Threat Analyst Technical Specialist
Data Analytics / Intelligence
Space & Intelligence
This technical leader position supports the intelligence community and related Government, industrial, and academic communities in the areas of intelligence collection and policy and intelligence systems and capabilities; using principles, concepts, and methodologies of intelligence analysis, including, but not limited to, the use of HUMINT and SIGINT methods; developing requirements and methodologies to collect, analyze, manage, and present intelligence in support of cyber investigations and operations; and writing various analytical reports (e. g. , IIRs), serialized intelligence products, and operational cyber threat products). Leads technical efforts and supervises teams supporting intelligence analysis requirements; project management experience. Leading analysts in analyzing data to build threat profiles enabling proactive law enforcement/counterintelligence (LE/CI) cyber operations focused on nation-state threat actors; and implementing or improving operational processes or procedures in the intelligence analysis lifecycle.
Requires 10 to 12 years relevant experience with BS/BA in Information Technology or Information Security, Computer Science, Intelligence Studies, Cybersecurity or related field; or 8 to 10 years with MS/MA; or 5 to 7 years with PhD. 4+ years management or supervisory experienceCurrent TS/SCI security clearance with SCI eligibilityTechnical skills proficiency in the following areas: network communication using TCP/IP protocols, basic system administration, basic understanding of malware (malware communication, installation, malware types), intermediate knowledge of computer network defense operations (proxy, firewall, IDS/IPS, router/switch) and open-source information collection. Candidate must have a thorough understanding of Domain Name Service records. Ability to analyze PCAP data, identifying and decoding protocols, extracting files, and applying standard filters such as Berkley Packet Filter (BPF). Knowledge of Cyber Threat Intelligence principles to include indicators of compromise (IOC) types, indicator pivoting and indicator attribution strength. Understanding of the US Intelligence Community structure and how cyber intelligence organizations work together for purposes of conducting cyber threat analysis. Proficiency writing Intelligence Analysis reports – a technical writing sample may be required if the candidate has no prior record of published intelligence analysis reporting. An innovative mindset. Ability to work under pressure and accomplish tasks on time. Desired Skills: DoD 8570 IAT–Level I certification or above (A+ CE, CCNA-Security, CND, Network+ CE, SSCP) Law enforcement investigation experience and understanding of search and seizure Prior experience working with groups and/or ISACs on cyber threats and intelligence sharing Any relevant certification (CISSP, CEH, Security+, SANS certification(s), Network+, CCNA) Proficiency hunting APT data using open source or commercial cyber threat analytic tools or data repositories such as VirusTotal, Passive Total, Threat Miner, or Maltego. Strong proficiency performing NETFLOW analysis using common analysis tools (Wireshark, Dshell). Strong ability to correlate data and research using open-source repositories (ex. VirusTotal, Domaintools, Threatminer, etc. ) Ability to apply formal intelligence analysis methods, develop hypothesis, prove/disprove relationships, always ask why, defend your analysis, and apply attribution to cyber threat activity. Ability to make confidence-based assessments for purposes of attribution based on their technical analysis of network traffic, multi-source data, malware and system analysis. Candidate must be able to identify analytic bias. Self-starter with the ability to proactively engage and develop relationships with intrusion set subject matter experts and analyst counterparts across the US Intelligence and Law Enforcement communities Intermediate ability to present technical information and analysis to audiences up to 50 persons on a quarterly basis. Familiarity with MITRE ATT&CK, CBEST, and TIBER frameworks. Tool and script development. Programming experience. Ability to grasp complex problems and explain them simplistically. Interest and focus on customer service and quality. Flexibility to complete fast-suspense assignments. Proficiency with data aggregation and visualization tools.
Peraton drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted and highly differentiated national security solutions and technologies that keep people safe and secure. Peraton serves as a valued partner to essential government agencies across the intelligence, space, cyber, defense, civilian, health, and state and local markets. Every day, our employees do the can’t be done, solving the most daunting challenges facing our customers.
Target Salary Range
$146,000 – $234,000. This represents the typical salary range for this position based on experience and other factors.
Peraton / Equal Opportunity Employer / 2023-137429 JBPRT
Top Secret SSBI SCI, CLZTS, SKINT, JBPRT SKUUU, ZC00000 ZCCX