FUTURE NEED
Location: Linthicum, MD
Description:
Please note this is not a cybersecurity or systems engineer position.The selected candidate will serve as a cyberintelligenceanalyst andmust have relevant experienceas such (see below for requirements). The selected candidate will serve as a cyber intelligence analyst. The analyst provides the customer with expertise in Intelligence sources, collection methods and analytic techniques. The analyst collaborates among internal partners to identify malicious activity and provide analytic support to the investigation and operation groups. The analyst performs analysis on existing and emerging APT organizations, actors, and malware.
Ideal candidate has experience with cyber intelligence analysis or law enforcement/counterintelligence analysis, and has applied their mastery of cyber threat intelligence, intelligence analysis techniques, sources and methods to produce high quality analysis products.
Requirements:
Must be a US Citizen with a SECRET security clearance (no exceptions)
Must hold a BA/BS degreein Information Technology or Information Security, Computer Science, Intelligence Studies, Cyber Security or another related field of study or equivalent 3+ years performing technical cyber threat intelligence analysis.
Must have minimum 1 year of related Cyber Intel experience outside of a classroom settin g (no exceptions)
Must have strong technical skills proficiency in the following areas: network communication using TCP/IP protocols, basic system administration, basic understanding of malware (malware communication, installation, malware types), intermediate knowledge of computer network defense ops (proxy, firewall, IDS/IPS, router/switch) and open source information collection.
Must have knowledge of Cyber Threat Intelligence principles to include indicators of compromise types, indicator pivoting and indicator attribution strength.
Must have an understanding of IC and how those cyber organizations work together for purposes of conducting cyber threat analysis.
Must have strong technical report writing skills.
Must have the ability to apply formal intelligence analysis methods, develop hypothesis, prove/disprove relationships, always ask why, defend your analysis, and apply attribution to cyber threat activity. Candidate must be able to make confidence-based assessments for purposes of attribution based on their technical analysis of network traffic, multi-source data, malware and system forensic analysis. Candidate must be able to identify analytic bias.
Must have recent experience or familiarity with open source cyber intelligence research tools including, but not limited to, VirusTotal, PassiveTotal, Domain Tools, AlienVault Open Threat Exchange, Threat Connect, URLScan.io, and MXToolbox.
Must have the ability to build intrusion related data visualizations and perform analysis (i.e., using I2 Analyst Notebook, Netviz, Palantir, etc)
Ability to present technical information and analysis to professionals and peers on a regular basis.
Must have the ability to proactively engage and develop relationships with intrusion set subject matter experts.
Desired Skills:
Mandarin or Russian language skills
Formal training as an intelligence analyst in any discipline
Graduate of US Govt intelligence analysis course: CAC, IBC, Kent School, IC 101, Analysis 101, Army, Navy, Air Force, etc
Experience applying Kill Chain analysis, Cyber Intelligence Preparation of the Environment modeling, or Diamond modeling of cyber threat activity
Recent experience performing NETFLOW and PCAP analysis using common analysis tools (examples include Wireshark, Splunk, ChopShop, Dshell, Network Miner, Moloch, etc).
Should be proficient at sessionizing PCAP data, identifying and decoding protocols, extracting files, and applying standard filters such as Berkley Packet Filter (BPF).- Certifications (any): CISSP, CEH, Security+, SANS certification(s), Network+, CCNA
Advanced NETFLOW and PCAP Analysis
Advanced Data Visualization proficiency leveraging COTS/GOTS tools
Technical Skills proficiency: Python language, encryption technologies/standards
Intermediate malware analysis or digital computer forensics experience
Any type of Cyber related Law Enforcement or Counterintelligence experience
Existing Subject Matter Expert of Advanced Persistent Threat activity
Experience using COTS/Open Source tools: Novetta Cyber Analytics, Mitre ChopShop and/or ARL DSHELL
Analyst experience in the IC
Benefits:
Mission focused work environment
Subsidized medical/dental/vision insurance
HSA contributions
401k matching
Holiday and Paid Time Off (PTO)
Monthly WAN parties and quarterly events
Flexible hours
Remote work is NOT an option. We do offer relocation assistance. Please see our careers page or inquire with your recruiter about the terms and conditions.
Vaccination Notice:
Please be aware that you are applying for a position to work as a federal contractor. As such, Cipher Tech will require, and your employment will be subject to, such vaccinations as are required by federal, state, and local law requirements.
About Us
At the core of Cipher Tech Solutions, Inc. (Cipher Tech), you'll find a team of exceptionally talented engineers and software developers who are driven to solve the toughest problems facing national security today. Primarily acting as an engineering service provider, Cipher Tech provides a variety of technical experts to government customers for injection into new or preexisting teams, both on and off customer sites that are charged with moving the mission forward through applied technology.
Expanding the company's workforce to include a cadre of well-trained digital forensic examiners became a necessity as our military customers, impressed with our forensic software development expertise, asked us to expand the scope of our support.
Today, Cipher Tech provides our customers with a targeted blend of investigative, analytical, and engineering staff all focused narrowly on the field of digital forensics. Embedded directly with the customers we support, we work efficiently and effectively to deliver support for both strategic and tactical mission sets.
Help us meet our customer's demands and find out why we're excited to go to work.
Commitment to Diversity and Inclusion
Cipher Tech is an Equal Opportunity and Affirmative Action Employer. We value diversity and inclusion, not only for the sake of compliance, but also because diversity of thought drives progress and improves performance. All hiring and employment decisions are made on the basis of business requirements, performance, and merit-with no regard to race, color, religion, sexual orientation, gender, genderidentity, national origin, or other protected status.
CIPHER TECH IS COMMITTED TO HIRING QUALIFIED VETERANS!
For more information, or to apply now, you must go to the website below. Please DO NOT email your resume to us as we only accept applications through our website.
https://ciphertechsolutions.applicantpro.com/jobs/3450917-197876.html