19 Sep
DC3 Analytic Group Senior Cyber Analyst
Maryland, Baltimore , 21201 Baltimore USA

Vacancy expired!

The DoD Cyber Crime Center (DC3) Analytic Group (AG) disseminates timely and relevant cyber intelligence products that enhance the overall picture and shared situational awareness of the cyber threat landscape and enable mission partners' readiness and success. These products often highlight current cyber intelligence data, activity/trends, predictive analysis and technical findings with attribution.As a cyber intelligence analyst you will provide the customer with expertise in cyber intelligence sources, collection methods and analytic techniques. The analyst collaborates among interagency partners to identify malicious activity and provide analytic support to law enforcement/counterintelligence (LE/CI) investigations and operations. The analyst performs analysis on existing and emerging advanced persistent threat organizations, actors, and malware. The qualified candidate should have a strong interest in and understanding of the way varying disciplines interact (counterintelligence, net defense, threat hunting, digital, and operational/strategic threat intelligence).

Required Qualifications
  • BA/BS degree in Information Technology or Information Security, Computer Science, Intelligence Studies, Cyber Security or another related field of study and 8+ years relevant experience, or MS and 6+ years, or PhD and 3+ years.
  • Current TS/SCI security clearance
  • Technical skills proficiency in the following areas: network communication using TCP/IP protocols, basic system administration, basic understanding of malware (malware communication, installation, malware types), intermediate knowledge of computer network defense operations (proxy, firewall, IDS/IPS, router/switch) and open source information collection.
  • Candidate must have a thorough understanding of Domain Name Service records.
  • Ability to analyze PCAP data, identifying and decoding protocols, extracting files, and applying standard filters such as Berkley Packet Filter (BPF).
  • Knowledge of Cyber Threat Intelligence principles to include indicators of compromise (IOC) types, indicator pivoting and indicator attribution strength.
  • Understanding of the US Intelligence Community structure and how cyber intelligence organizations work together for purposes of conducting cyber threat analysis.
  • Proficiency writing Intelligence Analysis reports - a technical writing sample may be required if the candidate has no prior record of published intelligence analysis reporting.
  • An innovative mindset.
  • Ability to work under pressure and accomplish tasks on time.

Desired Qualifications
  • DoD 8570 IAT-Level I certification or above (A+ CE, CCNA-Security, CND, Network+ CE, SSCP)
  • Law enforcement investigation experience and understanding of search and seizure
  • Prior experience working with groups and/or ISACs on cyber threats and intelligence sharing
  • Any relevant certification (CISSP, CEH, Security+, SANS certification(s), Network+, CCNA)
  • Proficiency hunting APT data using open source or commercial cyber threat analytic tools or data repositories such as VirusTotal, Passive Total, Threat Miner, or Maltego.
  • Strong proficiency and recent experience (within last 3 years) performing NETFLOW analysis using common analysis tools (Wireshark, Dshell).
  • Strong ability to correlate data and research using open source repositories (ex. VirusTotal, Domaintools, Threatminer, etc.)
  • Ability to apply formal intelligence analysis methods, develop hypothesis, prove/disprove relationships, always ask why, defend your analysis, and apply attribution to cyber threat activity.
  • Ability to make confidence-based assessments for purposes of attribution based on their technical analysis of network traffic, multi-source data, malware and system analysis. Candidate must be able to identify analytic bias.
  • Self-starter with the ability to proactively engage and develop relationships with intrusion set subject matter experts and analyst counterparts across the US Intelligence and Law Enforcement communities
  • Intermediate ability to present technical information and analysis to audiences up to 50 persons on a quarterly basis.
  • Familiarity with MITRE ATT&CK, CBEST, and TIBER frameworks
  • Tool and script development
  • Programming experience
  • Ability to grasp complex problems and explain them simplistically
  • Interest and focus on customer service and quality
  • Flexibility to complete fast-suspense assignments
  • Proficiency with data aggregation and visualization tools
  • Familiarity with a variety of analytic concepts, practices, and procedures
Peraton drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted and highly differentiated national security solutions and technologies that keep people safe and secure. Peraton serves as a valued partner to essential government agencies across the intelligence, space, cyber, defense, civilian, health, and state and local markets. Every day, our 22,000 employees do the can't be done, solving the most daunting challenges facing our customers.We are an Equal Opportunity/Affirmative Action Employer. We consider applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, or membership in any other group protected by federal, state, or local law.

Vacancy expired!


Report job