- BA/BS degree in Information Technology or Information Security, Computer Science, Intelligence Analysis, Cyber Security, or another related field of study or equivalent 5+ years performing cyber threat intelligence analysis
- Intelligence all-source analysis; Defense Intelligence Analysis Program; intelligence writing and briefing at a senior level is a must
- Ability to place threats in the proper context and identify the “so what” for decision makers; ability to communicate technical information to non-technical audiences
- Provide cyber threat characterization and indications and warning of threats to the DoDIN
- Provide intelligence support and assessments to joint military cyber plans (e.g., Annex B, JPGs, OPTs, etc.)
- Ability to apply formal intelligence analysis methods, develop hypothesis, prove/disprove relationships, always ask “why”, defend your analysis, and apply attribution to cyber threat activity
- Technical understanding in the following areas: network communication using TCP/IP protocols, basic system administration, basic understanding of malware (malware communication, installation, malware types), intermediate knowledge of computer network defense operations (proxy, firewall, IDS/IPS, router/switch, open source information collection
- Prepare detailed analysis reports, products, cyber threat assessments, and briefings of security incidents and related intelligence. Establishes criteria and assesses potential impacts of intrusions
- Strong analytical and research skills with an extensive understanding of classified research tools and websites
- Familiar with the DoD, Intelligence Community, and private sector cyber community
- Strong understanding of the Intelligence Cycle
- Ability to write detailed and comprehensive cyber intelligence analytical products in a team environment
- Self-starter with the ability to engage with cyber intelligence analyst counterparts across the US Intelligence and cyber communities; lead and participate in working groups, conferences, etc.
- Demonstrated application of intelligence analysis and tradecraft through writing and presentation ability. Writing samples may be required.
- Ability to present analysis to large groups on a regular basis
- Demonstrated expertise using various intelligence and cyber GOTS/COTS analytical tools: Analyst Notebook, Palantir, TAC, M3, HOTR, Sharkseer, SIEM, Pulse, iSpace, etc
- Demonstrated ability and flexibility to support planning and execution of military exercises involving cyber defense training objectives (Occasional surge/weekend hours and travel may be required)
- Strong working ability with all MS Office applications (Word, PowerPoint, Excel, Project, etc.)
- Demonstrated understanding of cyber advanced persistent threats, actors, infrastructure, and TTPs
- In-depth knowledge of cultural, social and political activities and threat conditions in foreign countries
- Formal training as an intelligence analyst or officer – graduate of US Govt or Military intelligence analysis course
- Experience applying Kill Chain analysis, Cyber Intelligence Preparation of the Environment (CIPE) modeling, or Diamond modeling of cyber threat activity
- Advanced Data Visualization proficiency leveraging COTS/GOTS tools
- Technical Skills proficiency: encryption technologies/standards
- Cyber security with cloud technologies, Wireless, IoT, etc
- Existing Subject Matter Expert of Advanced Persistent Threat activity
- Understanding of defensive cyber operations to include incident response
- Experience with joint and combined military exercises
- Analyst experience in any Federal Cyber Center (NCTOC, IC-SCC, Cyber Command, CNMF, CPT, JFHQ-Cyber, NCIJTF, DHS US CERT) or Corporate CIRT
- Any type of cyber related law enforcement or counterintelligence experience
- Recent experience performing NETFLOW or PCAP analysis using analysis tools (Wireshark, SourceFire, etc)
- Experience using ArcSight, FireEye, or other SIEM tools
- Hold one or more of the below certifications:
- SANS: GIAC Certified Intrusion Analyst (GCIA) or GIAC Certified Incident Handler (GCIH)
- (ISC)² Certified Information Systems Security Professional (CISSP)
- CompTIA Advanced Security Practitioner (CASP)
- CompTIA Security+, Network+
- EC-Council Certified Ethical Hacker (CEH)
- Eligible for C/I Polygraph
Essential Requirements - Physical Demands: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job with or without reasonable accommodation.
While performing the duties of this job, the employee will regularly sit, walk, stand and climb stairs and steps. May require walking long distance from parking to work station. Occasionally, movement that requires twisting at the neck and/or trunk more than the average person, squatting/ stooping/kneeling, reaching above the head, and forward motion will be required. The employee will continuously be required to repeat the same hand, arm, or finger motion many times. Manual and finger dexterity are essential to this position. Specific vision abilities required by this job include close, distance, depth perception and telling differences among colors. The employee must be able to communicate through speech with clients and public. Hearing requirements include conversation in both quiet and noisy environments. Lifting may require floor to waist, waist to shoulder, or shoulder to overhead movement of up to 20 pounds. This position demands tolerance for various levels of mental stress.
ISYS Technologies is an Engineering and Information Technology Company focused on providing Services to the Federal and State Government. ISYS offers a competitive compensation program and comprehensive benefits package to our employees including Health/Dental/Vision/PTO and more. ISYS Technologies is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, or status as a protected veteran.
US Citizenship is required.