Support PDF,DOC,DOCX,TXT,XLS,WPD,HTM,HTML fils up to 5MB
Years of Experience
Date Last Verified
ProfileSenior Cyber Intelligence Analyst The candidate will author tactical and operational cyber threat reports that detail specific threats to the Defense Industrial Base for DIB and Government partners. Should have a strong background tracking Advanced Persistent Threat (APT) activity and be able to mix traditional intelligence analysis with a modern cyber focus. Products ultimately contribute to the CND effort executed by network defenders. Must have Bachelor's degree in a related specialized area or field or the equivalent is required plus 5+ years of relevant experience; or Master's degree plus 3+ years of relevant experience. Should have BA/BS degree in Information Technology or Information Security, Computer Science, Intelligence Studies, Cyber Security or another related field of study or equivalent 3+ years performing technical cyber threat intelligence analysis. Strong technical skills proficiency in the following areas: network communication using TCP/IP protocols, basic system administration, basic understanding of malware (malware communication, installation, malware types), intermediate knowledge of computer network defense operations (proxy, firewall, IDS/IPS, router/switch) and open source information collection. Candidate must have a thorough understanding of Domain Name Service records. Must have strong knowledge of Cyber Threat Intelligence principles to include indicators of compromise (IOC) types, indicator pivoting and indicator attribution strength. Strong understanding of US Intelligence Community and how cyber intelligence organizations work together for purposes of conducting cyber threat analysis is required. Must have strong proficiency and recent experience (within last 3 years) performing NETFLOW and PCAP analysis using common analysis tools (examples include Wireshark, Splunk, ChopShop, Dshell, Network Miner, Moloch, etc). Must be strongly proficient at sessionizing PCAP data, identifying and decoding protocols, extracting files, and applying standard filters such as Berkley Packet Filter (BPF). Strong proficiency Report writing - a technical writing sample and technical editing test will be required if the candidate has no prior published intelligence analysis reporting. Should have strong or Intermediate ability to apply formal intelligence analysis methods, develop hypothesis, prove/disprove relationships, always ask why, defend your analysis, and apply attribution to cyber threat activity. Must be able to make confidence-based assessments for purposes of attribution based on their technical analysis of network traffic, multi-source data, malware and system forensic analysis. Candidate must be able to identify analytic bias. Intermediate ability to build intrusion related data visualizations and perform analysis (i.e., using I2 Analyst Notebook, Netviz, Palantir, etc) is needed. Intermediate ability to present technical information and analysis to groups up to 50 persons on a quarterly basis is needed. Candidate will be required to brief smaller groups up to 10 persons on a weekly basis. Should preferably have chinese Mandarin language, ILR 3/3 level of general proficiency (or equivalent certified language training standard) with a test date in the last 3 years. Formal training as an intelligence analyst in any discipline graduate of US Govt intelligence analysis course: CAC, IBC, Kent School, IC 101, Analysis 101, Army, Navy, Air Force, etc is required. Experience applying Kill Chain analysis, Cyber Intelligence Preparation of the Environment (CIPE) modeling, or Diamond modeling of cyber threat activity is a plus. Certifications (any): CISSP, CEH, Security+, SANS certification(s), Network+, CCNA are preferred. Advanced NETFLOW and PCAP Analysis is a plus. Advanced Data Visualization proficiency leveraging COTS/GOTS tools is preferred. Technical Skills proficiency: Python language, encryption technologies/standards are a plus. Intermediate malware analysis or digital computer forensics experience is preferred. Any type of Cyber related Law Enforcement or Counterintelligence experience is desired. Existing Subject Matter Expert of Advanced Persistent Threat activity is preferred. Experience using COTS/Open Source tools: Novetta Cyber Analytics, Mitre ChopShop and/or ARL DSHELL is desired. 18-22 years of professional experience without a degree; or 10-14 years of professional experience with a Bachelors degree from an accredited college in a related discipline, or equivalent experience/combined education; or 8-12 years of professional experience with a related Masters degree; or 4 years of professional experience required with a related PhD or JD degree; Considered an emerging authority / authority in discipline.
General Dynamics Mission Systems
1190 Winterson Rd 300
Linthicum, MD 21090