Computer Forensic & Intrusion Analyst
Position Description: The selected candidate will serve as a LinguistAnalyst in the Defense Cyber Crime Center - Analytical Group (DC3- AG). The candidate will use their language skills to provide translation and analytic support in a team environment focused on cyber threat actors/activity. The candidate will author and review intelligence products by applying their linguist skills, cultural knowledge and technical abilities. Additionally, the candidate will be expected to collaborate with analysts and agents from the FBI, various other Intelligence Community agencies, and the Defense Criminal Investigative Organizations (AFOSI, NCIS, CID, DCIS) on a regular basis. The candidate will rely heavily on their experience serving in past roles in Computer Network Operations, Law Enforcement/Counterintelligence, or Intelligence Community mission focused organizations. The selected candidate should be comfortable writing documents up to 60 pages in length. Only candidates with current active DoD TS/SCI will be considered. Possesses and applies expertise on multiple complex work assignments. Assignments may be broad in nature, requiring originality and innovation in determining how to accomplish tasks. Operates with appreciable latitude in developing methodology and presenting solutions to problems. Contributes to deliverables and performance metrics where applicable. Education Bachelor's Degree in a related technical or military discipline, or the equivalent combination of education, professional training, or work/military experience. 13 years of professional experience without a degree; or 5 years of professional experience with a Bachelors degree from an accredited college in a related discipline, or equivalent experience/combined education; or 3 years of professional experience with a related Masters degree; or no experience required with a related PhD or JD. Consideration should always be given for the level of specific domain expertise. Qualifications 8-10 years of experience required Required Skills:
- BA/BS degree in Information Technology or Information Security, Computer Science, Intelligence analysis, Cyber Security or another related field of study or equivalent 3+ years performing cyber threat intelligence analysis.
- Candidate must have a strong all-source intelligence or counterintelligence background with 5+ years of experience serving in an analyst or agent Pertinent skills or experience include persona development, HUMINT targeting, support to law enforcement or counterintelligence investigations, Open Source Intelligence (OSINT) collection, Social Media/Social Networking analysis.
- Candidate must have a high proficiency with the Mandarin language with a DLPT (or equivalent test) score of R3/L3 or better within the last 4 years.
- Candidate must have knowledge of cyber terminology, tools, and Concepts
- Candidate must have a strong analytic writing ability and be able to provide a writing sample demonstrating the ability to produce and edit analytic Candidate must have at least 2 years of experience writing intelligence analysis products within the last 5 years. A technical writing sample and technical editing test will be required if the candidate has not previously authored published intelligence analysis products.
- Strong ability to apply formal intelligence analysis methods, develop hypotheses, prove/disprove relationships, always ask why, defend your analysis, and apply attribution to cyber threat Candidate must be able to make confidence-based assessments and be able to identify analytic bias.
- Basic to intermediate technical skills proficiency in the following areas: network communication using TCP/IP protocols, basic system administration, basic understanding of malware (malware communication, installation, malware types), intermediate knowledge of computer network defense operations (proxy, firewall, IDS/IPS, router/switch, open source information A Security+ certification or equivalent training will satisfy this.The candidate should have the ability to build intrusion related data visualizations and perform analysis (i.e., using I2 Analyst Notebook, Netviz, Palantir, etc).
- Strong understanding of US Intelligence Community and how cyber intelligence organizations work
- Strong ability to present information and analysis to groups up to 50 persons on a quarterly Candidate will be required to brief smaller groups up to 10 persons on a weekly basis.
- Candidate must be a self-starter with the ability to proactively engage and develop relationships with subject matter experts and analyst counterparts across the US Intelligence and Law Enforcement communities.
- Experience building persona development products within the LE/CI or Intelligence Community
- Expertise in assessing sources using the PAMSSA method
- Formal training as an intelligence analyst in any discipline - graduate of USG intelligence analysis course: CAC, IBC, Kent School, IC 101, Analysis 101, Army, Navy, Air Force, etc
- Formal Law Enforcement/Counterintelligence training: e., FLETC, JCITA, etc.
- Experience applying Kill Chain analysis, Cyber Intelligence Preparation of the Environment (CIPE) modeling, or Diamond modeling of cyber threat activity
- Certifications (any): CISSP, CEH, Security+, SANS certification(s), Network+, CCNA
- Advanced NETFLOW and PCAP Analysis
Advanced Data Visualization proficiency leveraging COTS/GOTS tools
- Technical Skills proficiency: encryption technologies/standards
- Intermediate malware analysis or digital computer forensics experience
- Any type of Cyber related Law Enforcement or Counterintelligence experience
- Existing Subject Matter Expert of Advanced Persistent Threat activity
- Experience using GOTS, COTS/Open Source tools: e., NOEISIS, Novetta Cyber Analytics, Mitre ChopShop and/or ARL DSHELL
- Analyst experience in Federal Cyber Center or Corporate CIRT