Cyber Threat Intel Analyst

Cyber Threat Intel Analyst
North Charleston, SC
Minimum of a Top Secret Clearance, with ability to obtain TS/SCI.

As a Cyber Threat Intelligence Analyst, you will be responsible for providing analysis on relevant threats to the customer environment in support of the overall defensive effort.  You will be a key component in providing additional tactical context surrounding adversarial TTPs and support to the Network Security Monitoring and Incident Response teams. Your primary responsibility is to analyze various sources of threat-related data using standard toolsets and methodologies, and then providing risk-related recommendations for action.

Position Requirements and Duties

• Perform daily review of cyber threat warnings, bulletins, alerts, and incident reporting documentation
• Conduct research on emerging security threats and provide correlation and trending of cyber incident activity
• Maintain knowledge of adversary activities, including intrusion set tactics, techniques and procedures (TTPs)
• Communicate events to agencies regarding intrusions and compromises to network infrastructure, applications and operating systems
• Provide cyber threat assessments based on threat analysis, coordinate cyber threat tracking with other organizations and the government
• Compile detailed investigation and analysis reports
• Compile and maintain internal standard operating procedure (SOP) documentation
• Ensure associated documentation and capabilities remain compliant with CJCSM 6510.01b and other applicable policy directives
• Participates in program reviews, product evaluations, and onsite certification evaluations
• Authorized to update signatures and view alerts of IDS/ IPS
• Authorized to view audit records on Central Log Server
• Authorized to modify auditable events on Central Log Server
• Support incident response actions (Surge)
• Up to 25% Travel may be required

Qualifications

• US Citizen
• At least 3 years of experience in Cybersecurity Service Provider (CSSP) environment or similar area
• At least 3 years of experience with collecting, analyzing, and interpreting qualitative and quantitative data for the purposed of documenting results and analyzing finding to provide meaningful products
• At least 3 years of experience with Cyber, defensive or offensive Cyber operations, information operations or information warfare, or topical Cyber expertise

Desired Qualifications

• Bachelor’s degree or higher from accredited university/technical college
• At least 5 years of experience in Cybersecurity Service Provider (CSSP) environment or similar area
• Ability to write finished products based off of highly technical subject matter and analysis for dissemination to a less technical or non-technical audience
• Ability to develop specific expertise, discerns patterns of complex threat actor behavior, and communicates a comprehension of current and developing Cyber threats
• Ability to leverage online research tools to identify and navigate online forums, specialized websites, social media, and traditional sources
• Knowledge of TCP/IP network communication protocols
• Self-motivated and passionate
• Possess excellent oral and written communication skills, including briefing to senior leadership and agency groups on a regular basis
• Experience with analytic tool, including Augury, Splunk, Elastic, TAC, Palantir, Shodan, Analyst Notebook or other threat intelligence platform preferred
• Experience collaborating and coordinating with intelligence community partners on Cyber issues and topics

Certification Requirements

• 8570 Classification IAT –II & CSSP Certification