Cyber Intelligence Threat Analyst
Cyber Intelligence Threat Analyst
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Responsibilities
Peraton is currently seeking an experienced Cyber Intelligence Threat Analyst to join our team in support of the U.S. Army Europe Regional Cyber Center (RCCE).
Location: Wiesbaden Germany.
In this role you will be:
- Working as an expert conduct research and evaluate audit data with specific emphasis on network operations and cyber warfare tactics techniques and procedures focused on the threat to networked weapons platforms and US DoD information networks.
- Analyze host and network events to determine the impact on current operations.
- Conduct research to determine advisory capability and develop analytics based on indicators of compromise to leverage the SIEM.
- Execute hunt missions for various threat actors to determine the risk to the DoD information network and recommend mitigations to reduce the attack surface.
- Prepare assessments and cyber threat reports of current events based on the research and analysis of classified and opensource information.
- Correlate threat data from various sources.
- Develop and maintain analytical procedures to meet changing requirements and ensure maximum operations.
- Produce highquality papers presentations recommendations and findings for senior U.S. government intelligence and network operations officials.
Qualifications
Required:
- Minimum of 5 years experience in Cyber Systems Engineering with a Bachelors degree in a STEM field or Business Administration; an additional 4 years of experience in lieu of degree may be considered.
- Must be able to qualify for technical expert status accreditation (TESA) by having a bachelors degree in a STEM field or Business Administration plus 3 years of specialized experience OR an associates degree plus 7 years of specialized experience OR a major certification plus 7 years of specialized experience.
- Active DoD Approved 8140 Certification (DCWF: 541 S. or CISA CISM GCIH GSNA CFR Cloud CYSA GCED GICSP PenTest and 8140 Residential within 90 days of acceptance GNFA GCTI GDSA GCDA GCIH GREM DCITA CIRC FIWE Offensive Security OSDA.
- U.S. citizenship required.
- An Active DoD Top Secret (ICD 706 eligibility) security clearance.
Additional requirements include:
- Must have a full complete and indepth understanding of all aspects of Defensive Cyber Operations.
- Must be fluent in all aspects of government and corporate communications media to include all MS Office products and common task ticketing systems.
- Must have a good breadth of knowledge of common ports and protocols of system and network services.
- Must have the demonstrated ability to communicate with a variety of stakeholders in a variety of formats.
- Proven experience working with Security Information and Event Management (SIEM) tools to create analytics and detect patterns or anomalies.
- Strong understanding of adversary tactics techniques and procedures (TTPs) and the MITRE ATT&CK framework.
- Demonstrated ability to analyze complex software systems identifying functionality intent and potential vulnerabilities.
- Knowledge of network protocols operating systems and cybersecurity principles.
- Experience conducting cyber threat research and presenting findings to technical and nontechnical stakeholders.
- Ability to resolve advanced malware and intrusion issues and design effective countermeasures.
- Contribute to the design development and implementation of countermeasures system integration and tools specific to Cyber and Information Operations.
- Experience with intrusion detection systems such as Snort Suricata and Zeek.
- Strong written and verbal communication skills for preparing technical reports and delivering briefings to leadership and stakeholders.
- Assist all sections of the Cyber Security Service Provider Division as required in performing Analysis and other duties as assigned.
Preferred Qualifications:
- Experience with the Elastic SIEM.
- Experience in packet captures and analyzing a network packet.
- Experience with intrusion detection systems such as Snort Suricata and Zeek.
- Experience with SIEM systems such as Splunk ArcSight or Elastic.
- Experience with Microsoft Windows event IDs.
- Experience with Linux audit log analysis.
- Familiarity with Git and VScode.
- Experience with one or more scripting languages such as PowerShell Bash Python.
- Selfstarter with excellent judgment capable of independent decision making.
Peraton Overview
Peraton is a nextgeneration national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the worlds leading mission capability integrator and transformative enterprise IT provider we deliver trusted highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land sea space air and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day our employees do the cant be done by solving the most daunting challenges facing our customers. Visit peraton to learn how were keeping people around the world safe and secure.
Target Salary Range
EEO
Required Experience:
IC
Employment Type
Full-Time
