This job has closed.

TechGuard Security · 3 months ago

CI Cyber Threat Analyst IV

3200 South 2nd Street, St. Louis, MO, USA

Full-time

Onsite

Senior Level, Lead/Staff

11+ years exp

TechGuard Security is focused on providing comprehensive security solutions, and they are seeking a Senior Contractor CI Cyber Threat Analyst. The role involves producing technical cyber threat reports, providing analysis and insights to inform security decisions, and ensuring compliance with established procedures and timelines.

EnterpriseInfrastructureSecurity

Comp. & Benefits

No H1B

U.S. Citizen Only

Responsibilities

Produce weekly actionable Technical CI (Cyber) status reports in collaboration with teammates, NGA partners and intelligence community peers, as necessary. Provide relevant input for the CI Cyber Branch to create 36 weekly cyber status reports, each report due NLT 0800 each Monday morning. Status reports will include (as applicable):

Threat data collected and reported by NGA Technical CI team and network security personnel

Intelligence reported by the Intelligence Community

Fusion of all source threat analysis derived from multiple intelligence sources (INTs)

Imagery when available

Information that can be used to inform security decisions

Produce monthly Technical CI threat reports in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. Provide a monthly threat report for the months not falling on the quarterly report month or the annual report month. Provide relevant input for the CI Cyber Branch to create 8 monthly reports, each report due NLT 5th day of each applicable month. Threat reports should include:

Compilation of data collected and reported in weekly products

Intelligence reported by the Intelligence Community

Fused All Source threat analysis derived from multiple INTs

Imagery when available

Depiction of Technical CI threat(s) to NGA to inform security decision makers

Produce quarterly Technical CI threat reports in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. Provide relevant input for the CI Cyber Branch to create three quarterly reports, each report due NLT 5th day of January, April, and July. Threat reports should include:

Compilation of data collected and reported in weekly and monthly products

Intelligence reported by the Intelligence Community

Fused All Source threat analysis derived from multiple INTs

Include imagery when available

Depiction of Technical CI threat(s) to NGA to inform security decisions

Produce relevant input to the CI Cyber Branch annual Cyber Threat Assessment in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. The annual Cyber Threat Assessment is due NLT 1 1 December. Threat studies should include:

Compilation of data collected and reported in Intelligence Information Reports (IIRs) and quarterly products

Raw and finished Intelligence reported by Intelligence Community

Fused All Source threat analysis derived from multiple INTs

Include imagery when available

Analytic judgments, intelligence gaps, and overall technical threat(s) to NGA

Produce IIRs from data collected and reported by either the Technical CI team, NGA cyber security personnel, or partner agencies. Provide a minimum of 9 IIRs within Fiscal year. Effective IIR writing requires:

Coordination with teammates and stakeholders to ensure accuracy of reported information

Cross referencing local information reporting with Intelligence Community reporting

Clear and concise writing to briefly convey threat

Responsiveness to Intelligence Community priority collections requirements

Timeliness

Perform inquiries of anomalous activity using automated investigative tools (For example: M3, Palantir, TAC, ARCSIGHT, RSA Security Analytics, CCD, QLIX, TIDE, or Criss Cross)

Provide Technical CI advise and expertise in support of CI inquiries, operations and issues

Develop leads by detecting anomalous activity, conducting open source and classified research, and liaison with internal and external partners

Conduct research, evaluate collection, and perform analysis on Technical CI intelligence topics of interest to leadership, analysts and customers

Demonstrate an ability to draw high-quality, appropriate and objective conclusions from information in a timely manner

Research, analyze, and synthesize All-Source data to identify patterns, commonalities, and linkages

Demonstrate current subject matter expertise on Technical CI issues, threats and trends. (For example: Cyber threats and Technical Surveillance threats)

Demonstrate and master the ability to self-edit and produce clearly written, properly sourced and grammatically correct intelligence products that adhere to established style guide and template standards

Demonstrate proficiency in use of bottom-line-up-front (BLUF) writing

Display an ability to collaborate with internal NGA and external IC/Cyber community members

Coordinate CI Cyber activities originating from Enterprise Incident Response Events

Conduct liaison between CI Office, Insider Threat, Cyber Security Operations Center (CSOC), other NGA Offices, and IC/DoD partners as applicable to conducting the CI Cyber Mission

Perform threat analysis, threat forecasts, threat alerts, and recommend countermeasures

Qualification

Threat AnalysisTechnical Threat AnalysisCyber InvestigationsInformation Assurance CertificationAll-Source Data AnalysisResearch SkillsClear WritingCoaching SkillsCollaboration

Required

Shall possess a minimum of 11 years Threat Analysis experience, of which at least 5 of those years include Technical Threat Analysis experience or cyber investigations

Possess or obtain certification to comply with DoD 8570.01-M Information Assurance (IA) requirements within one calendar year of assignment at the sole expense of the vendor

Shall possess or obtain and maintain IA II certification. See DoD 8570.01-M for acceptable certifications for each IA level