Job Description Minimum Clearance Required to Start: Top Secret SCI Job Description: JOB DESCRIPTION Cyber Analyst (CA) SUMMARY The Cyber Analyst is an integral member of the Defense Threat Reduction Agency (DTRA) Red Assessment Team. The DoD's premier Red Assessment Team is unique in that it performs assessments from an adversarial perspective, emulating the full spectrum of identified capabilities from lone actor to the well-financed terrorist organization to the foreign intelligence entities to demonstrate exploitation of vulnerabilities. As such, they are responsible for conducting all-source analysis and piecing together disparate information and reporting to form integrated views on cyber threat issues of national security. CAs conduct analysis to provide an overall picture of the intent and capabilities of malicious cyber actors, tools, and tactics, techniques, and procedures (TTPs). CAs will assist Red Cell Management and Red Cell Fusion Cell Program leads when called upon to do so. CAs are responsible for providing advisory support concerning computer (network and infrastructure) analysis to enable emulation of Adversarial Cyber and/or Electronic Warfare Operations. Duties are primarily executed at home station; however, assessment teams may deploy to high threat, but permissive environments anywhere in the world. Possible CONUS and OCONUS travel for durations of up to two weeks per trip. Top Secret/SCI Security Clearance eligibility required ESSENTIAL DUTIES AND RESPONSIBILITIES * Conduct in-depth research and analysis to assess communications infrastructure that supports installation voice, data, video, radio, electronic security, and industrial control systems/networks * Identify threats/hazards that could affect the mission's communications architecture and use this data to assess the vulnerability and risk to the assets * Perform single-point critical node analysis of an installation's telecommunications, other communications systems, and computer networks including supporting infrastructure (security, power, heating-ventilation-air conditioning, fuel, fire protection, etc.) * Collaborate with intelligence analysts, targeting organizations involved in related areas * Develop information requirements necessary for answering priority information requests * Identify threat tactics and methodologies as well as intelligence gaps and shortfalls * Monitor and report changes in threat dispositions, activities, tactics, capabilities, objectives, etc. as related to designated cyber operations warning problem sets * Monitor open source websites for hostile content directed towards organizational or partner interests and report on validated threat activities * Monitor operational environment and report on adversarial activities which fulfill leadership's priority information requirements * Produce timely, fused, all-source cyber operations intelligence and/or indications and warnings intelligence products (eg, threat assessments, briefings, intelligence studies, country studies) * Provide evaluation and feedback necessary for improving intelligence production, intelligence reporting, collection requirements, and operations * Provide information and assessments for the purposes of informing leadership and customers; developing and refining objectives; supporting operation planning and execution; and assessing the effects of operations SUPERVISORY/MANAGEMENT AUTHORITY * This position will not have supervisory authority EDUCATION AND/OR EXPERIENCE * Minimum 6 years operational experience as a Cyber Threat Intelligence Analyst or in a relevant analysis function, preferably with the US intelligence, fusion center, and/or law enforcement communities is desired; Cyber subject matter expertise preferred * Graduate of one of the following Joint Cyber Analysis Course, Cyber Common Technical Core, Cyber Threat Emulation Methodologies or equivalent, preferred KNOWLEDGE, SKILLS, AND ABILITIES * Possess a thorough understanding of the Department of Defense Information Networks (DoDIN) * Significant experience with open source intelligence research and methodologies * In-depth knowledge Cybersecurity and of the newest and emerging cyber threats * In-depth knowledge of adversarial cyber exploitation tactics, techniques, and procedures (TTP) * Knowledge of computer, network (eg, switches, routers, firewalls), transport components and peripherals, web applications, databases, storage arrays, and cloud infrastructure * Understanding of the Cyber Protection Conditions * Experience performing attack analysis or Red Team penetration testing against operational computer networks including experience in Windows Security, Network Security, Linux/Unix Security, Database security, or Mainframe Security * Experience with Recorded Future, Tanium, Splunk, RedSeal, Anomali * Working knowledge of log data analysis * Experience evaluating systems and network devices and enterprise networks for IA vulnerabilities * Experience evaluating enterprise