4 years of direct and relevant experience in technical analysis with preferable experience in network traffic and log analysis in the field of counterintelligence and data mining.
The candidate must have a thorough knowledge of IP/IO threats to the Air Force and the DoD computer network attack and exploitation techniques, computer-based intrusions, and incident response and investigation.
Effective verbal and written communication techniques to produce command and national products, present briefings at national agency and military service levels, present and argue for a position effectively and to participate in DoD and intelligence community working groups
Directing the use of specialized technical tools to conduct complex directed searches, link analysis and temporal and spatial analysis patterns of activity.
Develop and project data, draw conclusions and estimate probabilities based upon knowledge of current and past intelligence situations and a thorough understanding of the significance of the conditions and threats, at times, under conditions of urgency.
Present findings and recommendations to superiors and policy makers.
Collect, interpret and review unclassified and classified intelligence community generated reports, analytical assessments and other intelligence products in order to assess the relevance and significance of developments in their assigned area of responsibility.
Assess information obtained on the basis of reliability and credibility of the source, the existence of corroborating intelligence and the significance of the information.
Produce counterintelligence products, from research and analysis, from which senior commanders and leaders can base decisions and allocate resources.
Conducts focused analysis of especially complex and unusual issues to evaluate the significance of the information collected, extract and further disseminate relevant counterintelligence and threat information, identify operational opportunities and leads, providing guidance to case agents and coordinate actions within the intelligence and law enforcement communities.
Preferred Certifications and Training:
Possess industry certifications that demonstrate proficiency in technical analysis, cybersecurity, intrusion detection and threat hunting principles.