Cyber Threat Analyst, Senior

Key Role:

Provide technical, analytic and investigative support to client partner agencies. Assist clients and partner agencies with the attribution and identification of new adversary infrastructure. Conduct extensive US partner agency engagement and document developments and findings. Provide technical support to client field offices and other intelligence partner agencies to identify and counter foreign cyber threats against U.S. information systems, infrastructure, and cyber-related interests. Support intelligence community reporting by performing all source analysis and open-source research to support ongoing investigations and intelligence collection. Perform raw packet capture or netflow analysis while developing innovative ways to exploit data. Collaborate actively with law enforcement, counterintelligence, and intelligence community peers to provide a greater comprehension of Cyber threats.

Basic Qualifications:

  • 7+ years of experience in a Cybersecurity role, including cyber intelligence, cyber threat analysis, incident response, cyber investigations, malware analysis, or network forensics
  • Knowledge of intelligence gathering principles, policies, and procedures including legal authorities and restrictions
  • Knowledge of cyber threat intelligence models including MITRE ATT&CK, Kill Chain, or Diamond Model
  • Knowledge of network security architecture concepts, including topology, protocols, components, principles, and well-known networking protocols and services including FTP, HTTP, SSH, SMB, or LDAP
  • Ability to vet, enrich, and maintain technical data, including indicators of compromise, shared from partner agencies and key stakeholders
  • Ability to extract threat data including IP’s, domains, ports, malware, and malicious communications from multiple sources
  • TS/SCI clearance with a polygraph
  • Bachelor’s degree

Additional Qualifications:

  • Experience with Python
  • Experience with Elasticsearch, Logstash, and Kibana (ELK) Stack
  • Experience with Packet analysis tools such as tcpdump, Wireshark, or ngrep
  • Experience with Splunk
  • Experience with alternate scripting or programming languages, including Bash scripting, Perl, and Java
  • Ability to communicate and present to a variety of internal audiences including senior executives using
  • Ability to think and work independently with minimal supervision
  • Possession of strong verbal and writing communication skills including clear and concise text writing skills

Clearance:

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance with polygraph is required.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.

DRE1

Not ready to apply? Join our talent community and sign up for job alerts.