Cyber Security Analyst
Cyber Threat Intelligence Analyst with Top Secret Clearance
Our client was rated #1 in the 2016 Top Military Friendly Employer award. If you have experience with cybersecurity and Enterprise Business Services, this may be a good fit for you. Our client offers a good work-life balance and remote work options. Apply today and learn more about how our client can benefit you!
Prepares intelligence assessments through intelligence gathering using multiple intelligence sources such as human intelligence (HUMINT), signals intelligence (SIGINT), geospatial intelligence (GEOINT), measurement and signal intelligence (MASINT), open source intelligence (OSINT) to support customers including military, intelligence, law enforcement or security agencies.
· Processes information about situations and entities of strategic, operational or tactical importance; characterizes possible future actions and identifies possible courses of action or remedies.
· Analyzes current intelligence holdings, identifies potential shortfalls, gaps and vulnerabilities to develop subsequent collection requirements. Develops specialized intelligence products, threat analyses, production support, and tailored intelligence products such as fusion intelligence, warning intelligence, estimative intelligence or psychological profiling. Develops moderately complex briefings, reports and short notice position papers; reviews, approves and compiles reports, overseeing submission of documentation to relevant databases, mining those databases as needed and as identified to further compile and analyze information, presents briefings to key personnel. Collaborates and supports broader security project teams.
· Oversees the processing of incoming reports and messages, determining significance and reliability of incoming information. Integrates incoming intelligence and operational information to maintain situation awareness displays. Identifies issues and concerns and escalates as appropriate.
· Develops periodic and special intelligence reports, plans and briefings. Recommends changes, and where appropriate, courses of action.
· Augment the security operations team with 24/7 intelligence support and planning, as required, to maintain a high level of mission readiness and network availability.
· Performs computer and/or network security threat assessments to identify, evaluate and mitigate security risks, and vulnerabilities.
· Designs, implements, integrates, configures and tests computer and network security solutions to manage the network/system's firewalls and intrusion detection systems.
· Provides Root Cause Analysis, Trend Analysis, and Predictive Analysis support to Vulnerability Assessors and Incident Handlers in support of event response actions and persistent active monitoring efforts.
· Coordinate with members of intrusion analysis, incident response, vulnerability assessment, external assessment, and cyber threat analysis teams to expand the capabilities of the organization
· Provides communication and escalation to senior leadership and mission partners on completed intelligence efforts which will enable informed decision making.
· Triage, process and analyze cyber threats originating from the various Intel feeds and analytics systems
· Perform detailed analysis of threats during the incident process, combining sound analytical skills with advanced knowledge of IT security and network threats
· Analyze cyber threat data and correlate with existing understanding of customer environments
· Perform post event analysis on logs, traffic flows, and other activities to identify malicious activity
· Reviewing weekly, monthly and on demand threat intelligence reports
· Establishes and maintain open lines of communication with a wide range of data asset owners throughout the Intelligence Community (IC).
· Facilitate Analyst to Analyst Exchange relationships for members of the team throughout the IC.
· Develops intelligence process to acquire, synthesize, and disseminate all-source Intelligence data to assist Incident Handlers in identifying and disrupting adversary cyber kill chain activities.
· Maintains daily awareness of Threat Information/Intelligence germane to supported business operations through open source, government sector, and private sector intelligence sources.
· Collaborates with Vulnerability Assessors and Incident Handlers, develop and deliver Risk Assessment Briefings, dashboard products, security tools tuning as required.
· Participation in classified briefings that may help inform intelligence efforts and the ability to articulate assessments based on provided information
· Prepares and deliver intelligence products for analysts, users, and mission partners on threat actors, TTPs, and vulnerabilities that hold client business practices at risk.
· Advises and assist Incident Handlers on production of threat-specific IDS/IPS content.
· Develop and implement an intelligence enabled Operational Security (OPSEC) Program to train the technical and non- technical user base on current threats and best practices to minimize risk to mission and personnel.
Requirements & Qualifications:
· Bachelor's degree in international relations, political science, intelligence studies, psychology or related field preferred or 8+ years of intelligence experience, or equivalent combination of education and experience
· Possess TS/SCI clearance with current investigation
· Graduate of an intelligence training school or equivalent
· Experience working with specialized specific intelligence sources such as human intelligence (HUMINT), signals intelligence (SIGINT), geospatial intelligence (GEOINT), measurement and signal intelligence (MASINT), open source intelligence (OSINT); preferred level of expertise that includes section or team lead of intelligence missions
· Experience working with intelligence organizations, preferred experience with foreign partners and national level agencies
· Experience working with intelligence processes, policies and procedures
· Experience working with multiple intelligence sources, databases, and content management
· Interpersonal skills to interact with a wide variety of experienced customers and team members
· Communication skills to interact with team members and support personnel
· Analytical and problem solving skills for investigating security issues
· Ability to work with intelligence databases and related tools
· Ability to work independently with limited supervision and take the initiative to enable continuous process improvement
· Ability to perform in a team environment and a strong desire to learn
· Active interest in cyber security, incident detection, network and systems security
· Familiarity with cyber-crime and cyber-attacks, responsible groups, motivations and techniques
· Ability to prepare and present research findings across multiple levels of consumers (Executive to Analyst)
· Motivated, detail-oriented, individual who can demonstrate proactive analytical skills and work professionally with peers and customers within a demanding mission environments
· Willingness to travel
· 3+ years working in IT security and/or cyber security/threat intelligence job, preferably a 24x7 operational environment.
· Experience/exposure to IT service management best practices (ITIL)
· DoD 8570 standards (A+, Net+, Sec+)
· CISSP, CEH, GCIH certifications
· SIEM exposure (Splunk preferred)
TPA technologies is a technology-consulting firm serving the information technology needs of corporate America and government business partners. Headquartered in Boston, Massachusetts with regional offices in Hingham, MA, Raleigh, N.C. and Dallas, TX. TPA focuses on client’s critical IT initiatives by utilizing methodologies to provide the best fit solutions. TPA provides the right fit for their clients and candidates.