Roles & Responsibilities
The candidate will be responsible for writing documents up to 60 pages in length. The candidate will rely heavily on their experience serving in past roles in Computer Network Operations, Law Enforcement/Counterintelligence, or Intelligence Community mission focused organizations.
Apply their cyber intelligence and Farsi experience to cyber threat intelligence, intelligence analysis techniques, and sources and methods to produce high quality analysis products.
Work with other cyber intelligence analysts or law enforcement/counterintelligence (LE/CI) agents to further develop intelligence threat analysis and reports.Candidate must have a strong analytic writing ability and be able to provide a writing sample demonstrating the ability to produce and edit analytic products. Candidate must have at least 2 years of experience writing intelligence analysis products within the last 5 years. A technical writing sample and technical editing test will be required if the candidate has not previously authored published intelligence analysis products.
Strong ability to apply formal intelligence analysis methods, develop hypotheses, prove/disprove relationships, always ask why, defend your analysis, and apply attribution to cyber threat activity. Candidate must be able to make confidence-based assessments and be able to identify analytic bias.
Provide presentations to groups up to 50 people.
Clearance Required: Active Secret clearance
Required Skills & Experience:
Must have 2 years of intelligence writing experience within the last 5 years.
Candidate must have a strong all-source intelligence or counterintelligence background with 5+ years of experience serving in an analyst or agent role. Pertinent skills or experience include persona development, HUMINT targeting, support to law enforcement or counterintelligence investigations, Open Source Intelligence (OSINT) collection, Social Media/Social Networking analysis.
Candidates must have a high proficiency with the Farsi language. For non-native speakers, a DLPT (or equivalent test) score of R3/L3 or better within the last 4 years is required.
Candidate must have knowledge of cyber terminology, tools, and concepts.
Knowledge of the following areas: network communication using TCP/IP protocols, basic system administration, basic understanding of malware (malware communication, installation, malware types), intermediate knowledge of computer network defense operations (proxy, firewall, IDS/IPS, router/switch, open source information collection. A Security+ certification or equivalent training will satisfy this.
The candidate should have the ability to build intrusion related data visualizations and perform analysis (i.e., using I2 Analyst Notebook, Netviz, Palantir, etc).
Strong understanding of US Intelligence Community and how cyber intelligence organizations work together.
Strong ability to present information and analysis to groups up to 50 persons on a quarterly basis. Candidate will be required to brief smaller groups up to 10 persons on a weekly basis.
Candidate must be a self-starter with the ability to proactively engage and develop relationships with subject matter experts and analyst counterparts across the US Intelligence and Law Enforcement communities.
Master or Bachelors’ degree in related field (BA/BS degree in Information Technology or Information Security, Computer Science, Intelligence analysis, Cyber Security or another related field of study or equivalent years performing cyber threat intelligence analysis) with 15 years of experience with Bachelors, or 11 years of professional experience with a related Master’s degree.
Experience building persona development products within the LE/CI or Intelligence Community.
Expertise in assessing sources using the PAMSSA method.
Formal training as an intelligence analyst in any discipline – graduate of USG intelligence analysis course: CAC, IBC, Kent School, IC 101, Analysis 101, Army, Navy, Air Force, etc.
Formal Law Enforcement/Counterintelligence training: i.e., FLETC, JCITA, etc.
Experience applying Kill Chain analysis, Cyber Intelligence Preparation of the Environment (CIPE) modeling, or Diamond modeling of cyber threat activity.
Certifications (any): CISSP, CEH, Security+, SANS certification(s), Network+, CCNA.
Advanced Data Visualization proficiency leveraging COTS/GOTS tools.
Any type of Cyber related Law Enforcement or Counterintelligence experience.
Existing Subject Matter Expert of Advanced Persistent Threat activity.
Experience using GOTS, COTS/Open Source tools: i.e., NOEISIS, Novetta Cyber Analytics, Mitre ChopShop and/or ARL DSHELL.
Analyst experience in Federal Cyber Center or Corporate CIRT.