Cyber Fraud Jobs (NOW HIRING)

Position Title: Principal Cyber Fraud Analytics Manager
Company: Strategic Technology Institute, Inc. (STi)
Location: Lanham, MD / New Carrollton Federal Building — Primarily on-site client support
Anticipated Start Date: 01 October 2026
Security / Screening Requirement: Ability to complete U.S. Federal Government background investigation, fingerprinting, and IRS staff-like access requirements
Contract: IRS Cybersecurity Fraud Analytics and Monitoring (CFAM) Support Services
Key Personnel / Labor Category: Senior Principal/Manager EMPLOYMENT NOTE
• Full-time position contingent upon contract award and customer approval. STi is actively identifying highly qualified candidates for proposal submission and rapid post-award onboarding.
• Period of Performance: 01 October 2026 – 30 September 2031
• Primary work location is on-site at the New Carrollton Federal Building, 5000 Ellin Road, Lanham, MD 20706.
• Standard business hours are generally 8:30 AM–5:00 PM ET, Monday–Friday, unless otherwise approved by the Government.
• No travel is currently anticipated for this role. ABOUT STi
Strategic Technology Institute, Inc. (STi) supports national security missions across Engineering • MRO • Logistics • IT & Cybersecurity • Program Control. STi is a minority-owned Small Disadvantaged Business (SDB) focused on delivering flexible, mission-driven solutions that help Federal customers solve complex operational challenges. POSITION OVERVIEW
STi is seeking a Principal Cyber Fraud Analytics Manager to support the IRS Cybersecurity Fraud Analytics and Monitoring (CFAM) program. This role will provide senior technical leadership across predictive analytics, forensic analytics, model governance, data architecture, ETL, SIEM/log analysis, platform advisory, and integration of new applications and credential service providers into the IRS fraud analytics ecosystem. The ideal candidate combines advanced analytics, cybersecurity data science, fraud detection, data engineering, and senior advisory experience in a sensitive Federal, financial services, intelligence, law enforcement, or high-volume digital services environment. This role is especially suited for a senior technical leader who can interpret complex data, guide model and indicator development, advise Government stakeholders, mentor analytics teams, and communicate findings clearly to both technical and executive audiences. This position maps to the Senior Principal/Manager key personnel labor category and requires the ability to serve as a principal technical spokesperson, anticipate technical needs, advise clients on analytical developments, and solve complex problems involving both technical and operational variables. PRIMARY DUTIES AND RESPONSIBILITIES
Responsibilities include:
• Provide senior technical leadership across predictive analytics, forensic analytics, data mining, model governance, data architecture, ETL, SIEM/log analysis, platform advisory, and SADI/CSP/application integration activities.
• Guide development and customization of analytical algorithms used to detect anomalous, malicious, and fraudulent activity across IRS online applications and protected digital services.
• Advise on model and fraud indicator selection, feature engineering, validation methods, threshold logic, drift review, explainability, false-positive/false-negative analysis, and technical documentation.
• Review data-source completeness, schema quality, lineage, normalization, retention assumptions, query performance, ingestion logic, and analytical fitness for CFAM use cases.
• Support development of ETL processes, data ingestion models, analytical data sets, data dictionaries, model documentation, governance artifacts, and repeatable technical standards.
• Advise on integration of data mining results with existing IRS systems, dashboards, reports, analytical environments, and stakeholder decision processes.
• Lead technical resolution of ambiguous findings, data-quality problems, model performance concerns, emerging fraud patterns, and cross-system analytical issues.
• Support analysis of structured and unstructured data, application logs, transaction data, identity-related data, and user behavior patterns to identify anomalous or fraudulent activity.
• Prepare and review technical briefings, white papers, executive summaries, monthly findings, technical recommendations, and model/data governance artifacts.
• Mentor analytics, data engineering, and platform advisory staff; provide independent technical review before deliverables or operational recommendations are submitted.
• Support security, privacy, records, secure development, vulnerability, logging, and data-handling requirements for analytics artifacts and technical work products.
• Collaborate with Government stakeholders, application owners, CSPs, cybersecurity teams, business units, and technical SMEs to improve fraud detection and mitigation outcomes. MINIMUM QUALIFICATIONS
• Bachelor’s degree in data science, statistics, computer science, cybersecurity, engineering, operations research, applied mathematics, information science, or a related field; equivalent demonstrated experience may be considered. Master’s degree preferred.
• 9–11+ years of relevant experience in advanced analytics, cybersecurity data science, fraud analytics, data architecture, software/domain engineering, incident forensics, high-volume operational analytics, or digital identity analytics.
• Demonstrated ability to serve as a principal technical spokesperson, advise clients on technical developments, anticipate technical needs, and solve complex problems through analysis of situations and data.
• Hands-on experience with advanced statistical, machine learning, and data mining methods, including classification, clustering, association rules, regression, inference, validation methods, time-series analysis, NLP/text mining, network/link analysis, anomaly detection, and uncertainty modeling.
• Experience with big-data and analytics platforms, SQL/noSQL databases, Spark, Elasticsearch, Parquet or equivalent data formats, Python, R, Java, Linux shell scripting, Splunk/SIEM, and visualization or dashboard tools.
• Experience developing analytical data sets, ETL processes, ingestion models, data dictionaries, model documentation, governance artifacts, and technical standards for repeatable analytics.
• Experience with cyber fraud, digital identity, authentication/authorization user flows, application-layer fraud detection, transaction monitoring, incident forensics, or risk analytics.
• Experience communicating complex technical findings to senior leaders, business owners, cybersecurity stakeholders, and non-technical decision makers.
• Experience in Government, financial services, intelligence community, law enforcement, or similarly sensitive operational environments.
• Ability to work primarily on-site in Lanham, MD and support urgent technical analysis or executive-response needs.
• Ability to successfully complete U.S. Federal Government background investigation, fingerprinting, and IRS staff-like access requirements. PREFERRED QUALIFICATIONS
• Prior IRS, Treasury, Federal cybersecurity, SADI/digital identity, identity proofing, credential service provider, online taxpayer service, or high-volume digital fraud experience.
• Advanced degree in data science, statistics, computer science, engineering, operations research, applied mathematics, information science, cybersecurity, or a related field.
• Certifications such as CISSP, CISM, CRISC, Security+, cloud architecture, Splunk, data science, machine learning, GIAC, or digital forensics credentials.
• Experience with FISMA, NIST SP 800-53, NIST SP 800-63 digital identity concepts, IRS Publication 4812, RMF/ATO artifacts, vulnerability management, secure SDLC, SBOM/attestation, or supply chain risk management.
• Experience designing model governance, data governance, quality control, peer review, and auditable technical documentation processes.
• Experience supporting cyber analytics, fraud detection, SOC, Watch Operations, incident management, or application-layer security monitoring environments. WORK ENVIRONMENT
• Primary place of performance is the New Carrollton Federal Building in Lanham, MD.
• Work supports a high-visibility IRS cybersecurity fraud analytics mission environment.
• The role requires collaboration with Government cybersecurity stakeholders, application owners, SADI/CSP stakeholders, data engineers, analytics teams, and senior leadership.
• Work is primarily performed on-site during standard business hours, with potential need to support urgent analysis, time-sensitive findings, or executive-level responses when required.
• No travel is currently anticipated. Keywords: principal data scientist, fraud analytics, cyber fraud analytics, cybersecurity data science, predictive analytics, forensic analytics, machine learning, anomaly detection, data mining, ETL, Splunk, SIEM, Python, R, Java, SQL, noSQL, Spark, Elasticsearch, Parquet, digital identity, SADI, CSP, authentication, IRS, Treasury, FISMA, NIST, incident forensics, model governance EEO: STi is an Equal Opportunity Employer. All qualified applicants will receive consideration without regard to race, color, religion, sex, national origin, age, disability, genetic information, protected veteran status, or any other protected status.