Intelligence and Services Operations Manager

About the Role: 

The Intelligence and Services Operations Manager is a critical connective role within the Dragos organization. This individual contributor position sits at the intersection of Threat Hunt, Threat Intelligence, and Services delivery teams, ensuring that the collective capability of these practices is coordinated, responsive, and operationally excellent — particularly during high-stakes events and surge operations. Reporting to the Sr. Director of Threat Fusion Operations, this role owns two primary mandates: (1) cross-functional operational coordination across all Intelligence and Services teams, and (2) strategic management and execution of the Dragos Neighborhood Keeper Trusted Adviser Program. The successful candidate will be equally comfortable building process infrastructure in the background and stepping into a fast-moving incident or event when the situation demands it. 

Responsibilities: 

• Own cross-functional operational coordination across Threat Hunt, Threat Intelligence, and Services teams — designing cadences, escalation protocols, and shared situational awareness channels that keep the right people informed and aligned.
• Step in as the operational coordinator during major incidents and surge events, bridging teams to ensure unified response, clear ownership, and nothing falling through the cracks when the threat landscape demands it.
• Manage the Neighborhood Keeper Trusted Adviser Program end-to-end — from onboarding and agreement execution through active partner engagement with government entities, ISACs, and sector partners.
• Facilitate intelligence sharing workflows including IOC and signature validation, TLP classification decisions, inbound submissions, and cross-community bulletins distributed to the right participants with the right handling.
• Identify and fix operational friction between teams — process gaps, unclear handoffs, and coordination debt — and build SOPs that codify how Intelligence Services teams work together, not just in isolation.
• Track and synthesize program and operational metrics across the IntServ organization, surfacing patterns and risks to leadership in clear, actionable reporting.
• Lead after-action reviews following major events and translate findings into durable improvements, continuously raising the operational maturity of the Intelligence Services organization.

Qualifications: 

• 5+ years of experience in intelligence operations, security operations, program management, or a closely related field within a cybersecurity or national security context.
• Demonstrated experience coordinating across multiple technical teams during time-sensitive or high-stakes events — you have been the person who keeps the trains running when things get complex.
• Familiarity with ICS/OT cybersecurity concepts, threat intelligence fundamentals, and the threat landscape facing critical infrastructure sectors.
• Experience managing external partner or stakeholder relationships in a structured, compliance-aware context — agreements, information sharing frameworks, and TLP protocols.
• Experience working with or within government cybersecurity entities, ISACs, or similar public-private partnership structures.
• Process-builder mindset: you create clarity out of ambiguity, document things that live only in people's heads, and build systems that scale.
• Comfort operating across multiple simultaneous workstreams with competing urgency — you triage effectively and don't lose track of the long-term while managing the immediate.

Compensation: 

• Salary: $170,000
• Competitive Equity Package  
• Comprehensive Benefits Plan 

#LI-JF1 #LI-REMOTE