Applicants must have demonstrated experience as listed below. This requirement is according to the AO Classification, Compensation, and Recruitment Systems which include interpretive guidance and reference to the OPM Operating Manual for Qualification Standards for General Schedule Positions. Specialized Experience: Applicants must have at least one full year (52 weeks) of specialized experience which is in or directly related to the line of work of this position. Specialized experience is demonstrated experience must demonstrate ALL areas defined below: Leading enterprise detection engineering, threat hunting, and cyber threat intelligence programs in support of continuous cybersecurity operations and organizational cyber defense objectives. Directing the development, implementation, and execution of proactive threat hunting strategies to identify sophisticated, emerging, or previously undetected adversary activity across enterprise environments. Establishing and maintaining governance, standards, methodologies, and quality assurance processes for detection engineering programs to ensure operational effectiveness, consistency, and alignment with organizational cybersecurity objectives. Leading the production, analysis, and operational integration of cyber threat intelligence to inform detection engineering priorities, guide threat hunting activities, and support risk-based cybersecurity and organizational decision-making. Desired (but not required) certifications: Offensive Security Professional (OSCP) GIAC Reverse Engineering Malware (GREM) GIAC Certified Forensic Analyst (GCFA) GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)Offensive Security certifications relevant to malware or exploit analysis