Job Duties and Responsibilities
All-Source Cyber Analyst
The selected candidate shall provide subject matter expertise while producing and disseminating all-source integrated intelligence analysis to support DoDIN and defensive cyberspace operations (DoDIN/DCO-Internal Defensive Measures) planning, integration, coordination, and execution.
• Intelligence all-source analysis; Defense Intelligence Analysis Program; intelligence writing and briefing at a senior level is a must
• Strong analytical and research skills with an extensive understanding of classified research tools and websites
• Ability to present analysis to large groups on a regular basis
• Demonstrated expertise using various intelligence and cyber GOTS/COTS analytical tools: Analyst Notebook, Palantir, TAC, M3, HOTR, Sharkseer, SIEM, Pulse, iSpace, etc.
• BA/BS degree in Information Technology or Information Security, Computer Science, Intelligence Analysis, Cyber Security, or another related field of study, or equivalent 5+ years performing cyber threat intelligence analysis
• Demonstrated understanding of cyber advanced persistent threats, actors, infrastructure, and TTPs
• Understanding of defensive cyber operations to include incident response
• Analyst experience in any Federal Cyber Center (NCTOC, IC-SCC, Cyber Command, CNMF, CPT, JFHQ-Cyber, NCIJTF, DHS US CERT) or Corporate CIRT
• Certifications: One or more DoD 8570 Requirement certifications: Security+, CISSP, CASP, CEH, GCIA, GCIH
• Produce and disseminate all-source integrated intelligence analysis to support DODIN and defensive cyberspace operations (DODIN/DCO-internal Defensive Measures) planning, integration, coordination, and execution. Assist in analyzing ongoing threat related activities and information targeting the DODIN and develop Joint Intelligence Preparation of the Operational Environment (JIPOE). Make recommendations for JFHQ-DODIN action to protect the DODIN.
• Provide all-source analytical support to DODIN/DCO to include production of cyber related Intelligence Estimates.
• Produce special reports and assessments related to specific incidents and trends concerning threats to the DODIN as required.
• Conduct analysis to identify indications of adversary activity and warn (Indications and Warning) leaders of potential threats, cyber developments, events or conditions that may adversely affect the DODIN; advising leaders in order to proactively confront emerging challenges, leverage opportunities, avoid surprise and produce strategic outcomes favorable to the U.S. or allied interests.
• Respond to the J2 for threat identification of activity directed against DoD systems.
• Evaluate international events, all-source and open-source intelligence, and operational information to assist in the assessment of potential impacts to the DODIN and alert the JFHQ-DODIN Staff and Leadership to potential network exploitation or attacks. Using these techniques and taking advantage of web-based research tools, match potential threat candidates with identified activity, produce reports and/or briefs, and make intelligence-derived recommendations to the J2/J3 for the defense of the affected network
• Develop and present in-depth intelligence briefings and presentations concerning nation-state and non-state actor capabilities and activities, specific actor profiles, and incidents affecting DoD communications networks.
• Assist the J2 in the management of daily intelligence reports and bulletins and web sites on the classified networks.
• Maintain communications as directed by the J2, with intelligence representatives at JFHQ-DODIN, Service components, other Combatant Commands, Department of Homeland Security, National Infrastructure Protection Center (NIPC), Intelligence Community, Joint Staff J2/JCS, DODIN service providers, and other organizations as designated.
Qualifications Requires Bachelor¿s degree or equivalent and seven to nine years of related experience. Minimum of three years experience in technology/tools specific to the target platforms.