Cyber Threat Analyst

Job Title: Cyber Threat Analyst
Department: Cyberspace Operations
 

Job Skills / Requirements
• Monitor closed and open-source intelligence daily for early warning intelligence of severe vulnerabilities, zero days, or likely threat actor targeting of organization domains;
• Provide concise, time-relative Situational Awareness Reports (SARs) to operations personnel and organization stakeholders based on daily closed and open-source monitoring activities and generated Warning Intelligence on a recurring basis;
• Provide mitigation recommendations and detection support across multiple layers of the defense-in-depth model;
• Collect, maintain, and fuse data gathered from all intelligence sources (closed, open, internally generated, and commercially provided) on a continuous basis;
• Create, update, and maintain threat models that incorporate knowledge of cyber terrain (mission, critical assets, industry supported, attack surface, network and domain footprint, and attack/intrusion history);
• Use common Warning Intelligence techniques (diamond model, LH&M kill chain, and MITRE ATT&K) to generate and maintain historical tactics, techniques and protocols(TTPs), historical infrastructure, and recent activity for significant threat actors/groups;
• Create and maintain a heat map of active adversarial campaigns against DREN/SDREN relevant terrain to be briefed quarterly to Government management and stakeholders;
• Continually perform cyber hunt activities for threat actors/groups within DREN/SDREN relevant terrain. The contractor shall work closely with Detect personnel to ensure timely reporting and tracking potential incidents;


Job Requirements

Is there a certification requirement(s)?: Yes
If yes, please list requirement(s)
IAT II or higher (e.g., CCNA Security, CySA+, GICSP, GSEC, Security+, or SSCP)
AND
CSSP Analyst (i.e., CEH, CFR, CCNA Cyber Ops, CySA+, GCIA, GCIH, GICSP, or SCYBER)

Is there an education requirement?: Yes
If yes, please list requirement(s)
Bachelor's Degree in Computer Science, Engeneering, IT, Cybersecurity or related technical field.

At CSIOS, we are committed to working collaboratively with public, private, academic, and international partners and allies to not only secure cyberspace and America’s cyber assets but to also help our customers achieve and sustain both information and cyberspace superiority through a full range of defensive and offensive cyberspace operation services.

Our Offensive Cyberspace Operations services are designed to project power by the application of force in or through cyberspace. Offensive Cyberspace Operations services are comprised of two functions: information gathering (or cyber exploitations) and cyber attacks. Cyber exploitations are methods by which information is gathered in and through cyberspace. Cyber attacks consist of operations through the use of information networks to disrupt, deny, degrade, or destroy information residing in computers and computer networks or the computers and networks themselves.

Our Defensive Cyberspace Operations services are designed to support passive and active cyberspace operations intended to preserve the ability to utilize friendly cyberspace capabilities and protect data, networks, net–centric capabilities, and other designated systems. Defensive Cyberspace Operations consist of technical and non–technical actions taken to protect, monitor, analyze, detect, and respond to unauthorized activity within information systems and networks.