CDAP Team Lead

Program Overview

About The Role

We are seeking a highly skilled and innovative CDAP Team Lead to join our team in the greater DMV area, supporting the Army National Guard.

Key Responsibilities

• Lead CDAP analytics operations: design methodologies, prioritize assessments, and oversee analytic workflows across telemetry sources.
• Develop and validate normalized data models, tuning logic, high‑value analytic signatures, and detection use cases.
• Produce technical assessments, CDAP findings, and executive‑level mission summaries to inform SOC, CIRT, detection engineering, and leadership.
• Coordinate integration of analytic outputs with SOC, CIRT, RCC‑ARNG, NETCOM, ARCYBER, and mission stakeholders to prioritize mitigations and enhance monitoring coverage.
• Oversee QA/repeatability of analyses; ensure methods meet DoD/Army guidance and produce defensible, reproducible results.
• Drive modernization: evaluate analytic tools, improve ingestion/pipelines, and refine assessment procedures.
• Mentor analysts, establish analytic standards, and maintain documentation, playbooks, and validation artifacts.
• Present findings and recommendations to senior leadership and support readiness/reporting requirements.

#ENOCS

Qualifications

Required Qualifications

• Minimum of 8 years with BS/BA; Minimum of 6 years with MS/MA; Minimum of 3 years with PhD
• Clearance: TS/SCI (active)
• Education / Training / Certification: Candidate must meet ONE:
  1. Master’s or Ph.D. in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, or Software Engineering; OR
  2. Relevant DoD/Military advanced analytic/cyber training (examples: 4C‑255N/4C‑255S/4C‑255A, A‑531‑0009, Vulnerability Assessment Analyst (Advanced) Playlist); OR
  3. Relevant professional certifications or equivalent experience (examples: CFR, CISA, CISM, CySA+, GPEN, GSNA).
• Experience: Progressive cyber analytic or threat‑analysis experience with at least 3 years leading analytic teams or programs in enterprise/DoD environments.
• Technical skills: Advanced telemetry analytics, threat hunting, statistical/ML methods, large‑scale data processing, SIEM/SOAR, network/jump host telemetry, scripting (Python/R), and experience mapping to MITRE ATT&CK.
• Knowledge: CDAP/CDOC processes, RMF/RMF evidence needs, DoD/Army analytic standards, and ability to produce decision‑grade intelligence/technical assessments.

Desired / Preferred

• Prior CDAP, SOC, CIRT, or ARCYBER/NETCOM analytic experience
• Experience with big‑data platforms, analytics toolchains (ELK, Splunk, Kafka, Spark), adversary emulation, and purple‑team activities
• Proven record of delivering executive briefs and technical assessments that drove detection or architecture changes

#ENOCS

SCA / Union / Intern Rate or Range

Details

Target Salary Range: $112,000 - $179,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual’s experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.

Benefits Statement: Peraton offers eligible employees a variety of benefits including medical, dental, vision, life, health savings account, short/long term disability, EAP, parental leave, 401(k), paid time off (PTO) for vacation, and company paid holidays. A full listing of available benefits can be viewed at

Application Duration Statement: The application period for the job is estimated to be 30 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates.

EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.