baltimoreprogrammer | Cyber Intel Analyst Stf in Reisterstown, MD

Cyber Intel Analyst Stf

  • Lockheed Martin
  • $107,240.00 - 160,420.00 / Year *
  • 4360 Butler Rd
  • Reisterstown, MD 21136
  • Full-Time
save job button



Description:At Lockheed Martin Rotary and Mission Systems, Cyber Solutions, we are driven by innovation and integrity. The selected candidate will serve as a cyber intelligence analyst within the Defense Cyber Crime Center (DC3) Analytical Group. The analyst provides the customer with expertise in Intelligence sources, collection methods and analytic techniques. The analyst collaborates among interagency partners to identify malicious activity and provide analytic support to LE/CI investigations and operations. The analyst performs analysis on existing and emerging advanced persistent threat organizations, actors, and malware.Ideal candidate is an experienced cyber intelligence analyst or law enforcement/counterintelligence (LE/CI) analyst or agent, who has applied their mastery of cyber threat intelligence, intelligence analysis techniques, and sources and methods to produce high quality analysis products for the last 5 years.Only candidates with a current TS/SCI clearance will be considered.Candidates with CI Poly preferred, but not necessary to start.Basic Qualifications: BA/BS degree in Information Technology or Information Security, Computer Science, Intelligence Studies, Cyber Security or another related field of study or equivalent 3+ years performing technical cyber threat intelligence analysis. Strong technical skills proficiency in the following areas: network communication using TCP/IP protocols, basic system administration, basic understanding of malware (malware communication, installation, malware types), intermediate knowledge of computer network defense operations (proxy, firewall, IDS/IPS, router/switch) and open source information collection. Candidate must have a thorough understanding of Domain Name Service records. Strong knowledge of Cyber Threat Intelligence principles to include indicators of compromise (IOC) types, indicator pivoting and indicator attribution strength. Strong understanding of US Intelligence Community and how cyber intelligence organizations work together for purposes of conducting cyber threat analysis Strong proficiency hunting APT data using open source cyber threat analytic tools or data repositories such as VirusTotal, Passive Total, Threat Miner, or Maltego Strong proficiency and recent experience (within last 3 years) performing NETFLOW and PCAP analysis using common analysis tools (examples include Wireshark, Splunk, ChopShop, Dshell, Network Miner, Moloch, etc). Candidate must be strongly proficient at sessionizing PCAP data, identifying and decoding protocols, extracting files, and applying standard filters such as Berkley Packet Filter (BPF). Strong proficiency Report writing - a technical writing sample and technical editing test will be required if the candidate has no prior published intelligence analysis reporting Strong or Intermediate ability to apply formal intelligence analysis methods, develop hypothesis, prove/disprove relationships, always ask why, defend your analysis, and apply attribution to cyber threat activity. Candidate must be able to make confidence-based assessments for purposes of attribution based on their technical analysis of network traffic, multi-source data, malware and system forensic analysis. Candidate must be able to identify analytic bias. Intermediate ability to build intrusion related data visualizations and perform analysis (i.e., using I2 Analyst Notebook, Netviz, Palantir, etc) Intermediate ability to present technical information and analysis to groups up to 50 persons on a quarterly basis. Candidate will be required to brief smaller groups up to 10 persons on a weekly basis. Self-starter with the ability to proactively engage and develop relationships with intrusion set subject matter experts and analyst counterparts across the US Intelligence and Law Enforcement communities Cyber intelligence analysis experience focusing on Eurasia or the \"near abroad\" preferred.Desired Skills: Existing Subject Matter Expert on Advanced Persistent Threat (APT) actors/activity Familiarity with / experience researching Secure Sockets Layer (SSL) certificates and IP Geolocation Experience applying Kill Chain analysis, Cyber Intelligence Preparation of the Environment (CIPE) modeling, or Diamond modeling of cyber threat activity Certifications (any): CISSP, CEH, Network+, CCNA, Security+, SANS certification(s) such as GPEN or GCIH Advanced NETFLOW and PCAP Analysis Advanced Data Visualization proficiency leveraging COTS/GOTS tools Technical Skills proficiency: Python language, encryption technologies/standards Intermediate malware analysis or digital computer forensics experience Any type of Cyber related Law Enforcement or Counterintelligence experience Experience using COTS/Open Source tools: Novetta Cyber Analytics, Mitre ChopShop and/or ARL DSHELL Analyst experience in Federal Cyber Center, NSA, or Corporate CIRT Formal training as an intelligence analyst in any discipline graduate of US Govt intelligence analysis course: CAC, IBC, Kent School, IC 101, Analysis 101, Army, Navy, Air Force, etc
Associated topics: infrastructure, network, operating system, sccm, scom, scom sccm, server, system center operations manager, tcp, tcp ip


* The salary listed in the header is an estimate based on salary data for similar jobs in the same area. Salary or compensation data found in the job description is accurate.