Senior Cyber Threat Analyst
Job ID: 466407BR
Date posted: Jan. 08, 2019
Description:The selected candidate will serve Program Analyst/Cyber Threat Analyst at the Defense Cyber Crime Center - Analytical Group (DC3-AG) in Linthicum, MD. The candidate will use their experience, knowledge, and analytical skills to support the Joint Acquisition Protection and Exploitation Cell (JAPEC) effort. The candidate will perform analytical research in a team environment focused on cyber threat actors/activity, author and review intelligence products by applying technical expertise, while also consulting and making recommendations for new solutions to cyber analytical issues as needed. Additionally, the candidate will be expected to collaborate with analysts from DC3-AG, analysts and JAPEC stakeholders outside of DC3, various other Intelligence Community agencies, and other Defense Criminal Investigative Organizations (AFOSI, CID, DCIS) on a regular basis. The candidate will rely heavily on their experience serving in past intelligence analyst roles in DoD, Computer Network Operations, Law Enforcement/Counterintelligence, or Intelligence Community mission focused organizations. The selected candidate should be comfortable writing documents up to 30 pages in length.
Only candidates with a current TS/SCI clearance will be considered.
Candidates with CI Poly preferred, but not necessary to start
• BA/BS degree in Information Technology or Information Security, Computer Science, Intelligence Studies, Cyber Security or another related field of study or equivalent 3+ years performing technical cyber threat intelligence analysis.
• Strong knowledge of general intelligence analysis principles governing the collection and evaluation of raw intelligence as well as the production and publication of finished intelligence
• Strong knowledge of all-source intelligence and analysis processes
• Strong ability to provide analysis supporting assessments of the overall impact of data loss on current and future USAF weapons programs, scientific and research projects, and warfighting capabilities (in accordance with guidance as set forth in Air Force Instruction 33-200)
• Strong knowledge of Cyber Threat Intelligence (CTI) principles to include indicators of compromise (IOC) types, indicator pivoting and indicator attribution strength
• Strong understanding of US Intelligence Community and how cyber intelligence organizations work together for purposes of conducting cyber threat analysis
• Strong proficiency in intelligence report writing for DoD and USIC consumers
• Intermediate ability to present technical information and analysis to groups (Candidate will be required to brief up to 50 persons on a quarterly basis and smaller groups of up to 10 persons on a weekly basis)
• Strong ability to conduct Incident Report Analysis on incidents reported under applicable DFARS procedures
• Strong familiarity with threats and vulnerabilities to supply chain, and a deep understanding of the damage assessment process, specifically regarding data compromised as a result of adversary intrusions into contractor networks
• Strong or Intermediate ability to apply formal intelligence analysis methods, develop hypothesis, prove/disprove relationships, always ask why, defend your analysis, and apply attribution to cyber threat activity. Candidate must be able to make confidence-based assessments for purposes of attribution based on their technical analysis of network traffic, multi-source data, malware and system forensic analysis. Candidate must be able to identify analytic bias.
• Self-starter with the ability to proactively engage and develop relationships with intrusion set subject matter experts and analyst counterparts across the US Intelligence and Law Enforcement communities
• Familiarity with DoD Damage Assessment Management Office (DAMO) Program guiding documents and mission (DFARS Procedures, Guidance, and Information (PGI) 204.7303-4 DoD damage assessment activities)
• Ability to correlate data and research using open source repositories (ex. VirusTotal, Domaintools, Threatminer, etc.)
• Background supporting USAF or DoD intelligence analysis components
• Existing Subject Matter Expert of Advanced Persistent Threat activity
• Formal training as an intelligence analyst in any discipline – graduate of US Govt intelligence analysis course: CAC, IBC, Kent School, IC 101, Analysis 101, Army, Navy, Air Force, etc
• Certifications (any): CISSP, CEH, Security+, SANS certification(s), Network+, CCNA
• Advanced Data Visualization proficiency leveraging COTS/GOTS tools
• Any type of Cyber related Law Enforcement or Counterintelligence experience
• Analyst experience in a Federal Cyber Center or corporate computer incident response team
Lockheed Martin is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.
As a leading technology innovation company, Lockheed Martin’s vast team works with partners around the world to bring proven performance to our customers’ toughest challenges. Lockheed Martin has employees based in many states throughout the U.S., and Internationally, with business locations in many nations and territories.
Join us at Lockheed Martin, where we’re engineering a better tomorrow.
Experience Level: Experienced Professional
Business Unit: ESS6500 RMS
Relocation Available: No
Career Area: Intelligence Analysis
Clearance Level: TS/SCI
Type: Task Order/IDIQ
Virtual Location: no
Work Schedule: TEMPO: 5X8 - 5 days/wk 8 hrs/day (Flex & Rigid)