Cyber Threat Analyst, Mid

Key Role:
Provide technical and operational support to client partner agencies. Assist clients and partner agencies with the attribution and identification of new adversary infrastructure. Conduct extensive US partner agency engagement and document developments and findings via operational lead reports and technical reports. Provide technical support to client field offices and other intelligence partner agencies. Generate intelligence community reporting derived from raw packet capture or Netflow analysis. Develop network and malware signatures, including Snort and YARA for the identification of malicious activity. Collaborate actively with law enforcement, counterintelligence, and intelligence community peers to provide a greater comprehension of Cyber threats.

Basic Qualifications:
-5+ years of experience in a Cybersecurity role, including threat analyst, malware analyst, or forensic examiner

-Experience with Advanced Persistent Threat (APT) analysis
-Knowledge of basic internet protocols
-Ability to analyze network traffic data for anomalous or malicious content with tools, including Wireshark, NetworkMiner, Dshell, tcpdump, or tshark
-Ability to think and work independently with minimal supervision
-Active TS/SCI clearance with a polygraph

-HS diploma or GED

Additional Qualifications:

-Experience with using both Windows and UNIX
-Experience with scripting or programming languages, including Bash scripting, Perl, and Python
-Experience with digital forensics and malware analysis
-Ability to reverse engineer network or malware communication protocols allowing for identification of infrastructure, functionality, transport methods, and decoding of control processes
-BA or BS degree
-Active Cyber Certification, including GIAC Penetration Tester (GPEN), GIAC Exploit Researcher and Advanced Penetration Tester (GXPN), GIAC Certified Forensic Examiner (GCFE), GIAC Certified Forensic Analyst (GCFA), GIAC Reverse Engineering Malware (GREM), or EnCase Certified Examiner (EnCE)

-GIAC Network Forensic Analyst (GNFA), GIAC Certified Intrusion Analyst (GCIA), GIAC Certified Incident Handler (GCIH), or CISSP Certification

Clearance:
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance with polygraph is required.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.

Not ready to apply? Join our talent community and sign up for job alerts.