Apply on Employer Site

Amentum · 4 weeks ago

Cyber Intelligence Analyst

Wahiawa, HI

Full-time

Onsite

Mid, Senior Level

$145K/yr - $185K/yr

4+ years exp

Amentum is a company that offers a great opportunity for a Cyber Intelligence Analyst to support the Cyber Group ONE Command. The role involves analyzing complex cyber threat data, producing actionable intelligence, and supporting cyber operations while collaborating with various stakeholders.

Mechanical EngineeringSecurityTechnical Support

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Evaluate target opportunities using all-source data to understand and map target networks, and to assist in developing detailed exploitation and operations plans

Analyze SIGINT and cybersecurity data at multiple levels up and down the OSI network stack and demonstrate a solid understanding of logical/physical IP core infrastructure, communication devices and how they connect to networks, and the traffic movements in a network

Develop new tradecraft needed to perform this analysis as technologies evolve

Work collaboratively with government, military, and other contractor personnel to develop shared understandings of intelligence needs, mission relevance, and areas of expertise

Apply innate curiosity and analytical talent to form hypotheses, critically assess and choose analysis techniques: query, merge, enrich, evaluate, and pivot within data to attain and share insights

Distill, document, contextualize and share findings--including any new tradecraft that is developed--with teammates, stakeholders, and intelligence consumers

Conduct in-depth analysis of cyber threat intelligence, including emerging malware, vulnerabilities, and attack vectors

Collect, evaluate, and fuse intelligence from diverse sources, including open-source intelligence (OSINT), signals intelligence (SIGINT), and Human intelligence (HUMINT). Identify correlations and patterns to enhance situational awareness and predictive analysis

Assess the potential impact of cyber threats on network infrastructure and operations. Collaborate with cyber defense teams to develop and implement mitigation strategies and countermeasures

Provide intelligence support during cyber incident response activities, including analysis of indicators of compromise (IOCs), attribution of cyber-attacks, and identification of adversary tactics, techniques, and procedures (TTPs)

Prepare and deliver clear and concise intelligence products, including reports, briefings, and presentations, for a diverse audience, including senior leadership, operational stakeholders, and technical teams

Foster collaboration and information sharing with internal and external stakeholders, including other intelligence agencies, law enforcement, industry partners, and allied nations, to enhance cyber threat awareness and response capabilities

Stay abreast of emerging cyber threats, technologies, and methodologies through continuous research and professional development

Use information collected from a variety of sources (e.g., intrusion detection systems, firewalls, network traffic logs, and host system logs) to identify potential vulnerabilities, respond to cyber events that occur, and defend against events that might occur

Help develop mitigations to strengthen network defenses and protect against attacks on network infrastructure devices or systems

Develop increasing expertise in networking protocols and architectures, cloud security, Internet of Things protocols (IOTs), and advanced network security

Qualification

SIGINT analysisNetwork defense principlesCyber threat intelligencePCAP processingWiresharkPython scriptingIntelligence CycleCybersecurity principlesTechnical certificationsAnalytical thinkingCommunication skillsCollaboration

Required

Demonstrative experience with SIGINT and Analytics and Modernization (AMOD)

Deep understanding of processing PCAP/packets efficiently and experience with cyber discovery and identification of indicators of compromise (IOCs)

Demonstrative experience with network protocol analyzer such as Wireshark, TCP Dump, etc

Experience with sustained Intrusion Set - ability to link indicator and target-related information

Familiarization with scripting such as python or object-oriented

Experience with correlating Network Traffic collection from SIGINT resources

Experience with tradecraft associated with Persona/Capability/Infrastructure development

Excellent written and verbal communication skills to business, management, and technical teams

Understanding of the Intelligence Cycle

Knowledge of and connections with the Industry Base supporting diverse technical efforts within the IC

Ability to apply advanced cybersecurity and communication technology principles, theories, and concepts contributing to the development of innovative Cyber Discovery principles and ideas

Experience working on unusually complicated problems and providing solutions that are highly creative and resourceful

Apply a deep understanding of adversary networks, network defenses, and cyber network operational capabilities to develop exploitation plans and make operational adjustments as plans are executed

A minimum of 4 years of experience working in direct support of cyber operations, conducting intelligence analysis, or performing network defense activities is preferred but not required

Graduate of JCAC (Joint Cyber Analysis Course) or equivalent military cyber training program is preferred but not required

Cyber Mission Force (CMF) Work Role Senior Certified (Host/Network Analyst, Exploitation Analyst, Interactive Operator) is preferred but not required

Bachelor's degree in computer science. Degrees in related fields (e.g., Engineering, Mathematics) may be considered relevant if programs contain a concentration of courses in the following foundational CS areas: algorithms, computer architecture Technology (IT) and Information Security (IS) degrees may be considered relevant if the programs contain the amount and type of coursework equivalent to a Computer Science (CS) major. 18 semester hours of military training/coursework in networking, computer science, or cyber topics is equivalent to an associate's degree

STEM degree in Network Engineering, Systems Engineering, Information Technology, or related fields is preferred but not required. Extended military cyber training courses may be counted toward degree requirements

Relevant experience must be in computer or information systems design/development, programming, information/cyber/network security, vulnerability analysis, penetration testing, computer forensics, information assurance, and/or systems engineering

Completion of military training in a relevant area such as JCAC (Joint Cyber Analysis Course) may be considered toward relevant experience requirements (24-week JCAC counts as 6 months of experience). 10+ years of experience in intelligence analysis with a focus on cyber threats and operations is preferred but not required. Relevant experience must be in computer or information systems design/development/analysis roles

Must have an active TS/SCI with CI Polygraph clearance. Note: U.S. Citizenship is required to obtain a Top-Secret Clearance