Counterintelligence Specialist (Support to Insider Threat Program) - Mid-Level

The Counterintelligence (CI) Specialist supporting the Insider Threat Program provides dedicated analytical, operational, and policy support to USINDOPACOM's efforts to deter, detect, and mitigate insider threats across the Indo-Pacific theater. Operating under DoDI 5240.16, the Insider Threat Program integrates CI functional services, cyber operations support, behavioral indicators, personnel security information, and network monitoring to identify and respond to potential malicious insider activities. This position supports the J2X and Command Counterintelligence Coordinating Authority (CCICA) by reviewing insider threat indicators in real time, coordinating with key internal stakeholders, and helping develop best practices and reporting procedures for the Command.

Clearance: TS/SCI (with Poly if required)
Mission Area: USINDOPACOM J2X - Counterintelligence, HUMINT & Exploitation

Insider Threat Monitoring & Response

Conducts activities to detect, deter, and defend against possible or real-time insider threats, including espionage, foreign sabotage, insider-enabled cyber threats, and international terrorist activity.
• Provides rapid review and assessment of potential insider threats as they are detected within USINDOPACOM networks.
• Supports CI functional services (CIFS) and CI support to cyber operations as part of the broader Insider Threat mission.

Program Implementation & Coordination

• Assists in implementing the DoD Insider Threat Program (InTP) in accordance with DoDI 5205.16.
• Coordinates program development, processes, and policies with key Insider Threat stakeholders including:
• USINDOPACOM Staff Directorates
• Joint Cyber Center (JCC)
• Staff Judge Advocate
• Special Security Office (SSO)
• Naval Criminal Investigative Service (NCIS)
• Human Resources
• Command Psychologist
• Other personnel designated by CCICA
• Ensures program alignment with USINDOPACOM directives, DoD policy, and emerging threat trends.

Representation & Working Group Participation

• Represents J2X/CCICA in USINDOPACOM Insider Threat Program meetings and working groups.
• Participates in Insider Threat HUB activities, User Activity Monitoring (UAM) Team meetings, and related Insider Threat initiatives.
• Serves as a liaison across operational, legal, security, and behavioral domains to ensure coordinated response and threat mitigation.

Best Practices, Training & Process Improvement

• Develops Insider Threat best practices, guidance, and reporting standards for command units, focusing on identification, early warning indicators, and proper reporting procedures.
• Supports training and awareness activities that strengthen command-wide understanding of insider threat risks and reporting expectations.
• Provides recommendations to improve detection capabilities, program processes, and analytic methods in support of the Command's Insider Threat posture.

• Experience supporting CI operations, Insider Threat programs, personnel security, or cyber-enabled CI activities.
• Understanding of DoD Insider Threat Program policies, including DoDI 5205.16 and CI functional services.
• Ability to review, analyze, and synthesize behavioral, security, cyber, and personnel information into actionable assessments.
• Strong collaboration skills and experience coordinating with multiple DoD, IC, law enforcement, and security stakeholders.
• Strong written and oral communication skills, including the ability to brief senior leaders.

Preferred Qualifications

• Experience working within a Combatant Command or with USINDOPACOM staff elements.
• Background in cyber incident response, security operations, personnel vetting, or behavioral threat assessment.
• Familiarity with User Activity Monitoring (UAM), Insider Threat HUB functions, or related risk-identification technologies.

Bluehawk, LLC. is an Equal Opportunity/Affirmative Action Employer/EOE Minority/Female/Disabled/Veteran/Sexual Orientation/Gender Identity