Program Description: Serves as the Lead Cyber Threat Analyst in support of a major federal client. This organization provides services that analyze and produce enhanced cyber security and threat intelligence information to include threats and potential threats to the customer’s personnel, information, and information systems; provides timely and relevant intelligence to assist with mitigating cyber threats confronting the Department; supports evaluation, implementation, and operations of tools/technologies used in advanced analysis. Responsible for written and oral briefings to stakeholders and community partners across the Foreign Affairs community.
The Lead Cyber Threat Analyst will support the customer’s overall cyber threat analysis efforts. The analyst must have the political acumen and the confidence to reach out and work with other agencies and industry stakeholders, to share threat information and work together to advance one another’s capabilities. Ensures that relevant threat indicators are infused in all aspects of program operations.
As the lead analyst, they must have significant background in intrusion detection/response, firewall architecture, and emerging technologies. They must also understand security vulnerabilities and malicious actor tactics, techniques, and procedures (TTPs) to better evaluate the effectiveness of layered defenses and to provide strategic recommendations on new technical and non-technical protections. The ideal candidate will have a solid understanding of cyber threats across multiple Threat Actors, Campaigns, and other Indicators. Additionally, the candidate would have an understanding of intrusion detection systems, intrusion analysis, data integration platforms, endpoint detection, data analytics, and cyber defense architectures.
Candidate should have proven expert written and oral communication skills to include experience with executive-level presentations. Candidate should have knowledge related to the current state of cyber international relations, adversary tactics, and trends. Candidate will possess the ability to work quickly, and a willingness to complete ad hoc, time sensitive assignments.
• A Bachelor’s Degree in Computer Science, Information Systems, Intelligence, English, Communications, History, International Affairs or Studies, or other related technical or liberal art discipline is desired. Four (4) additional years of general experience (as defined below) may be substituted for the degree.
Certifications Desired: CISSP, SANS GCTI, CCSP
General Experience: 7 years of experience in intelligence or technical analysis with increasing responsibilities. Demonstrated oral and written communications skills.
Good working knowledge of cyber threat intelligence analysis
Prior military or intelligence community experience and/or formal analytic training/certification
Strong analytical skills and the ability to effectively research, write, communicate and brief to varying levels of audiences to include at the executive level
Previous experience managing cross functional and interdisciplinary project teams to achieve tactical and strategic objectives
Experience working with senior leadership to generate and update team/branch objectives to fulfil or aim at broader Division, Office, and Directorate wide strategic objectives.
Five years’ of experience in intelligence or technical analysis with a focus on cyber threat analysis and threat modeling, to include preparing and presenting results.
Five years of experience with assessing APT threats, attack methodologies, forensics analysis techniques, malware analysis, attack surface comprehension, spear phishing analysis, research/validation of new APT TTPs.
Understanding and experience with the Cyber Threat Framework (ODNI)
Ability to work with across a large cyber program to improve an organization’s detection capabilities, as well as, develop mitigations, signature development, and assisting incident response procedures.
Demonstrated expertise in deploying and maintaining tools to facilitate the flow of intelligence analysis and reports.
Knowledge of computer networking and configuration, TCP/IP, security stack/appliances, and cyber security and cyber risk frameworks and strategies.
At least one year of hands on experience with Splunk, FireEye network monitoring and defense tools, and RSA platforms.
Experience writing contract deliverables such as Event Bulletins, Cyber Digests, and Quarterly Summary Reports
Security Clearance: TS (clearable to SCI)
Please be sure to indicate that you saw this position on Globaljobs.org