Cyber Threat Intelligence Fusion Analyst

Fort Belvoir, Virginia, United States
May 16, 2018
Jun 06, 2018
Full Time
Job Description Job Number: R0025389

Cyber Threat Intelligence Fusion Analyst

Key Role:
Work as a member of a 24x7x365 threat intelligence center responsible for identifying malicious threat actors, thwarting hackers, and preventing data breaches while conducting highly detail-oriented work that involves security threat analysis and working with clients to validate and characterize threats. Support incident detection and response operations and signature development and provide input on new detection strategies and remediation guidance. Form accurate and precise analysis and escalate it to appropriate teammates or internal teams for additional assistance or review. Provide an intelligence picture to support the fine tuning of signatures and assist the incident management team with the incident response process.

Basic Qualifications:
-3+ years of experience with conducting threat research focused on nation state, criminal, or other malicious Cyber activities
-Experience with the technical capabilities and limitations of the Internet and online technologies, including social networking sites, blogs and microblogs, Internet mapping tools, and other collaborative Internet tools
-Experience with computer network protocols and operations 
-Knowledge of cultural, linguistic, and other behavioral aspects of threat actor capabilities and intents
-Knowledge of Cyber intrusion vectors, malware, networking, and monitoring
-Knowledge of threat intelligence tradecraft, including structured analytic, contrarian, and imaginative analytic techniques
-Ability to write concise analytical products and assessments
-TS/SCI clearance
-BA or BS degree
-CEH and Security+ or CSA+ Certifications

Additional Qualifications:
-Experience with the intelligence community (IC) or other national security-related areas
-Experience with the use of industry-standard digital forensics tools and procedures
-Experience with computer programming languages, including PhP, Python, SQL, C++, Perl, Java, or other associated languages
-Experience with SIEM tools, including Splunk, QRadar, and ArcSight
-Experience with penetration testing

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance is required.

We're an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status—to fearlessly drive change.

#LI-AH1, CJ1, DH1, MPPC, TMJ16

Similar jobs