Intrusion Analyst 3

We are looking for an Intrusion Analyst who can function as a TDNA/DNEA in a fast paced, multi-task environment. You will need to be able to pivot quickly to conduct deep network analysis to identify APTs and document TTPs and apply situational awareness of current CND conditions and leverage OSINT to understand current vulnerabilities and exploits. Prior CNO/CND experience conducting cybersecurity incident response is preferred.


The Intrusion Analyst Level 3 shall possess the following capabilities:

• Analyze target digital network data to discover, analyze, and document malicious or unauthorized activity using information collected from a variety of SIGINT and computer network defense resources.


• Analyze metadata collected from tasked communications systems in order to identify, locate, and track targets, and to accurately report the intelligence gained from metadata analysis.


• Categorize traffic as benign, suspicious, or malicious activity; and document malicious tactics, techniques, and procedures (TTPs).


• Develop and implement mitigation strategies.


• Have a network and/or host-based focus.


• Analyst should be able to perform deep network analysis, network anomaly detection, IOC's, and be able to analyze data to discover malicious or unauthorized activity collected from various sources; Familiarity with cybersecurity incident response and CNO experience preferred.

Qualifications:

• Master's degree with 6 years of relevant experience.


• Bachelor's Degree with 8 years of relevant experience.


• Associates degree with 10 years of experience.


• Bachelor's Degree must be in Computer Science, Computer Engineering, Information Systems, or related discipline from accredited college or university.


• Relevant experience must be in malware analysis and programming experience in C, C#, C++, Java, Perl, or Python is preferred.

Certifications Required:

• CISSP, CEH, Sec+, Net+, GIAC GREM and/or CREA Certification is required.

TS/SCI with polygraph is required.