Cyber Threat Intelligence Analyst

[printfriendly]

Job Description :
The selected candidate will serve as a Cyber Threat Intelligence Analyst and Liaison for the Defense Cyber Crime Center – Analytical Group (DC3-AG) but embedded in an external DoD mission partner located in Suffolk, VA. The candidate will use their technical analysis skills to provide analytic support in a team environment focused on cyber threat actors/activity, and act as a liaison to facilitate better communication and collaboration between DC3 and the DoD mission partner. The candidate will author and review intelligence products by applying technical expertise, while also consulting and making recommendations for new solutions to cyber analytical issues as needed. Additionally, the candidate will be expected to collaborate with analysts from DC3-AG as well as analysts and agents from the Naval Criminal Investigative Service, various other Intelligence Community agencies, and other Defense Criminal Investigative Organizations (AFOSI, CID, DCIS) on a regular basis. The candidate will rely heavily on their experience serving in past roles in DoD, Computer Network Operations, Law Enforcement/Counterintelligence, or Intelligence Community mission focused organizations. The selected candidate should be comfortable writing documents up to 30 pages in length. An initial familiarization period located at DC3 in Linthicum, MD will be required.

Only candidates with a current TS/SCI clearance will be considered.

Candidates with CI Poly preferred, but not necessary to start.

Basic Qualifications
• BA/BS degree in Information Technology or Information Security, Computer Science, Intelligence Studies, Cyber Security or another related field of study or equivalent 3+ years performing technical cyber threat intelligence analysis.
• Strong technical skills proficiency in the following areas: network communication using TCP/IP protocols, basic system administration, basic understanding of malware (malware communication, installation, malware types), intermediate knowledge of computer network defense operations (proxy, firewall, IDS/IPS, router/switch) and open source information collection. Candidate must have a thorough understanding of Domain Name Service records.
• Strong knowledge of Cyber Threat Intelligence principles to include indicators of compromise (IOC) types, indicator pivoting and indicator attribution strength.
• Strong understanding of US Intelligence Community and how cyber intelligence organizations work together for purposes of conducting cyber threat analysis
• Strong proficiency and recent experience (within last 3 years) performing NETFLOW and PCAP analysis using common analysis tools (examples include Wireshark, Splunk, ChopShop, Dshell, Network Miner, Moloch, etc). Candidate must be strongly proficient at sessionizing PCAP data, identifying and decoding protocols, extracting files, and applying standard filters such as Berkley Packet Filter (BPF).
• Strong proficiency Report writing – a technical writing sample and technical editing test will be required if the candidate has no prior published intelligence analysis reporting
• Strong or Intermediate ability to apply formal intelligence analysis methods, develop hypothesis, prove/disprove relationships, always ask why, defend your analysis, and apply attribution to cyber threat activity. Candidate must be able to make confidence-based assessments for purposes of attribution based on their technical analysis of network traffic, multi-source data, malware and system forensic analysis. Candidate must be able to identify analytic bias.
• Intermediate ability to build intrusion related data visualizations and perform analysis (i.e., using I2 Analyst Notebook, Netviz, Palantir, etc)
• Intermediate ability to present technical information and analysis to groups up to 50 persons on a quarterly basis. Candidate will be required to brief smaller groups up to 10 persons on a weekly basis.
• Self-starter with the ability to proactively engage and develop relationships with intrusion set subject matter experts and analyst counterparts across the US Intelligence and Law Enforcement communities

Desired skills
• Experience building personal development products within the LE/CI or Intelligence Community
• Formal training as an intelligence analyst in any discipline – graduate of USG intelligence analysis course: CAC, IBC, Kent School, IC 101, Analysis 101, Army, Navy, Air Force, etc
• Formal Law Enforcement/Counterintelligence training: i.e., FLETC, JCITA, etc.
• Experience applying Kill Chain analysis, Cyber Intelligence Preparation of the Environment (CIPE) modeling, or Diamond modeling of cyber threat activity
• Certifications (any): CISSP, CEH, Security+, SANS certification(s), Network+, CCNA
• Advanced NETFLOW and PCAP Analysis
• Advanced Data Visualization proficiency leveraging COTS/GOTS tools
• Technical Skills proficiency: encryption technologies/standards
• Intermediate malware analysis or digital computer forensics experience
• Any type of Cyber related Law Enforcement or Counterintelligence experience
• Existing Subject Matter Expert of Advanced Persistent Threat activity
• Experience using GOTS, COTS/Open Source tools: i.e., NOEISIS, Novetta Cyber Analytics, Mitre ChopShop and/or ARL DSHELL
• Analyst experience in Federal Cyber Center or Corporate CIRT

As a leading technology innovation company, Lockheed Martin’s vast team works with partners around the world to bring proven performance to our customers’ toughest challenges. Lockheed Martin has employees based in many states throughout the U.S., and Internationally, with business locations in many nations and territories.

Join us at Lockheed Martin, where we’re engineering a better tomorrow.

Lockheed Martin is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.

Job Location(s): Linthicum Maryland, Linthicum Virginia

Security Clearance :
TS/SCI
Business Unit :
ESS6500 MST
Program :
DC3
Job Class :
Intelligence Analysis
Job Category :
Experienced Professional
City :
Linthicum Heights
State :
MD
Virtual :
No
Relocation Available :
Possible
Work Schedule :
FLEX-Non-Standard 40 hour week
Req Type :
Task Order/IDIQ
Shift :
First
Additional Posting Locations :
Linthicum, Suffolk

Source:http://search.lockheedmartinjobs.com/ShowJob/Id/67048/Cyber%20Threat%20Intelligence%20Analyst

Leave a Reply