Key Role:

Supports technical and operational work for client partner agencies with the attribution and identification of new adversary infrastructure. Engages with US partner agencies extensively and document and develop findings. Provides technical support to client field offices and other intelligence partner agencies. Feeds intelligence community (IC) reporting derived from raw packet capture or NetFlow analysis while developing innovative ways to exploit data. Collaborates actively with law enforcement, counterintelligence, and IC peers to provide a greater comprehension of Cyber threats.

Basic Qualifications:

• Experience with intelligence analysis

• Experience with Splunk or SIEM tools

• Knowledge of Advanced Persistent Threats

• Ability to use netflow traffic to identify malicious behavior

• Ability to identify APT traffic and enrich IOCs via IC reporting and databases

• Ability to analyze network traffic data for anomalous or malicious content with tools

• Ability to think and work independently with minimal supervision

• Top Secret clearance

• HS Diploma or GED

Additional Qualifications:

• Experience with using both Windows and UNIX

• Experience with Cyber Threat Reporting, both open and closed source

• Experience in development with Python, including Elasticsearch

• Experience with building searches and dashboard in Kibana

• Experience with finding new and innovative ways of identifying signaturable activity for attribution of CNO activity

• Ability to use verbal and written expertise to craft and deliver briefings

• Bachelor's degree

Clearance:

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Top Secret clearance is required.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.