Cyber Threat Analyst

Posted:
8/28/2024, 6:37:07 AM

Location(s):
San Antonio, Texas, United States ⋅ Texas, United States

Experience Level(s):
Junior ⋅ Mid Level ⋅ Senior

Field(s):
IT & Security

Cyber Threat Analyst

Job Category: Engineering

Time Type: Full time

Minimum Clearance Required to Start: TS/SCI

Employee Type: Regular

Percentage of Travel Required: Up to 25%

Type of Travel: Outside Continental US

* * *


The Opportunity:


The 35th Intelligence Squadron is looking for three (3) motivated individuals to analyze multi-source intelligence in response to mission requirements addressing USAF cyber operational needs. These individuals shall perform research, produce, and brief information in support of crisis or deliberate planning, ongoing operations and situational awareness. They will analyze information to identify cyber threats that could adversely impact USAF and Department of Defense (DoD) networks. Analysis shall include indications and warnings of pending malicious activity or details with analysis of previous activity to mitigate future threats. These individuals shall support the Air Force through threat analysis of foreign cyber capabilities and activities directed against USAF computer systems. They will employ extensive use of research techniques to develop and deliver technical and Intelligence reports adhering to intelligence community directives and analytic standards.

Responsibilities:

  • Produce intelligence derived entity-based cyber threat profiles, using 35 IS provided reporting formats.

  • Employ a variety of open-source and classified intelligence research methods, including, but not limited to, web surfing techniques, Open Source Center (OSC), and various intelligence reporting repositories as data sources.

  • Fuse intelligence with AF and DoD provided network data (connections and packet capture) to identify potential threats to AF systems.

  • Perform network and host-based threat hunting for suspicious activity based on anomalous activity and indicators of compromise from various intelligence sources and toolsets, identify intrusions and vulnerabilities and recommend mitigation strategies and techniques to secure networks.

  • Identify, analyze and develop analytics to detect advanced persistent threats and intrusions of AF networks, domains and enclaves.

  • Correlate suspicious events with network events, if possible, and data stored within databases and other external DoD resources, including but not limited to Big Data Platform (BDP).

  • Utilize the MITRE ATT&CK matrix or other threat frameworks along with cybersecurity principles (including, but not limited to network security devices and their functions, host and network based logging, and current intrusion methodologies) to build analytics based on current Cyber Threat Intelligence Cell requirements.

  • Interface with requesting organizations/individuals and translate requirements to products delivered within time constraints given.

  • Mentor junior intelligence analysts and relay technical guidance/expertise.

  • Ensure appropriate documentation is developed in conjunction with all processes/procedures.

  • Troubleshoot issues with existing processes/procedures, and research/implement solutions.

  • Use your experience to guide decisions and requirements.


Qualifications:

Required: 

  • Active TS/SCI security clearance.

  • DOD Directive 8570 IAT I or II certification (Security+ or equivalent).

  • 5+ years of non-internship professional intelligence analysis experience.

  • 3+ years of experience with cybersecurity principles.

  • Intermediate knowledge with one or more of the IDS/IPS systems currently in use by the Department of Defense (DoD), Services, and Agencies (i.e., AF, Navy, Army, DC3, DISA) or Federal Government.

  • Experience with standard DoD network topology and DMZ boundary protection.

  • SIEM knowledge/utilization (Splunk, ELK, ArcSight).

  • Intermediate experience in the following areas: IP addressing and domain name service; network components; Transmission Control Protocol (TCP)/User Datagram Protocol (UDP), File Transfer Protocol (FTP), Simple Mail Transfer Protocol (SMTP), and Hypertext Transfer Protocol (HTTP).

  • Extensive knowledge and experience with network packet capture and analysis software such as WireShark.

  • In-depth knowledge of cyber threat entities, programs, and capabilities.

  • Familiarity with network defense concepts and operations.

  • Ability to communicate complex problems, and corresponding solutions with non-technical leadership and customers.


Desired:

  • Experience with Confluence/Jira page and ticket development and organization.

-

_____________________________________________________________________________

What You Can Expect:

 

A culture of integrity.

At CACI, we place character and innovation at the center of everything we do. As a valued team member, you’ll be part of a high-performing group dedicated to our customer’s missions and driven by a higher purpose – to ensure the safety of our nation.

 

An environment of trust.

CACI takes pride in fostering a diverse and accessible culture where every individual feels supported to chart their own path. You’ll have the autonomy to take the time you need through a unique flexible time off benefit and have access to robust learning resources to make your ambitions a reality.

 

A focus on continuous growth.

Together, we will advance our nation's most critical missions, build on our lengthy track record of business success, and find opportunities to break new ground — in your career and in our legacy.

 

Your potential is limitless. So is ours.

Learn more about CACI here.

_____________________________________________________________________________

Pay Range: There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits. Learn more here.

Since this position can be worked in more than one location, the range shown is the national average for the position.

The proposed salary range for this position is:

$89,500-$188,000

CACI is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, age, national origin, disability, status as a protected veteran, or any other protected characteristic.