Role Description
:
As a Cyber Threat Intelligence Analyst, you will provide analysis on relevant threats to the customer environment in support of overall defensive efforts. You will deliver tactical context surrounding adversarial Tactics, Techniques, and Procedures (TTPs) and support Network Security Monitoring (NSM) and Incident Response (IR) teams.
Your primary responsibility is to analyze various sources of threat-related data using standard toolsets and methodologies and provide risk-related recommendations for action.
Qualifications:
1. Perform daily review of cyber threat warnings, bulletins, alerts, and incident reporting documentation.
2. Conduct research on emerging security threats and provide correlation and trending of cyber incident activity.
3. Maintain knowledge of adversary activities, including intrusion set TTPs.
4. Communicate events to agencies regarding intrusions and compromises to network infrastructure, applications, and operating systems.
5. Provide cyber threat assessments based on threat analysis; coordinate cyber threat tracking with other organizations and government partners.
6. Compile detailed investigation and analysis reports.
7. Compile and maintain internal Standard Operating Procedure (SOP) documentation.
8. Ensure documentation and capabilities remain compliant with Chairman of the Joint Chiefs of Staff Manual (CJCSM) .01B and other applicable policy directives.
9. Participate in program reviews, product evaluations, and onsite certification evaluations.
10. Support incident response actions (surge operations).
Clearance Level:
11. Minimum of a Top Secret (TS) Clearance, with ability to obtain Top Secret / Sensitive Compartmented Information (TS/SCI)
Education:
12. Bachelor’s degree or higher from an accredited university or technical college.
Certifications:
13. Must meet applicable Department of Defense (DoD) and DoD Information Assurance Technical (IAT) Level III certification requirements.
14. Must meet applicable DoD Cybersecurity Network Defense (CND) certification requirements.
Experience:
15. At least five years of experience in a cybersecurity or threat intelligence environment.
16. Position may require up to 10% travel.
Preferred:
17. Ability to write finished intelligence products based on highly technical subject matter for less technical or non-technical audiences.
18. Ability to develop specialized expertise, discern patterns in complex threat actor behavior, and communicate understanding of current and emerging cyber threats.
19. Ability to leverage online research tools to identify and navigate online forums, specialized websites, social media, and traditional sources.
20. Knowledge of Transmission Control Protocol / Internet Protocol (TCP/IP) network communication protocols.
Highly desired:
21. Self-motivated and passionate about cybersecurity and intelligence analysis.
22. Excellent oral and written communication skills, including the ability to brief senior leadership and agency groups.
23. Experience with analytical tools such as Augury, Splunk, Elastic, Threat Analysis Console (TAC), Palantir, Shodan, Analyst Notebook, or other threat intelligence platforms.
24. Experience collaborating and coordinating with intelligence community partners on cybersecurity topics.