Construction Jobs

GeneralConstructionJobs.com is For Sale. Please contact 877-562-2627 ext. 701 for details


Job: 20-041 SME II Cyber Threat Intelligence Analyst II (CTI-A II) SIGINT / GEO, Systems Application & Technologies Inc, Fort Meade, MD

General Information


Job title:
20-041 SME II Cyber Threat Intelligence Analyst II (CTI-A II) SIGINT / GEO
Job location:
Fort Meade, MD  20755 United States
Requisition code:
Date posted:
05/12/2020
Job type:
Full-Time
Compensation:
Job Category:
Architecture

Job Description


Work Location: Fort Meade MD

Roles & Responsibilities: Full Time Exempt position


The SME CTI-A II serves as a Cybersecurity functional expert in support of DOT&E mission for OT&E of Cybersecurity and Electromagnetic activities interests, policy, procedures, methodologies, capability needs and resourcing, Cybersecurity Assessment Program (CAP) evaluations in Joint and Service Training exercises and related subject matter expertise. This position will be primarily data mining and supporting threat TTP identification and analysis.


Must have a sound foundation and advanced knowledge of Information Assurance policy, compliance requirements and related measures including but not limited to Protect, Detect, React, Restore and Resilience metrics.

Must be competent in the application of Cybersecurity T&E Guidebook procedures to all network, C4ISR, weapons platforms, etc. from Sensor to Shooter.

Must be able to apply the six phases of the Guidebook to new acquisition programs and legacy systems.


These phases include:

Understand the Cybersecurity Requirements, Characterize the Attack Surface, Cooperative Vulnerability Identification, Adversarial Cybersecurity DT&E, Cooperative Vulnerability and Penetration Assessment [OOT&E], Adversarial Assessment [OT&E]. A particular appreciation of mission impacts identified is essential. Experience must include knowledge of Blue, Grey, and Red Threat and Network environments. Must have experience in translating customer weapon system requirements to Cybersecurity T&E plans and measures. Practiced familiarity with integration of emerging cybersecurity technologies into multiple systems, penetration testing, cyber forensics, system security engineering, and vulnerability mitigation strategies to reduce advanced persistent cyber-attack risk is desirable as well.


Core Competencies:


Applicant shall possess strong problem-solving, analytical, communication and interpersonal skills and have solid knowledge or experience in several of the following areas:

• Versed in Cyber Threat Actor Tactics, Techniques and Procedures (TTPs)

• Conduct trending and correlation of various cyber intelligence sources for the purposes of indicator collection, shifts in TTPs, attribution and establishing countermeasures to increase cyber resiliency.

• Deep understanding of Cyber Kill Chain and applicable analytic models such the Diamond Model

• Data mining that supports threat assessment development

• Development analytical products and reports

• Network and Internetwork Routing - Domain Name System protocol and architecture

• How an Antivirus program works

• How an Intrusion Detection System works

• How exploitation, implants, and beacons work

• Building effective communications to explain complex technical information to wider audiences

• Effective writing skills


Work Conditions:

Work and operate in a TS/SCI and SAP/SAR environment - (Sensitive Compartmented Information Facility (SCIF))

Normal work days are Monday thru Friday. Office hours are typically 8am-5pm.

Travel < 20%.


Education/Experience/Skills:

  • Bachelor's degree plus 3 years of relevant experience; Master's degree plus 1 year of relevant experience; Doctoral degree and no experience. A high school diploma or GED plus 7 years of relevant experience, or an Associate's degree plus 5 years of relevant experience may be considered for individuals with in-depth experience that is clearly related to the position.
  • Degree in a liberal arts field (e.g., English, History, Communications, Languages and Cultures, International Relations, and Political Science) is preferred, but a degree in any field is acceptable. Relevant experience must be in threat, intelligence, or traffic analysis (preferably in the military or IC).
  • Experience in multi-source or technical threat analysis (e.g., SIGINT, ELINT, FISINT, Open-Source, and Geospatial) is preferred. Basic coding in scripting languages such as Python, R, or Ruby
  • Calculating statistical significance and principle component analyses
  • Basic Scripting for the GHOSTMACHINE environment
  • Leveraging LABBENCH + Jupyter to interface with GMAE - TCP/IP: three-way hand-shake, reconstruction
  • One of the following certifications: GCED, GCIA, GCFA, GPEN, GWAPT, GCFE, GREM, GXPN, GMON, GCIH, CCFP, CCSP, CISSP, CSIH, CHFI, LPT, ECSA, OSCP, OSCE, OSWP, OSEE, EnCE
  • Current Driver License.
  • U.S. Citizenship.
  • Must Currently Possess Top Secret/SCI
  • All candidates will be required to pass a consumer report and/or consumer investigation to include SSN, Driver Record, Credit, and Criminal Background Investigation.

All responses will be handled with strict confidentiality.

Systems Application & Technologies, Inc. is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.



PM19

.

Requirements:




PI120210238
(Job number: 3901201)
Do you know someone who would be interested in this job?   Tell them about it.