Cyber Threat Operations & Intelligence Analyst

About The Position

Requirements

• Active TS/SCI security clearance with polygraph
• Bachelor’s Degree in computer science, information systems, network forensics or other data analysis roles.
• 10+ years of experience working in the areas of intelligence, information security, network forensics, insider threat or security operations.
• Specific understanding of key global areas of interest that pose threats to U.S. critical systems as well as an understanding of Advanced Persistent Threats (APTs), cyber actor motives and actions in depth.
• Experience with reporting and IC analyst knowledge resources.
• Experience with Elastic/Splunk or other Security Information and Event Management (SIEM) as well as experience creating visualizations and dashboards.
• Exceptional ability to analyze, correlate, and synthesize threat data from diverse sources.
• Ability to work with development teams and articulate requirements/enhancements to capabilities and tools.
• Ability to perform log file analysis including creating threat intelligence reports that indicate findings, mitigations, and confidence.
• Vast experience fanning advanced analytics, network diagrams, and other forms of associated knowledge to further understand systems, networks, environments, and adversaries.
• Experience working with IC mission cybersecurity analysts on understanding the adversary and developing mission specific TTPs.
• Experience with XKS creating general queries, fingerprinting, and identifying atypical events.
• Understanding of TCP/IP communication protocols and packet flows based on IP traffic; analysis of Packet Capture (PCAP) traffic in Wireshark
• Familiarity writing signatures in Zeek and/or Snort.

Responsibilities

• Analyzing, correlating, and operationalizing threat intelligence to support proactive defensive cyber activities.
• Pinpointing the highest levels of persistent cyber threats with the common goal to prevent and eradicate threats to critical U.S. systems.
• Reporting and using IC analyst knowledge resources.
• Creating visualizations and dashboards.
• Analyzing, correlating, and synthesizing threat data from diverse sources.
• Working with development teams and articulating requirements/enhancements to capabilities and tools.
• Performing log file analysis including creating threat intelligence reports that indicate findings, mitigations, and confidence.
• Fanning advanced analytics, network diagrams, and other forms of associated knowledge to further understand systems, networks, environments, and adversaries.
• Working with IC mission cybersecurity analysts on understanding the adversary and developing mission specific TTPs.
• Creating general queries, fingerprinting, and identifying atypical events using XKS.
• Analyzing TCP/IP communication protocols and packet flows based on IP traffic.
• Analyzing Packet Capture (PCAP) traffic in Wireshark.
• Writing signatures in Zeek and/or Snort.

Benefits

• medical
• dental
• vision
• paid time off
• 401(k)
• life insurance
• flexible work schedules
• holidays