Cyber Threat Analyst, Mid

Key Role:

Produce technical, analytic, and investigative support to client partner agencies. Provide clients and partner agencies with the attribution and identification of new adversary infrastructure to conduct extensive US partner agency engagement and document developments and findings. Enhance technical support to client field offices and other intelligence partner agencies to identify and counter foreign cyber threats against U.S. information systems, infrastructure, and cyber-related interests. Create intelligence community reporting by performing all source analysis and open-source research to support ongoing investigations and intelligence collection. Perform raw packet capture or NetFlow analysis while developing innovative ways to exploit data. Coordinate actively with law enforcement, counterintelligence, and intelligence community peers to provide a greater comprehension of Cyber threats.

Basic Qualifications:

  • 3+ years of experience in a Cybersecurity role, including cyber intelligence, cyber threat analysis, incident response, cyber investigations, malware analysis, or network forensics
  • Knowledge of intelligence gathering principles, policies, and procedures, including legal authorities and restrictions
  • Knowledge of cyber threat intelligence models, including MITRE ATT&CK, Kill Chain, and Diamond Model
  • Knowledge of network security architecture concepts, including topology, protocols, components, principles, and well-known networking protocols and services, including FTP, HTTP, SSH, SMB, and LDAP
  • Ability to vet, enrich, and maintain technical data, including indicators of compromise, shared from partner agencies and key stakeholders
  • Ability to extract threat data, including IP’s, domains, ports, malware, and malicious communications from multiple sources
  • TS/SCI clearance with a polygraph
  • Bachelor’s degree

Additional Qualifications:

  • Experience with Python
  • Experience with Elasticsearch, Logstash, and Kibana (ELK) Stack
  • Experience with Packet analysis tools, including tcpdump, Wireshark, and ngrep
  • Experience with Splunk
  • Experience with alternate scripting or programming languages, including Bash scripting, Perl, and Java
  • Ability to think and work independently with minimal supervision
  • Ability to communicate and present to a variety of internal and external audiences, including senior executives
  • Ability to prioritize and execute in a methodical and disciplined manner
  • Ability to lead staff and processes
  • Possession of excellent verbal and written communication skills


Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance with polygraph is required.

We’re an equal employment opportunity/affirmative action employer that empowers our people to fearlessly drive change – no matter their race, color, ethnicity, religion, sex (including pregnancy, childbirth, lactation, or related medical conditions), national origin, ancestry, age, marital status, sexual orientation, gender identity and expression, disability, veteran status, military or uniformed service member status, genetic information, or any other status protected by applicable federal, state, local, or international law.

DRE1, ID15

Not ready to apply? Join our talent community and sign up for job alerts.