JOIN THE TEAM TODAY!
Our reputation is built on the skills and successes of our employees.
Computer Forensic & Intrusion Analyst (Senior)
Learn more about this opportunity below: 7252-DC3II - Computer Forensic & Intrusion Analyst (Senior)
• Comprehensive understanding of APT TTPs and indicators of compromise (IOC)
• Experience performing focused research and analysis to write complete, accurate, relevant and timely cyber threat intelligence reports to support network defense
• Knowledge of Cyber Kill Chain Model, Diamond Model or MITRE ATT&CK
• Understanding of malware functionality, static and dynamic analysis, and ability to identify IOCs, attributes and understanding of signatures
• Ability to create and present compelling briefings to relay relevant cyber threat information to technical and non-technical audiences
• Two to four years SOC experience
• Several years of IC experience
• Expertise with VirusTotal Intelligence, DomainTools Iris
• Industry certifications; GCIA, GCIH, GPEN, GWAPT, GCFA, GREM, GXPN
• Ability to develop Yara or Snort signatures
• Minimum of five years of experience tracking and profiling APT groups
• A working understanding of cyber threat intelligence platforms to collect and correlate cyber threat information
• Deep understanding of operating systems: file structures, processes, services, and application execution
• Experience with basic usage of languages such as , Powershell, Bash for automation and data analysis
• Proficiency with Microsoft Excel and Microsoft PowerPoint to filter, calculate, and display data to make analysis more efficient
The successful candidate will be assigned to the Analysis Division of the Defense Industrial Base (DIB) Collaborative Information Sharing Environment (DCISE) as a Cyber Intelligence Analyst. DCISE Analytics addresses, through narrative analysis and threat warnings, the actual targeting objectives of Advanced Persistent Threat (APT) cyber actors - knowledge of which contributes to the CND effort executed by network defenders. Narrative analysis and threat warnings are captured in reports such as the Cyber Targeting Analysis Report (CTAR), Cyber Targeting Bulletin (CTB), and Partner Notifications (PN). Of note, the analyst's rapid absorption of all-source intelligence information, coupled with identifying the "essence" of the theme for timely product generation, is the basic requirement. Also compatible with the aforementioned attribute, is the ability to write analysis that is succinct but containing the necessary detail, and logically presented. Responsibilities include: conducting all source cyber intelligence analysis with an emphasis on actor technology targeting; producing and disseminating narrative analytic reports (CTARs) to provide risk management assessments supporting the network defenders and INFOSEC managers; generating CTBs and PNs for DIB organizations; creating and presenting cyber threat briefings on APT targeting trends, to conference audiences; acquiring knowledge regarding APT actors and targeting through analyzing all-source intelligence; acquiring knowledge regarding the malicious actor attack phases (or kill chain) tied to cyber incidents; reviewing data from multiple sources to identify and understand actual targeted technologies; collaborating with IC and DIB organizations on APT activities and targeted technologies; and processing and answering Requests for Information (RFIs) from USG and DIB organizations.
Alliant LCAT Description:
Possesses and applies a comprehensive knowledge across key tasks and high impact assignments. Plans and leads major technology assignments. Evaluates performance results and recommends major changes affecting short-term project growth and success. Functions as a technical expert across multiple project assignments. May supervise others.
18-22 years of professional experience without a degree; or 10-14 years of professional experience with a Bachelors degree from an accredited college in a related discipline, or equivalent experience/combined education; or 8-12 years of professional experience with a related Masters degree; or 4 years of professional experience required with a related PhD or JD; Considered an emerging authority / authority in discipline. Consideration should always be given for the level of specific domain expertise.