Job Title: Sr. Cyber Intel Analyst
Posted by: CACI International on Feb 26, 2019
Location:
Linthicum , MDJob Description:
Job Description
CACI is in search of a Cyber Intelligence Analyst within the Defense Cyber Crime Center (DC3) Analytical Group. Ideal candidate is an experienced cyber intelligence analyst or law enforcement/counterintelligence (LE/CI) analyst or agent, who has applied their mastery of cyber threat intelligence, intelligence analysis techniques, and sources and methods to produce high quality analysis products for the last 5 years.
More About the Role:
The primary responsibilities of the position will be:
The analyst provides the customer with expertise in Intelligence sources, collection methods and analytic techniques.The analyst collaborates among interagency partners to identify malicious activity and provide analytic support to LE/CI investigations and operations.The analyst performs analysis on existing and emerging advanced persistent threat (APT) organizations, actors, and malware.Requirements:
BA/BS degree in Information Technology or Information Security, Computer Science, Intelligence Studies, Cyber Security or another related field of study or equivalent 3+ years performing technical cyber threat intelligence analysis.Strong technical skills proficiency in the following areas: network communication using TCP/IP protocols, basic system administration, basic understanding of malware (malware communication, installation, malware types), intermediate knowledge of computer network defense operations (proxy, firewall, IDS/IPS, router/switch) and open source information collection. Candidate must have a thorough understanding of Domain Name Service records.Strong knowledge of Cyber Threat Intelligence principles to include indicators of compromise (IOC) types, indicator pivoting and indicator attribution strength.Strong understanding of US Intelligence Community and how cyber intelligence organizations work together for purposes of conducting cyber threat analysisStrong proficiency hunting APT data using open source cyber threat analytic tools or data repositories such as VirusTotal, Passive Total, Threat Miner, or MaltegoStrong proficiency and recent experience (within last 3 years) performing NETFLOW and PCAP analysis using common analysis tools (examples include Wireshark, Splunk, ChopShop, Dshell, Network Miner, Moloch, etc). Candidate must be strongly proficient at sessionizing PCAP data, identifying and decoding protocols, extracting files, and applying standard filters such as Berkley Packet Filter (BPF).Strong proficiency Report writing - a technical writing sample and technical editing test will be required if the candidate has no prior published intelligence analysis reportingStrong or Intermediate ability to apply formal intelligence analysis methods, develop hypothesis, prove/disprove relationships, always ask why, defend your analysis, and apply attribution to cyber threat activity. Candidate must be able to make confidence-based assessments for purposes of attribution based on their technical analysis of network traffic, multi-source data, malware and system forensic analysis. Candidate must be able to identify analytic bias.Intermediate ability to build intrusion related data visualizations and perform analysis (i.e., using I2 Analyst Notebook, Netviz, Palantir, etc)Intermediate ability to present technical information and analysis to groups up to 50 persons on a quarterly basis. Candidate will be required to brief smaller groups up to 10 persons on a weekly basis.Self-starter with the ability to proactively engage and develop relationships with intrusion set subject matter experts and analyst counterparts across the US Intelligence and Law Enforcement communitiesCyber intelligence analysis experience focusing on Eurasia or the "near abroad" preferred.
Desired Skills:
Russian language, ILR 3/3 level of general proficiency (or equivalent certified language training standard) with a test date in the last 3 yearsFamiliarity with / experience researching Secure Sockets Layer (SSL) certificates and IP GeolocationExperience applying Kill Chain analysis, Cyber Intelligence Preparation of the Environment (CIPE) modeling, or Diamond modeling of cyber threat activityCertifications (any): CISSP, CEH, Network+, CCNA, Security+, SANS certification(s) such as GPEN or GCIHAdvanced NETFLOW and PCAP AnalysisAdvanced Data Visualization proficiency leveraging COTS/GOTS toolsTechnical Skills proficiency: Python language, encryption technologies/standardsIntermediate malware analysis or digital computer forensics experienceAny type of Cyber Related Law Enforcement or Counterintelligence experienceExisting Subject Matter Expert of Advanced Persistent Threat activityExperience using COTS/Open Source tools: Novetta Cyber Analytics, Mitre ChopShop and/or ARL DSHELLAnalyst experience in Federal Cyber Center, NSA, or Corporate CIRTFormal training as an intelligence analyst in any disciplinegraduate of US Govt intelligence analysis course: CAC, IBC, Kent School, IC 101, Analysis 101, Army, Navy, Air Force, etcWhat We Can Offer You:
- We've been named a Best Place to Work by the Washington Post.
- Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
- We offer competitive benefits and learning and development opportunities.
- We are mission-oriented and ever vigilant in aligning our solutions with the nation's highest priorities.
- For over 55 years, the principles of CACI's unique, character-based culture have been the driving force behind our success.
Job Location
US-Linthicum-MD-BALTIMORE
CACI employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is proud to provide dynamic careers for employees worldwide. CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities.
CACI is in search of a Cyber Intelligence Analyst within the Defense Cyber Crime Center (DC3) Analytical Group. Ideal candidate is an experienced cyber intelligence analyst or law enforcement/counterintelligence (LE/CI) analyst or agent, who has applied their mastery of cyber threat intelligence, intelligence analysis techniques, and sources and methods to produce high quality analysis products for the last 5 years.
More About the Role:
The primary responsibilities of the position will be:
The analyst provides the customer with expertise in Intelligence sources, collection methods and analytic techniques.The analyst collaborates among interagency partners to identify malicious activity and provide analytic support to LE/CI investigations and operations.The analyst performs analysis on existing and emerging advanced persistent threat (APT) organizations, actors, and malware.Requirements:
BA/BS degree in Information Technology or Information Security, Computer Science, Intelligence Studies, Cyber Security or another related field of study or equivalent 3+ years performing technical cyber threat intelligence analysis.Strong technical skills proficiency in the following areas: network communication using TCP/IP protocols, basic system administration, basic understanding of malware (malware communication, installation, malware types), intermediate knowledge of computer network defense operations (proxy, firewall, IDS/IPS, router/switch) and open source information collection. Candidate must have a thorough understanding of Domain Name Service records.Strong knowledge of Cyber Threat Intelligence principles to include indicators of compromise (IOC) types, indicator pivoting and indicator attribution strength.Strong understanding of US Intelligence Community and how cyber intelligence organizations work together for purposes of conducting cyber threat analysisStrong proficiency hunting APT data using open source cyber threat analytic tools or data repositories such as VirusTotal, Passive Total, Threat Miner, or MaltegoStrong proficiency and recent experience (within last 3 years) performing NETFLOW and PCAP analysis using common analysis tools (examples include Wireshark, Splunk, ChopShop, Dshell, Network Miner, Moloch, etc). Candidate must be strongly proficient at sessionizing PCAP data, identifying and decoding protocols, extracting files, and applying standard filters such as Berkley Packet Filter (BPF).Strong proficiency Report writing - a technical writing sample and technical editing test will be required if the candidate has no prior published intelligence analysis reportingStrong or Intermediate ability to apply formal intelligence analysis methods, develop hypothesis, prove/disprove relationships, always ask why, defend your analysis, and apply attribution to cyber threat activity. Candidate must be able to make confidence-based assessments for purposes of attribution based on their technical analysis of network traffic, multi-source data, malware and system forensic analysis. Candidate must be able to identify analytic bias.Intermediate ability to build intrusion related data visualizations and perform analysis (i.e., using I2 Analyst Notebook, Netviz, Palantir, etc)Intermediate ability to present technical information and analysis to groups up to 50 persons on a quarterly basis. Candidate will be required to brief smaller groups up to 10 persons on a weekly basis.Self-starter with the ability to proactively engage and develop relationships with intrusion set subject matter experts and analyst counterparts across the US Intelligence and Law Enforcement communitiesCyber intelligence analysis experience focusing on Eurasia or the "near abroad" preferred.
Desired Skills:
Russian language, ILR 3/3 level of general proficiency (or equivalent certified language training standard) with a test date in the last 3 yearsFamiliarity with / experience researching Secure Sockets Layer (SSL) certificates and IP GeolocationExperience applying Kill Chain analysis, Cyber Intelligence Preparation of the Environment (CIPE) modeling, or Diamond modeling of cyber threat activityCertifications (any): CISSP, CEH, Network+, CCNA, Security+, SANS certification(s) such as GPEN or GCIHAdvanced NETFLOW and PCAP AnalysisAdvanced Data Visualization proficiency leveraging COTS/GOTS toolsTechnical Skills proficiency: Python language, encryption technologies/standardsIntermediate malware analysis or digital computer forensics experienceAny type of Cyber Related Law Enforcement or Counterintelligence experienceExisting Subject Matter Expert of Advanced Persistent Threat activityExperience using COTS/Open Source tools: Novetta Cyber Analytics, Mitre ChopShop and/or ARL DSHELLAnalyst experience in Federal Cyber Center, NSA, or Corporate CIRTFormal training as an intelligence analyst in any disciplinegraduate of US Govt intelligence analysis course: CAC, IBC, Kent School, IC 101, Analysis 101, Army, Navy, Air Force, etcWhat We Can Offer You:
- We've been named a Best Place to Work by the Washington Post.
- Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
- We offer competitive benefits and learning and development opportunities.
- We are mission-oriented and ever vigilant in aligning our solutions with the nation's highest priorities.
- For over 55 years, the principles of CACI's unique, character-based culture have been the driving force behind our success.
Job Location
US-Linthicum-MD-BALTIMORE
CACI employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is proud to provide dynamic careers for employees worldwide. CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities.
Pay Rate:
Unspecified
HR. Website URL:
http://www.caci.jobs/jobs
Sign Up to Apply to this position
(if you already have a CGO account, just press the button below)
About CACI International Inc
Company Overview and BIO: CACI International Inc provides the professional services and IT solutions needed to prevail in today’s defense, intelligence, homeland security and federal civilian government arenas. We deliver enterprise IT and network services; data, information, and knowledge management services; business system solutions; logistics and material readiness; C4ISR integration services; cyber security, information assurance, and information operations; integrated security and intelligence solutions; and program management and SETA support services. CACI services and solutions help our federal clients provide for national security, improve communications and collaboration, secure the integrity of information systems and networks, enhance data collection and analysis, and increase efficiency and mission effectiveness. We add value to our clients’ operations, increase their skills and capabilities, and enhance their missions. CACI is a member of the Fortune 1000 Largest Companies and the Russell 2000 index. CACI provides dynamic careers for approximately 12,300 employees working in over 120 offices in the U.S. and Europe. CACI is the IT provider for a networked world. Visit CACI on the web at www.caci.com and www.asymmetricthreat.net.
Please visit this employer's Public Profile to see more jobs offered by CACI International Inc