits - GIAC Cyber Threat Intelligence (GCTI) - GIAC Certified Incident Handler (GCIH) - GIAC Certified Forensic Analyst (GCFA) - Certified Information Systems Security Professional (CISSP) - CompTIA CySA+ - Certified Ethical Hacker (CEH) - Splunk Enterprise Security Certified Admin - Microsoft Security Operations Analyst Associate (SC-200)

• Acompanhar em tempo real a saúde de servidores, aplicações e infraestrutura de rede através de ferramentas específicas. • Identificar, registrar e atuar sobre alertas de sistemas operacionais e aplicações conforme procedimentos definidos (POPs). • Realizar a coleta detalhada de evidências de falhas para facilitar o suporte das áreas especialistas. • Seguir fluxos críticos de acionamento de times técnicos e gestão de crises. • Monitorar o ciclo de vida de chamados e mudanças, garantindo o cumprimento dos prazos de SLA. • Rodar scripts agendados, tarefas de estabilização e processos de rotina operacional. • Elaborar relatórios e comunicar o status de incidentes aos stakeholders via canais de mensageria oficiais.

• Analyze and diagnose complex system issues • Identify root causes and resolve or escalate appropriately • Plan, design, implement, maintain, optimize, and support applications • Gather, validate, and translate complex technical requirements into design and development specifications • Collaborate with clinical users and IT teams through evaluation, design, testing, implementation, and maintenance • Address highly technical issues during installation and maintenance • Coordinate preparation, coding, testing, and debugging of complex programs • Design, analyze, and build workflows to meet user needs • Configure and integrate electronic and mechanical hardware with software solutions • Gather and analyze data to troubleshoot incidents • Document process and resolution • Document design, application, and technical specifications • Assist with support and training materials • Identify reporting needs and collaborate with report developers • Partner with vendors to resolve system issues and improve performance and usability • Recommend system improvements to vendors • Review documentation for upgrades and monthly system updates; assess impacts • Provide Tier 2 and Tier 3 end-user support • Mentor team members on technical and customer support skills • Act as project lead for complex initiatives • Participate in on-call rotation as required