Cyber Threat Intelligence Analyst (DoD Secret Clearance)

About The Position

Requirements

• Bachelor's Degree in Computer Science, or related technical field.
• Must be a US Citizen with ability to obtain and maintain a Government Top Secret/SCI security clearance.
• 2-4 years' progressive work experience within Information Security.
• At least 2 years' experience in a threat hunting, intrusion detection or threat intelligence role.
• At least 2 years' experience with technical writing and developing technical documents.
• Strong experience analyzing various log formats such as those from endpoints, networking devices, and authentication services.
• Experience with analyzing raw packet capture.
• Scripting capabilities (Python, PowerShell, Bash, Shell).
• Understanding of how to collect IOCs and utilize them to identify intrusions.
• Extensive knowledge of current and past malware, attack methodologies, and adversaries.
• Knowledge of incident response methodologies and technologies.
• Experience applying frameworks such as the Cyber Kill Chain, Diamond Model and MITRE ATT&CK.
• Understanding of current industry trends and emerging threats.
• Strong oral, written, and presentation abilities.
• Able to operate collectively within a small, team, sometimes with minimal oversight.

Nice To Haves

• Master's Degree in Computer Science or related technical field.
• Holds an intermediate level, industry recognized, certification (GCIA/GCIH/GCFA/GNFA/GCTI/GREM)
• 3+ years of experience in a threat intelligence, or cyber threat intelligence role.
• Experience in intelligence collection, analysis, and creation of products.
• Experience working with a Threat Intelligence Platform (MISP, Anomali, X-Force, etc)
• Deep knowledge related to the functionality of Windows OS, Mac OS-X, and Linux Operating systems and associated file systems (NTFS, HFS, ext, exFAT, etc)
• Strong scripting capabilities (Python, PowerShell, Bash, Shell).
• Preferred TS/SCI clearance, but only SECRET is required.
• Experience operating in classified environments.

Responsibilities

• Collect cyber threat information from multiple sources and disciplines, including but not limited to Government agencies in the Intelligence Community and open-source channels.
• Process and analyze collected information to identify threats and vulnerabilities that could impact the environment.
• Monitor open-source channels to identify and report hostile actions targeting the Agency.
• Track and utilize attacker IOCs and TTPs to identify patterns of adversary activity over time.
• Produce intelligence products (written, verbal) for Government leadership and security stakeholders.
• Collaborate with internal and external cyber intelligence groups.
• Conduct asset identification, network discovery, and software inventory.
• Embrace a culture of continuous service improvement and service excellence.
• Stay up to date on security industry trends, threats, vulnerabilities, and APT activity.
• Provide risk assessments and develop reporting for Government leadership.
• Create and maintain SOPs and workflows related to cyber threat intelligence functions and operational requirements.

Benefits

• Customer-focused, performance-based solutions using technology and an empowered workforce
• Invest in our people because they are our greatest asset.
• Attract the best and brightest within their field.