Cyber Threat Analyst, Mid

Key Role:

Provide technical, analytic and investigative support to client partner agencies. Assist clients and partner agencies with the attribution and identification of new adversary infrastructure. Conduct extensive US partner agency engagement and document developments and findings. Experience managing, analyzing, and communicating results to senior management. Provide technical support to client field offices and other intelligence partner agencies to identify and counter foreign cyber threats against U.S. information systems, infrastructure, and cyber-related interests. Support intelligence community reporting by performing all source analysis and open-source research to support ongoing investigations and intelligence collection. Perform raw packet capture or netflow analysis while developing innovative ways to exploit data. Collaborate actively with law enforcement, counterintelligence, and intelligence community peers to provide a greater comprehension of Cyber threats.

Basic Qualifications:

  • 5+ years of experience in a Cybersecurity role, including cyber intelligence, cyber threat analysis, incident response, cyber investigations, malware analysis, or network forensics
  • Knowledge of intelligence gathering principles, policies, and procedures including legal authorities and restrictions
  • Knowledge of cyber threat intelligence models, including MITRE ATT&CK, Kill Chain, and Diamond Model
  • Knowledge of network security architecture concepts, including topology, protocols, components, principles, and well-known networking protocols and services, including FTP, HTTP, SSH, SMB, and LDAP
  • Ability to vet, enrich, and maintain technical data, including indicators of compromise, shared from partner agencies and key stakeholders
  • Ability to extract threat data, including IP’s, domains, ports, malware, and malicious communications from multiple sources
  • TS/SCI clearance with a polygraph
  • Bachelor’s degree

Additional Qualifications:

  • Experience with Python
  • Experience with Elasticsearch, Logstash, and Kibana (ELK) Stack
  • Experience with Packet analysis tools including tcpdump, Wireshark, and ngrep
  • Experience with Splunk
  • Experience with alternate scripting or programming languages, including Bash scripting, Perl, and Java
  • Ability to think and work independently with minimal supervision
  • Ability to communicate and present to a variety of internal and external audiences including senior executives, using excellent verbal and writing skills with emphasis toward clear and concise text
  • Ability to prioritize and execute in a methodical and disciplined manner
  • Ability to lead staff and processes

Clearance:

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance with polygraph
is required.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.

DRE1

Not ready to apply? Join our talent community and sign up for job alerts.