43.27-79.33 per hour | Linthicum Heights, MD, USA | Hourly | Intelligence Analysts | Full Time

FUTURE NEED - Not a current vacancy. If you apply, this could be a multi-year process.

Location: Linthicum, MD

Description:

Please note this is not a cybersecurity or systems engineer position. The selected candidate will serve as a cyber intelligence analyst and must have relevant experience as such (see below for requirements). The selected candidate will serve as a cyber intelligence analyst. The analyst provides the customer with expertise in Intelligence sources, collection methods and analytic techniques. The analyst collaborates among internal partners to identify malicious activity and provide analytic support to the investigation and operation groups. The analyst performs analysis on existing and emerging APT organizations, actors, and malware.

Ideal candidate has experience with cyber intelligence analysis or law enforcement/counterintelligence analysis, and has applied their mastery of cyber threat intelligence, intelligence analysis techniques, sources and methods to produce high quality analysis products.

Requirements:

• Must be a US Citizen with a SECRET security clearance (no exceptions)

• Must hold a BA/BS degree in Information Technology or Information Security, Computer Science, Intelligence Studies, Cyber Security or another related field of study or equivalent 3+ years performing technical cyber threat intelligence analysis.

• Must have minimum 1 year of related Cyber Intel experience outside of a classroom setting (no exceptions)

• Must have strong technical skills proficiency in the following areas: network communication using TCP/IP protocols, basic system administration, basic understanding of malware (malware communication, installation, malware types), intermediate knowledge of computer network defense ops (proxy, firewall, IDS/IPS, router/switch) and open source information collection.

• Must have knowledge of Cyber Threat Intelligence principles to include indicators of compromise types, indicator pivoting and indicator attribution strength.

• Must have an understanding of IC and how those cyber organizations work together for purposes of conducting cyber threat analysis .

• Must have strong technical report writing skills.

• Must have the ability to apply formal intelligence analysis methods, develop hypothesis, prove/disprove relationships, always ask why, defend your analysis, and apply attribution to cyber threat activity. Candidate must be able to make confidence-based assessments for purposes of attribution based on their technical analysis of network traffic, multi-source data, malware and system forensic analysis. Candidate must be able to identify analytic bias.

• Must have recent experience or familiarity with open source cyber intelligence research tools including, but not limited to, VirusTotal, PassiveTotal, Domain Tools, AlienVault Open Threat Exchange, Threat Connect, URLScan.io, and MXToolbox.

• Must have the ability to build intrusion related data visualizations and perform analysis (i.e., using I2 Analyst Notebook, Netviz, Palantir, etc)

• Ability to present technical information and analysis to professionals and peers on a regular basis.

• Must have the ability to proactively engage and develop relationships with intrusion set subject matter experts.

  Desired Skills:

• Mandarin or Russian language skills

• Formal training as an intelligence analyst in any discipline

• Graduate of US Govt intelligence analysis course: CAC, IBC, Kent School, IC 101, Analysis 101, Army, Navy, Air Force, etc

• Experience applying Kill Chain analysis, Cyber Intelligence Preparation of the Environment modeling, or Diamond modeling of cyber threat activity

• Recent experience performing NETFLOW and PCAP analysis using common analysis tools (examples include Wireshark, Splunk, ChopShop, Dshell, Network Miner, Moloch, etc).

• Should be proficient at sessionizing PCAP data, identifying and decoding protocols, extracting files, and applying standard filters such as Berkley Packet Filter (BPF).

• Certifications (any): CISSP, CEH, Security+, SANS certification(s), Network+, CCNA

• Advanced NETFLOW and PCAP Analysis

• Advanced Data Visualization proficiency leveraging COTS/GOTS tools

• Technical Skills proficiency: Python language, encryption technologies/standards

• Intermediate malware analysis or digital computer forensics experience

• Any type of Cyber related Law Enforcement or Counterintelligence experience

• Existing Subject Matter Expert of Advanced Persistent Threat activity

• Experience using COTS/Open Source tools: Novetta Cyber Analytics, Mitre ChopShop and/or ARL DSHELL

• Analyst experience in the IC

  Benefits:

• Mission focused work environment

• Subsidized medical/dental/vision insurance

• HSA contributions

• 401k matching

• Holiday and Paid Time Off (PTO)

• Monthly WAN parties & quarterly events

• Flexible hours

  Remote work is not an option. We do offer relocation assistance. Please see our careers page or inquire with your recruiter about the terms and conditions.

  Salary and other Compensation:

  The hourly pay range for this position is $43.27 - $79.33

  The salary range for this position is subject not only to the hire's skills, education, expertise, and years of experience, but also to features of the final position offered to the hire: including, but not limited to the location of the position, clearance required for the position, and the contract associated with the position. See our Perks & Benefits page for a general description of benefits and other potential compensation benefits: https://www.ciphertechsolutions.com/careers/perks-benefits/

  About Us:

  At Cipher Tech Solutions, Inc. (Cipher Tech), we take great pride in supporting some of the most mission critical work in the Department of Defense and the Intelligence Community. The majority of our company is comprised of extremely talented software developers who write production tools which directly support one of two missions: digital forensics and malware reverse engineering.

  Digital forensics is the practice of extracting and processing evidence from computers, phones, tablets, cameras, flash-drives, and just about any other form of digital media. The results of our work are then used to support federal and military law enforcement, counterintelligence, and counter terrorist activities.

  Malware reverse engineering is the practice of analyzing malicious code. The goal of a reverse engineer is to understand how the malicious code works and determine facts such as:

  • How did it infect the victim's computer *What kind of information it is seeking to steal *How is it communicating with the author (actor) *Who that actor might be.

    Vaccination Notice:

  Please be aware that you are applying for a position to work as a federal contractor. As such, Cipher Tech will require, and your employment will be subject to, such vaccinations as are required by federal, state, and local law requirements.

  Important Security Clearance Information:

  Be aware that you are applying for a job that requires a U.S. Government Security Clearance.

  The U.S. government will not issue security clearances to recent users of illegal drugs. On your application to us, you must acknowledge that you have not engaged in any illegal drug use within the past twelve months (illegal drug use includes, but is not limited to, the use of illegal substances, the misuse of prescriptions, the misuse of over-the-counter substances, and the use of medical or recreational marijuana that may be deemed legal at the state level but is still considered illegal by the federal government). NOTE: CIPHER TECH WILL NOT DISCRIMINATE AGAINST ANY QUALIFIED APPLICANTS WITH A DISABILITY, INCLUDING ILLEGAL DRUG USERS WHO HAVE RECENTLY SOUGHT PROFESSIONAL TREATMENT FOR A DRUG PROBLEM.

  Commitment to Diversity & Inclusion:

  Cipher Tech is an Equal Opportunity and Affirmative Action Employer. We value diversity and inclusion, not only for the sake of compliance, but also because diversity of thought drives progress and improves performance. All hiring and employment decisions are made on the basis of business requirements, performance, and merit-with no regard to race, color, religion, sexual orientation, gender, gender identity, national origin, or other protected status .

  All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity or national origin.