CI Cyber Threat Analyst IV

About The Position

Requirements

• Minimum of 11 years Threat Analysis experience, of which at least 5 years include Technical Threat Analysis experience or cyber investigations
• Possess or obtain DoD 8570.01-M Information Assurance (IA) II certification within one calendar year of assignment at the sole expense of the vendor
• Active TS/SCI clearance required

Nice To Haves

• Credentialed graduate of an accredited federal or DoD CI training academy
• Bachelor's degree in science, Technology, Engineering or Mathematics disciplines
• Post-graduate degree in Science, Technology, Engineering, or Mathematics disciplines
• Knowledge and understanding of foreign adversaries' security and intelligence services, terrorist organizations, and threats posed to US Government
• Experience translating Government vision into understandable and achievable measures
• Experience using supervisory skills to coach teammates to achieve objectives
• Ability to monitor and track progress towards achievable measures

Responsibilities

• Produce weekly actionable Technical CI (Cyber) status reports in collaboration with teammates, NGA partners and intelligence community peers; provide relevant input for 36 weekly cyber status reports due NLT 0800 each Monday morning
• Produce monthly Technical CI threat reports for non-quarterly/non-annual report months; provide relevant input for 8 monthly reports due NLT 5th day of each applicable month
• Produce quarterly Technical CI threat reports in collaboration with teammates, NGA partners and Intelligence Community peers; provide relevant input for three quarterly reports due NLT 5th day of January, April, and July
• Produce relevant input to the CI Cyber Branch annual Cyber Threat Assessment in collaboration with teammates, NGA partners and Intelligence Community peers; annual assessment due NLT 11 December
• Produce a minimum of 9 Intelligence Information Reports (IIRs) within the fiscal year from data collected by the Technical CI team, NGA cybersecurity personnel, or partner agencies
• Perform inquiries of anomalous activity using automated investigative tools (e.g., M3, Palantir, TAC, ARCSIGHT, RSA Security Analytics, CCD, QLIX, TIDE or Criss Cross)
• Provide Technical CI advice and expertise in support of CI inquiries, operations and issues
• Develop leads by detecting anomalous activity, conducting open source and classified research, and liaison with internal and external partners
• Conduct research, evaluate collection, and perform analysis on Technical CI intelligence topics of interest to leadership, analysts and customers
• Demonstrate ability to draw high-quality, appropriate and objective conclusions from information in a timely manner
• Research, analyze, and synthesize All-Source data to identify patterns, commonalities, and linkages
• Demonstrate current subject matter expertise on Technical CI issues, threats and trends (e.g., Cyber threats and Technical Surveillance threats)
• Demonstrate proficiency in bottom-line-up-front (BLUF) writing and produce clearly written, properly sourced and grammatically correct intelligence products that adhere to established style guide and template standards
• Display ability to collaborate with internal NGA and external IC/Cyber community members
• Coordinate CI Cyber activities originating from Enterprise Incident Response Events
• Conduct liaison between CI Office, Insider Threat, Cyber Security Operations Center (CSOC), other NGA Offices, and IC/DoD partners as applicable to the CI Cyber Mission
• Perform threat analysis, threat forecasts, threat alerts, and recommend countermeasures