Cyber Intelligence Analyst

About The Position

Requirements

• Minimum of 8 years with BS/BA; Minimum of 6 years with MS/MA; Minimum of 3 years with PhD
• Clearance: active TS/SCI with CI Poly
• Demonstrative experience with SIGINT and Analytics and Modernization (AMOD)
• Deep understanding of processing PCAP/packets efficiently and experience with cyber discovery and identification of indicators of compromise (IOCs)
• Demonstrative experience with network protocol analyzer such as Wireshark, TCP Dump, etc.
• Experience with sustained Intrusion Set - ability to link indicator and target-related information
• Familiarization with scripting such as python or object-oriented
• Experience with correlating Network Traffic collection from SIGINT resources
• Experience with tradecraft associated with Persona/Capability/Infrastructure development
• Excellent written and verbal communication skills to business, management, and technical teams
• Understanding of the Intelligence Cycle
• Knowledge of and connections with the Industry Base supporting diverse technical efforts within the IC
• Ability to apply advanced cybersecurity and communication technology principles, theories, and concepts contributing to the development of innovative Cyber Discovery principles and ideas
• Experience working on unusually complicated problems and providing solutions that are highly creative and resourceful.
• Apply a deep understanding of adversary networks, network defenses, and cyber network operational capabilities to develop exploitation plans and make operational adjustments as plans are executed.

Nice To Haves

• Master's degree in computer science, Information Security, Cybersecurity, Intelligence Studies, Security Studies, or related field.
• Experience in either DoW or IC organizations conducting cyber operations.
• Additional industry technical certifications: NET+, SEC+, CEH, CISSP, OSCP, OSCE, CCSP; GCFA (or other GIAC certification)

Responsibilities

• Evaluate target opportunities using all-source data to understand and map target networks, and to assist in developing detailed exploitation and operations plans
• Analyze SIGINT and cybersecurity data at multiple levels up and down the OSI network stack and demonstrate a solid understanding of logical/physical IP core infrastructure, communication devices and how they connect to networks, and the traffic movements in a network.
• Develop new tradecraft needed to perform this analysis as technologies evolve
• Work collaboratively with government, military, and other contractor personnel to develop shared understandings of intelligence needs, mission relevance, and areas of expertise
• Apply innate curiosity and analytical talent to form hypotheses, critically assess and choose analysis techniques: query, merge, enrich, evaluate, and pivot within data to attain and share insights
• Distill, document, contextualize and share findings--including any new tradecraft that is developed--with teammates, stakeholders, and intelligence consumers
• Conduct in-depth analysis of cyber threat intelligence, including emerging malware, vulnerabilities, and attack vectors.
• Collect, evaluate, and fuse intelligence from diverse sources, including open-source intelligence (OSINT), signals intelligence (SIGINT), and Human intelligence (HUMINT). Identify correlations and patterns to enhance situational awareness and predictive analysis
• Assess the potential impact of cyber threats on network infrastructure and operations. Collaborate with cyber defense teams to develop and implement mitigation strategies and countermeasures
• Provide intelligence support during cyber incident response activities, including analysis of indicators of compromise (IOCs), attribution of cyber-attacks, and identification of adversary tactics, techniques, and procedures (TTPs)
• Prepare and deliver clear and concise intelligence products, including reports, briefings, and presentations, for a diverse audience, including senior leadership, operational stakeholders, and technical teams.