Cybersecurity Threat Actor Communications & Negotiations Director

Job Description

Company: Irongate Cybersecurity

Location: McLean, US

We are seeking a seasoned and strategic Director – Threat Actor Communications & Negotiations to lead our specialized team responsible for managing ransomware extortion cases and direct threat actor engagement. This role requires deep expertise in ransomware ecosystems, negotiation strategy, and threat intelligence, along with strong leadership and client communication skills. The Director will oversee senior consultants, guide negotiation posture, and ensure operational excellence across high-stakes engagements.

Key Responsibilities:
• Lead and manage a team of senior consultants specializing in threat actor communications and ransomware negotiations.
• Oversee the development and execution of negotiation strategies, ensuring alignment with client objectives, legal guidance, and risk tolerance.
• Serve as an escalation point for complex or sensitive negotiations.
• Collaborate with legal counsel, cyber insurance carriers, and executive stakeholders during active incidents.
• Ensure accurate documentation of all communications, decisions, and outcomes across the team.
• Maintain and evolve playbooks, SOPs, and threat actor profiles based on emerging trends and case learnings.
• Provide coaching, mentorship, and performance feedback to team members.
• Monitor team workload, quality of deliverables, and adherence to timelines and protocols.
• Contribute to strategic planning, service development, and client relationship management.

Qualifications:

Required Experience:
• 3+ years of experience in ransomware negotiations, threat intelligence, or equivalent law enforcement experience.
• 1+ year of experience leading or mentoring a team in a high-pressure environment.
• Proven experience in threat actor communications and ransomware negotiations.

Preferred Experience:
• Experience in law enforcement, military, or crisis negotiation a Plus
• Experience working with legal counsel and cyber insurance carriers during high-stakes incidents.

Technical Skills:
• Understanding of ransomware variants, TTPs, and the MITRE ATT&CK framework
• Familiarity with secure communication platforms and operational security (OpSec) best practices.
• Ability to analyze threat actor language and behavior for psychological and strategic insights.
• Proven experience in threat actor communications and ransomware negotiations.

Certifications (Preferred):
• GCTI – GIAC Cyber Threat Intelligence
• CTIA – Certified Threat Intelligence Analyst
• Certified Cyber CounterIntelligence Analyst
• OSINT Training and Certifications
• Negotiation or crisis management training (e.g., FBI Crisis Negotiation, Harvard PON)

Key Attributes:
• Calm under pressure with excellent judgment in high-stakes situations.
• Strong written and verbal communication skills.
• High emotional intelligence and cultural awareness.
• Discretion, professionalism, and a strong ethical compass.

IronGate Cybersecurity is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment based on individual merit, skills, and performance, without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristics protected by law.

Company DescriptionIronGate Cybersecurity is at the forefront of defending companies from cyber threats. As a trusted leader in cybersecurity solutions, our Professional Services Team leverages cutting-edge technology and deep industry expertise to provide comprehensive security assessments, incident response, and digital forensic analysis. Join us in our mission to protect our clients from the ever-evolving landscape of cyber threats.

Source: ZipRecruiter