Cyber Threat Intelligence Analyst - GDIT (linthicum, maryland) in Baltimore, Maryland For Sale

General Dynamics Information Technology has an opening for a Cyber Threat Intelligence Analyst working at the Defense Cyber Crime Center located in LInthicum; MD. This is an exciting dynamic position analyzing and writing reports for the wider Intelligence and Law Enforcement communities.Required Skills:: BA/BS degree in Information Technology or Information Security; Computer Science; Intelligence Studies; Cyber Security or another related field of study or equivalent 3+ years performing technical cyber threat intelligence analysis.: Strong technical skills proficiency in the following areas: network communication using TCP/IP protocols; basic system administration; basic understanding of malware (malware communication; installation; malware types); intermediate knowledge of computer network defense operations (proxy; firewall; IDS/IPS; router/switch) and open source information collection. Candidate must have a thorough understanding of Domain Name Service records.: Strong knowledge of Cyber Threat Intelligence principles to include indicators of compromise (IOC) types; indicator pivoting and indicator attribution strength.: Strong understanding of US Intelligence Community and how cyber intelligence organizations work together for purposes of conducting cyber threat analysis: Strong proficiency and recent experience (last 3 years) performing NETFLOW and PCAP analysis using common analysis tools (Wireshark; Splunk; ChopShop; Dshell; Network Miner; Moloch; etc). Candidate must be strongly proficient at sessionizing PCAP data; identifying and decoding protocols; extracting files; and applying standard filters such as Berkley Packet Filter (BPF).: Strong proficiency Report writing : a technical writing sample and technical editing test will be required if the candidate has no prior published intelligence analysis reporting: Strong or Intermediate ability formal intelligence analysis methods; develop hypothesis; prove/disprove relationships; always ask why; defend your analysis; and Apply below nowtribution to cyber threat activity. Candidate must be able to make confidence:based assessments for purposes of attribution based on their technical analysis of network traffic; multi:source data; malware and system forensic analysis. Candidate must be able to identify analytic bias.: Intermediate ability to build intrusion related data visualizations and perform analysis (i.e.; using I2 Analyst Notebook; Netviz; Palantir; etc): Intermediate ability to present technical information and analysis to groups up to 50 persons on a quarterly basis. Candidate will be required to brief smaller groups up to 10 persons on a weekly basis.: Self:starter with the ability to proactively engage and develop relationships with intrusion set subject matter experts and analyst counterparts across the US Intelligence and Law Enforcement communitiesDesired Skills:: Chinese Mandarin language; ILR 3/3 level of general proficiency (or equivalent certified language training standard) with a test date in the last 3 years: Formal training as an intelligence analyst in any discipline graduate of US Govt intelligence analysis course: CAC; IBC; Kent School; IC 101; Analysis 101; Army; Navy; Air Force; etc: Experience applying Kill Chain analysis; Cyber Intelligence Preparation of the Environment (CIPE) modeling; or Diamond modeling of cyber threat activity: Certifications (any): CISSP; CEH; Security+; SANS certification(s); Network+; CCNA : Advanced NETFLOW and PCAP Analysis : Advanced Data Visualization proficiency leveraging COTS/GOTS tools: Technical Skills proficiency: Python language; encryption technologies/standards : Intermediate malware analysis or digital computer forensics experience : Any type of Cyber related Law Enforcement or Counterintelligence experience : Existing Subject Matter Expert of Advanced Persistent Threat activity: Experience using COTS/Open Source tools: Novetta Cyber Analytics; Mitre ChopShop and/or ARL DSHELL: Analyst experience in
Source: http://www.tiptopjob.com/jobs/xxxxxxxx_job.asp?source=backpage